urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai...
Submission: On November 03 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 140 IPs in 19 countries across 137 domains to perform 652 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
32 151.101.65.44 54113 (FASTLY)
1 2 192.96.203.13 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
13 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a04:4e42::649 54113 (FASTLY)
4 2001:4860:480... 15169 (GOOGLE)
1 6 2a02:2638:3::c 44788 (ASN-CRITE...)
3 2600:1f18:24e... 14618 (AMAZON-AES)
7 23.97.225.52 8075 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
4 7 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 34.241.26.2 16509 (AMAZON-02)
4 25 172.64.151.101 13335 (CLOUDFLAR...)
3 6 145.40.97.67 54825 (PACKET)
1 4 35.227.252.103 15169 (GOOGLE)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 3.126.189.136 16509 (AMAZON-02)
1 184.30.21.51 16625 (AKAMAI-AS)
10 104.22.68.131 13335 (CLOUDFLAR...)
4 51.89.9.252 16276 (OVH)
18 63.34.177.0 16509 (AMAZON-02)
1 3.66.134.167 16509 (AMAZON-02)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
8 12 185.89.210.90 29990 (ASN-APPNEX)
1 34.120.63.153 396982 (GOOGLE-CL...)
16 185.106.33.48 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 184.30.17.67 16625 (AKAMAI-AS)
27 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 172.104.206.52 63949 (AKAMAI-LI...)
1 3 162.210.196.208 30633 (LEASEWEB-...)
1 64.202.112.255 23352 (SERVERCEN...)
1 213.227.153.223 60781 (LEASEWEB-...)
3 3 23.37.63.179 16625 (AKAMAI-AS)
8 95.101.149.233 16625 (AKAMAI-AS)
13 3.33.220.150 16509 (AMAZON-02)
63 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 85.91.45.70 27381 (CASALE-MEDIA)
22 217.79.188.59 24961 (MYLOC-AS ...)
4 217.79.188.46 24961 (MYLOC-AS ...)
6 2a00:1450:400... 15169 (GOOGLE)
21 49 142.250.185.130 15169 (GOOGLE)
1 1 193.135.9.126 48314 (IP-PROJECTS)
1 1 89.163.142.91 24961 (MYLOC-AS ...)
5 10 35.244.159.8 15169 (GOOGLE)
15 22 69.173.144.165 26667 (RUBICONPR...)
1 18.66.97.112 16509 (AMAZON-02)
1 46.4.10.49 24940 (HETZNER-AS)
4 217.79.188.21 24961 (MYLOC-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
6 6 44.215.36.255 14618 (AMAZON-AES)
2 2 13.32.27.83 16509 (AMAZON-02)
4 4 193.0.160.131 54312 (ROCKETFUEL)
2 3 35.244.174.68 15169 (GOOGLE)
3 5 52.46.151.131 16509 (AMAZON-02)
14 14 3.126.125.13 16509 (AMAZON-02)
1 1 18.158.152.62 16509 (AMAZON-02)
6 8 37.157.6.233 198622 (ADFORM)
2 6 2a05:d018:d29... 16509 (AMAZON-02)
3 172.64.149.180 13335 (CLOUDFLAR...)
1 5 138.201.63.116 24940 (HETZNER-AS)
1 51.77.64.70 16276 (OVH)
2 5 52.95.118.179 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
7 7 52.210.8.58 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
6 6 3.71.149.231 16509 (AMAZON-02)
1 88.221.110.96 20940 (AKAMAI-ASN1)
1 172.64.146.152 13335 (CLOUDFLAR...)
3 35.157.200.246 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
2 2 52.21.198.14 14618 (AMAZON-AES)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
3 4 35.204.158.49 396982 (GOOGLE-CL...)
4 4 50.31.142.159 23352 (SERVERCEN...)
1 1 52.50.105.105 16509 (AMAZON-02)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 2 23.210.125.176 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 51.195.61.120 16276 (OVH)
1 2 23.32.185.35 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2a04:4e42:600... 54113 (FASTLY)
1 88.99.69.161 24940 (HETZNER-AS)
3 4 46.228.164.11 56396 (AMOBEE)
3 6 198.47.127.19 62713 (AS-PUBMATIC)
3 3 54.158.12.183 14618 (AMAZON-AES)
3 4 76.223.111.18 16509 (AMAZON-02)
1 13.230.249.13 16509 (AMAZON-02)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
1 2a04:4e42:600... 54113 (FASTLY)
3 85.195.93.95 29066 (VELIANET-...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
21 46.105.200.240 16276 (OVH)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2400:52e0:1e0... 200325 (BUNNYCDN)
1 37.157.2.247 198622 (ADFORM)
1 2 178.250.1.9 44788 (ASN-CRITE...)
2 5 63.251.14.14 32475 (SINGLEHOP...)
2 2 54.77.197.204 16509 (AMAZON-02)
1 2 184.30.24.22 16625 (AKAMAI-AS)
2 130.211.44.5 15169 (GOOGLE)
1 184.30.20.22 16625 (AKAMAI-AS)
1 13.32.27.7 16509 (AMAZON-02)
1 23.32.184.180 16625 (AKAMAI-AS)
2 2 46.228.164.13 56396 (AMOBEE)
2 4 69.192.160.219 16625 (AKAMAI-AS)
2 3 2.16.241.18 20940 (AKAMAI-ASN1)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 154.59.122.79 174 (COGENT-174)
1 44.196.2.18 14618 (AMAZON-AES)
2 52.213.196.228 16509 (AMAZON-02)
3 5 185.86.139.94 201081 (SMARTADSE...)
3 23.32.184.192 16625 (AKAMAI-AS)
6 2600:9000:205... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
4 54.83.246.219 14618 (AMAZON-AES)
1 2 216.52.2.30 32475 (SINGLEHOP...)
7 7 46.228.174.117 56396 (AMOBEE)
1 1 69.166.1.67 27630 (AS-XFERNET)
2 2 3.211.39.212 14618 (AMAZON-AES)
1 1 23.212.88.20 16625 (AKAMAI-AS)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 64.227.64.62 14061 (DIGITALOC...)
1 2 35.186.193.173 15169 (GOOGLE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
1 80.77.87.161 46636 (NATCOWEB)
13 34.247.233.198 16509 (AMAZON-02)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 1 124.146.153.162 2514 (INFOSPHER...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 8.43.72.97 26667 (RUBICONPR...)
5 5 198.47.127.18 62713 (AS-PUBMATIC)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
2 15 198.47.127.205 62713 (AS-PUBMATIC)
1 185.29.132.245 30419 (MEDIAMATH...)
1 10 185.64.191.210 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
3 3 18.196.68.59 16509 (AMAZON-02)
1 1 35.214.247.30 15169 (GOOGLE)
1 2 151.101.2.49 54113 (FASTLY)
1 1 82.145.213.8 39832 (NO-OPERA)
1 72.251.241.206 32475 (SINGLEHOP...)
2 2 213.155.156.166 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
3 4 34.241.138.233 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.5.225.174 14618 (AMAZON-AES)
2 2 37.157.6.254 198622 (ADFORM)
4 185.64.190.81 62713 (AS-PUBMATIC)
2 2 98.98.134.243 21859 (ZEN-ECN)
3 4 162.55.233.29 24940 (HETZNER-AS)
4 4 96.46.183.20 7979 (SERVERS-COM)
1 54.72.49.103 16509 (AMAZON-02)
1 1 8.2.108.175 46636 (NATCOWEB)
2 2 2a02:2638:3::6 44788 (ASN-CRITE...)
1 35.205.65.172 396982 (GOOGLE-CL...)
2 2404:6800:401... 15169 (GOOGLE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 141.95.171.139 16276 (OVH)
4 4 141.94.171.213 16276 (OVH)
2 23.88.86.2 24940 (HETZNER-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.51.121 42697 (NETIC-AS)
2 2 15.235.15.221 16276 (OVH)
652 140
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
8    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
32    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
2    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
13    2400:52e0:1e00::1078:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.unibotscdn.com
2    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
3    2600:1f18:24e6:b902:883a:48dc:4b0f:3957 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
7    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
5    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
69be34fe654769228626d28f7f45bd7e.safeframe.googlesyndication.com
7    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    34.241.26.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-26-2.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
25    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
6    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    3.126.189.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-189-136.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
10    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
4    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
18    63.34.177.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    3.66.134.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-134-167.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
12    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com
widgets.outbrain.com
27    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:223c:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    172.104.206.52 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-206-52.ip.linodeusercontent.com
socket.unibots.in
3    162.210.196.208 (Annandale, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
stas.outbrain.com
1    213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1t-eudc1.zemanta.com
3    23.37.63.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-179.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
13    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
63    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
pubads.g.doubleclick.net
10    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
12    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
1    85.91.45.70 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5156.casalemedia.com
22    217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
4    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
6    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
49    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    193.135.9.126 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    89.163.142.91 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm40.as.net
cm.adsafety.net
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
adpushup-d.openx.net
eu-u.openx.net
u.openx.net
22    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    18.66.97.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-112.fra56.r.cloudfront.net
cdn.socket.io
1    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
hal9000.redintelligence.net
4    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
6    44.215.36.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-36-255.compute-1.amazonaws.com
i.liadm.com
2    13.32.27.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net
live.rezync.com
4    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
5    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
14    3.126.125.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-125-13.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    18.158.152.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-152-62.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
8    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    2a05:d018:d29:3601:1dfc:1fae:3d75:f146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
5    138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal90004.redintelligence.net
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
5    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
7    52.210.8.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-8-58.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2600:9000:2251:cc00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
6    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    88.221.110.96 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-110-96.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
3    35.157.200.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-200-246.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    52.21.198.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-198-14.compute-1.amazonaws.com
sync.ipredictive.com
2    2a02:26f0:7100::213:c699 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
4    50.31.142.159 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    52.50.105.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-105-105.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    23.210.125.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-125-176.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:bae0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.ch
2    51.195.61.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3184552.ip-51-195-61.eu
mediaintelligence.de
2    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1f18:612b:4280:43c0:214f:6eb7:4a47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
1    88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de
cdn.contentspread.net
4    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
6    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    54.158.12.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-12-183.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    13.230.249.13 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-249-13.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
3    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
3    85.195.93.95 (Frankfurt am Main, Germany)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
a.gsitrix.com
2    2a02:26f0:480:9::210:ee0e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
21    46.105.200.240 (France)

ASN16276 (OVH, FR)
data.mediaintelligence.de
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    2400:52e0:1e00::865:1 (Germany)

ASN200325 (BUNNYCDN, SI)
unibots.b-cdn.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
13    2400:52e0:1e00::722:1 (Germany)

ASN200325 (BUNNYCDN, SI)
stream.unibotscdn.com
1    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    63.251.14.14 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: 14.14.251.63.unassigned.ord.singlehop.net
ap.lijit.com
2    54.77.197.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-197-204.eu-west-1.compute.amazonaws.com
match.360yield.com
2    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
2    130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net
public.servenobid.com
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
4    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
3    2.16.241.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-18.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
4    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
1    154.59.122.79 (Secaucus, United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    44.196.2.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-2-18.compute-1.amazonaws.com
rtb.adentifi.com
2    52.213.196.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-196-228.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
5    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2600:9000:2057:7a00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
4    54.83.246.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-246-219.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.30 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    3.211.39.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-39-212.compute-1.amazonaws.com
ssp.disqus.com
1    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hbx.media.net
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
1    2a05:d018:cc3:fe05:bd10:7de8:ea54:baf7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
13    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    124.146.153.162 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
5    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
15    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
10    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    85.114.159.118 (Mössingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    18.196.68.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-68-59.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    35.214.247.30 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 30.247.214.35.bc.googleusercontent.com
csync.loopme.me
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
4    34.241.138.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-138-233.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.5.225.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-225-174.compute-1.amazonaws.com
a.audrte.com
2    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
cm.adform.net
4    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
4    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    54.72.49.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-49-103.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
1    35.205.65.172 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.65.205.35.bc.googleusercontent.com
cookiesync.api.bliink.io
2    2404:6800:4016:802::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    141.95.171.139 (Paris, France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
4    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel-eu.onaudience.com
2    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
89 googlesyndication.com
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
69be34fe654769228626d28f7f45bd7e.safeframe.googlesyndication.com
718 KB
73 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
474 KB
50 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
788 KB
43 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 823
ads.pubmatic.com — Cisco Umbrella Rank: 534
image8.pubmatic.com — Cisco Umbrella Rank: 662
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
48 KB
36 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
84 KB
31 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 17389
ad4.adfarm1.adition.com — Cisco Umbrella Rank: 51140
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 48092
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
164 KB
26 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
a5156.casalemedia.com — Cisco Umbrella Rank: 482828
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
60 KB
26 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 26964
stream.unibotscdn.com — Cisco Umbrella Rank: 34934
4 MB
23 mediaintelligence.de
mediaintelligence.de — Cisco Umbrella Rank: 366424
data.mediaintelligence.de — Cisco Umbrella Rank: 588661
124 KB
19 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
10 KB
15 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
15 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
20 KB
14 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 522
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
3 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
2 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 609
41 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
5 KB
12 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12394
as.ad4m.at — Cisco Umbrella Rank: 33424
assets.ad4m.at — Cisco Umbrella Rank: 45800
221 KB
12 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
300 KB
11 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
s1.adform.net — Cisco Umbrella Rank: 9253
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net — Cisco Umbrella Rank: 1267
19 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 2926
ssp-sync.criteo.com — Cisco Umbrella Rank: 1269
10 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
7 KB
10 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
17 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
3 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
12 KB
6 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
3 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
6 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
4 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
r.turn.com — Cisco Umbrella Rank: 4121
d.turn.com — Cisco Umbrella Rank: 1384
3 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
4 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal90004.redintelligence.net — Cisco Umbrella Rank: 285160
10 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
802 B
5 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
2 KB
5 zemanta.com
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 22764
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
297 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
cs.media.net — Cisco Umbrella Rank: 1513
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
c21lg-d.media.net — Cisco Umbrella Rank: 2513
12 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
3 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1851
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
2 KB
4 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
1 KB
4 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1652
2 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 496
tps.doubleverify.com — Cisco Umbrella Rank: 515
tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 11101
104 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
4 KB
4 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1799
stas.outbrain.com — Cisco Umbrella Rank: 3551
14 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
369 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
29 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
339 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
361 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
2 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
2 KB
3 gsitrix.com
a.gsitrix.com — Cisco Umbrella Rank: 261430
59 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5085
956 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
103 B
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
871 B
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
sync.teads.tv — Cisco Umbrella Rank: 1403
1010 B
3 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
757 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
673 B
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
2 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
824 B
2 gstatic.com
csi.gstatic.com
288 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
498 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
765 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
677 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
701 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 4186
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
755 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
1 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
868 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2249
900 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
1 KB
2 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1549
125 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
958 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
1 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
911 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
1 bliink.io
cookiesync.api.bliink.io — Cisco Umbrella Rank: 10511
174 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3060
496 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
276 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
552 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
225 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
442 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
829 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
176 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
921 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1356
181 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
424 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
625 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
465 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
35 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
653 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 37738
1 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7108
44 B
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 88526
24 KB
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5091
145 KB
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1279
175 B
1 conrad.ch
www.conrad.ch
493 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
452 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
597 B
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
502 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
649 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6032
278 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6560
344 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
550 B
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 40153
13 KB
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 22807
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 31114
823 B
1 unibots.in
socket.unibots.in — Cisco Umbrella Rank: 60152
4 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
635 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
18 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 avct.cloud Failed
ads.avct.cloud Failed
652 137
Domain Requested by
57 pagead2.googlesyndication.com ads.aralego.com
cdn.adpushup.com
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
imasdk.googleapis.com
www.googletagservices.com
49 cm.g.doubleclick.net 21 redirects googleads.g.doubleclick.net
www.bg3.co
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
adpushup-d.openx.net
ssbsync.smartadserver.com
g2.gumgum.com
27 tpc.googlesyndication.com www.bg3.co
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
22 imagesrv.adition.com bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
www.bg3.co
imagesrv.adition.com
googleads.g.doubleclick.net
21 data.mediaintelligence.de mediaintelligence.de
data.mediaintelligence.de
18 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
16 il-trc-events.taboola.com www.bg3.co
15 simage2.pubmatic.com 2 redirects cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 x.bidswitch.net 14 redirects
14 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
14 images.taboola.com www.bg3.co
13 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
13 stream.unibotscdn.com vjs.zencdn.net
13 pixel.rubiconproject.com 9 redirects www.bg3.co
13 match.adsrvr.org www.bg3.co
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
cdn.adpushup.com
adpushup-d.openx.net
g2.gumgum.com
ads.pubmatic.com
csync.smilewanted.com
public.servenobid.com
13 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
10 image2.pubmatic.com 1 redirects ads.pubmatic.com
10 googleads.g.doubleclick.net cdn.adpushup.com
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 token.rubiconproject.com 6 redirects eus.rubiconproject.com
8 c1.adform.net 6 redirects ads.pubmatic.com
8 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
8 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
cdn.aralego.net
7 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
7 match.prod.bidr.io 7 redirects
7 us-u.openx.net 4 redirects googleads.g.doubleclick.net
adpushup-d.openx.net
7 ib.adnxs.com 3 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
7 e3.adpushup.com www.bg3.co
6 pubads.g.doubleclick.net imasdk.googleapis.com
6 sync.1rx.io 6 redirects
6 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
6 image6.pubmatic.com 3 redirects ads.pubmatic.com
6 assets.ad4m.at as.ad4m.at
6 ups.analytics.yahoo.com 6 redirects
6 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 i.liadm.com 6 redirects
6 ssum-sec.casalemedia.com 1 redirects www.bg3.co
ssum-sec.casalemedia.com
js-sec.indexww.com
public.servenobid.com
6 www.google.com bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
6 prebid.a-mo.net 3 redirects cdn.adpushup.com
www.bg3.co
5 image8.pubmatic.com 5 redirects
5 ap.lijit.com 2 redirects public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
5 cms.quantserve.com 4 redirects googleads.g.doubleclick.net
5 secure.adnxs.com 5 redirects
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
ads.pubmatic.com
5 hal90004.redintelligence.net 1 redirects bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
hal90004.redintelligence.net
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
www.bg3.co
5 www.googletagservices.com www.bg3.co
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 uipglob.semasio.net 2 redirects public.servenobid.com
ads.pubmatic.com
4 pixel-eu.onaudience.com 4 redirects
4 ads.betweendigital.com 4 redirects
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 cs-server-s2s.yellowblue.io public.servenobid.com
ads.pubmatic.com
4 x.dlx.addthis.com 2 redirects ssum-sec.casalemedia.com
4 eb2.3lift.com 3 redirects cdn.adpushup.com
4 b1sync.zemanta.com 4 redirects
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 p.rfihub.com 4 redirects
4 ad2.adfarm1.adition.com ad4.adfarm1.adition.com
ad2.adfarm1.adition.com
4 ad4.adfarm1.adition.com bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
ad4.adfarm1.adition.com
googleads.g.doubleclick.net
4 ad4m.at cdn.adpushup.com
ad4m.at
4 onetag-sys.com cdn.adpushup.com
public.servenobid.com
csync.smilewanted.com
4 rtb.openx.net 1 redirects cdn.adpushup.com
4 bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
cdn.unibotscdn.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 simage4.pubmatic.com ads.pubmatic.com
3 rtb.mfadsrvr.com 3 redirects
3 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 a.gsitrix.com mediaintelligence.de
a.gsitrix.com
3 an.yandex.ru 2 redirects www.bg3.co
3 sync.srv.stackadapt.com 3 redirects
3 ad.turn.com 3 redirects
3 match.sharethrough.com www.bg3.co
public.servenobid.com
cs-server-s2s.yellowblue.io
3 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
3 secure-assets.rubiconproject.com 3 redirects
3 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
3 widgets.outbrain.com www.bg3.co
widgets.outbrain.com
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
3 htlb.casalemedia.com cdn.adpushup.com
3 http-intake.logs.datadoghq.com cdn.adpushup.com
3 trc.taboola.com cdn.taboola.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 pixel.onaudience.com 2 redirects
2 mwzeom.zeotap.com public.servenobid.com
ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 green.erne.co 2 redirects
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 ssp-sync.criteo.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ads.playground.xyz 2 redirects
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 ssp.disqus.com 2 redirects
2 ce.lijit.com 1 redirects public.servenobid.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 casale-match.dotomi.com 2 redirects
2 d.turn.com 2 redirects
2 match.360yield.com 2 redirects
2 dis.criteo.com 1 redirects googleads.g.doubleclick.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 cdn.doubleverify.com mediaintelligence.de
www.bg3.co
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 mediaintelligence.de as.ad4m.at
mediaintelligence.de
2 www.awin1.com 1 redirects as.ad4m.at
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 as.ad4m.at ad4m.at
as.ad4m.at
2 code.createjs.com imagesrv.adition.com
2 sync.ipredictive.com 2 redirects
2 pixel.tapad.com 1 redirects www.bg3.co
2 js-sec.indexww.com ssum-sec.casalemedia.com
cdn.adpushup.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 live.rezync.com 2 redirects
2 fonts.googleapis.com bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
cdn.taboola.com
2 prebid.smilewanted.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
1 tpsc-ew1.doubleverify.com cdn.doubleverify.com
1 cookiesync.api.bliink.io csync.smilewanted.com
1 cm.adform.net 1 redirects
1 us.ck-ie.com 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com ads.pubmatic.com
1 visitor.omnitagjs.com 1 redirects
1 u.openx.net 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 cs.admanmedia.com ssbsync.smartadserver.com
1 id5-sync.com ssbsync.smartadserver.com
1 d.adroll.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 s.company-target.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 c21lg-d.media.net contextual.media.net
1 hbx.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 eu-u.openx.net adpushup-d.openx.net
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 mug.criteo.com
1 tps.doubleverify.com cdn.doubleverify.com
1 cs.media.net 1 redirects
1 s1.adform.net data.mediaintelligence.de
1 s0.2mdn.net imasdk.googleapis.com
1 unibots.b-cdn.net cdn.unibotscdn.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 cc.adingo.jp bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
1 r.turn.com www.bg3.co
1 cdn.contentspread.net hal90004.redintelligence.net
1 vjs.zencdn.net cdn.unibotscdn.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 www.conrad.ch as.ad4m.at
1 trace.mediago.io 1 redirects
1 ads.yieldmo.com 1 redirects
1 capi.connatix.com www.bg3.co
1 hb.yahoo.net www.bg3.co
1 live.primis.tech www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 pro.ip-api.com cdn.unibotscdn.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 hal9000.redintelligence.net bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
1 69be34fe654769228626d28f7f45bd7e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.socket.io cdn.unibotscdn.com
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 a5156.casalemedia.com cdn.adpushup.com
1 pixel.quantserve.com www.bg3.co
1 b1t-eudc1.zemanta.com bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
1 stas.outbrain.com bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
1 socket.unibots.in cdn.unibotscdn.com
1 rules.quantcount.com secure.quantserve.com
1 prebid.media.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ads.avct.cloud Failed bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
0 static.bg3.co Failed www.bg3.co
652 221
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
cdn.unibotscdn.com
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
socket.unibots.in
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
cdn.socket.io
Amazon RSA 2048 M03		 2023-10-22 -
2024-11-17		 a year crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
mediaintelligence.de
Thawte TLS RSA CA G1		 2022-11-24 -
2023-12-25		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
contentspread.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2023-09-13 -
2024-10-12		 a year crt.sh
a.gsitrix.com
R3		 2023-09-18 -
2023-12-17		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
data.mediaintelligence.de
R3		 2023-09-15 -
2023-12-14		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.api.bliink.io
GoGetSSL RSA DV CA		 2023-05-22 -
2024-06-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 117 frames:

Primary Page: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Frame ID: 1F496F4145D2BFFEF654B4BC8D5E6D1A
Requests: 195 HTTP requests in this frame

Frame: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6DD889771932EBA3AE76CEB05A7C7FFD
Requests: 1 HTTP requests in this frame

Frame: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AC3A4357BDDD1B50AC4BD417A5870D93
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: 23692E3DA0AB76C5F5735960E563298F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E69CEB632A3955B9B91B8C26E47A00D7
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 6BD592FD40A4D8E1895C1CB1F92AD7CD
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 88AE48DD88917BC081CF9A9DB60FA845
Requests: 7 HTTP requests in this frame

Frame: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 57FC1356F8A2F9FE8DAC9478E28E2568
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWeKpRA0SHbGIH_2P4QpeyRPRLI-oj589xUOpLJL0XL3uYuLuOWDn28XTlRVivqWf9K9ACRYe6qYFixwL3tfHjptpdq8w
Frame ID: E9840424CCB3E3F89003D9269BDE4573
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 5457B9D05D9F388EFEE314F9A57772B7
Requests: 14 HTTP requests in this frame

Frame: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 212C72C63A7B4CE1E0C8C6D72B6FE6AE
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNU-wPa_Qn8cvbiyrBBrwZQdMoJQ_T9oQ0TVikFe7zggwcVb7TeIKPscIRYycOm1fkILBjg4GRXwD7QJeA2VphwW32Q3Zw
Frame ID: C0848B5DE22E5E392C2257112D5D1FB1
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNVlG3e-MtONDnvQkv5lBCkt3ZkUoOgrA_Emfx4STM67AAUs93sjXWs_c9OHwQOBAxucEG4k8h2_FV1BtJRIXaZ560Hl8A
Frame ID: 946264FBE63B9F71BEE652CDFAA1B3A0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: 0185CAD61A04B8A24693899C201824A6
Requests: 1 HTTP requests in this frame

Frame: https://69be34fe654769228626d28f7f45bd7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 79133AB0D90FDB06EABEBA630B412447
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Frame ID: B4AED925A2810A30F9A4B8CE7A1A56AC
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 38ED7E3E8CC80E8451ABC8F3F79CE95D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9FA6A68FAA91D14E8DEDEA3DBFCF54A6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Frame ID: C698DDE8B7ECAC9AA4493965688B0A00
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7A0460261FCAD12017C840302A9523C1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B8CCA020A2C77EDD15B2AFE286C4BA3A
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073440754764809%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17372562%2526c%253D59403%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 6823EED9E2EB9E27F222E5565BB35537
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C26F51AA893F9B0D2244A116317D1D12
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Frame ID: 4EF97012FFA78EF9EF6ED1FF62E814F1
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3419B9197B5C8FE61BC9ED1B1E6E0C0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6056269E3AFC07308A5032A6119C679E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNW4-Kq_9xlPexasR1cusKPyzA7nbTg3fTrOQAcsX6CaUJt7s4CWdgRtPCDxzuKOc6SOllbVBH0oBcq4JYlEzDUmS_GKxw
Frame ID: 92C327D688C92CEA9671264D80B0C460
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 999AA965D199AD6695CD2C4D4BBC87AF
Requests: 23 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=42819400009565104438466012497004&a=7b219b1e
Frame ID: 75C08B63AB62FA745F3813AD4E0C1550
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E38A7F2BD312A089F0F13F0109701979
Requests: 9 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1698982306
Frame ID: 2F02EC47816F17931CE190FE483E92C2
Requests: 5 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Frame ID: A87570B39E29109441F742B71B2D072B
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5BFAD21E6C91E78AD0AC66218299714B
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 2DA923700C3A7D4A496B4D357449E86F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32D3E25858B0CB7A8FE14CB1E94C3C0D
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: 1D1F42BC01E2CEEB9F562D745BA911AB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D7E20D3910527083C29A4A9542B91C82
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4866.js
Frame ID: ED19048CF5AF66FB589FF9734AFAACF0
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: D39EFB8A27D9BE23AA61ACC8D33A9B53
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 03E7F786164910AE7D7B2D3E0A92177C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4366160BB3EFACB451AE5F29F4FCFFE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F782A046EBBB335B419D70FABAC17138
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05D33245220A8F60F210320E509C51C3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4675537A6E9EA5FF985D9F01E7EED1EA
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 95FE7CECADFFD9A75F2EA0E477EF3634
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1698982305332
Frame ID: F52BAC56B2AAAD5E802E235928682644
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 0D998A46F0BE499F23A6287C7F21C83B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1918F96A7B509FC4DFA17B08971717A4
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 895EEF1952EF5855FD387866F7E3D14B
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 2B75C7D17B706D8F79A0C319231DE96E
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 7FB033277E28900318BDE8D124241B17
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0A890ACEEE5E2114923F119BF943EB6B
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E02FCC726C881672C99C236E2AA68FBC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 22F1E86E8CB1984EFD609264361BF845
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: D5132099EBDA9DEA819DFBF285BCAEDF
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: A8768DA1E2010F1FEAE485510FF3076B
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 21F7DDFF97EB30CFB8E067DD449F4D4B
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: E173ECAFFD7756AFFB0ECCC22742A695
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 3F9F0A17CCB96379108CD6C7D1AEF25D
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 8DFEEB6254F6A305979B718A06E86A5B
Requests: 23 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 32C34D2810658208C87799BA987B06B9
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 3AA6BC09B475C0D2F93EBEF38648EAF3
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 8B5492174855C0D2F12ABE0FF8BE8AF7
Requests: 5 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=3376543238220108584&gdpr=0&gdpr_consent=
Frame ID: E71A961867BACCD2F324261E73A2DE1F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85N2E2ZTRiYy00MzE0LTQxNmItYWMyZC1lZjg5ZmJjZjRhNWE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 9BE3C392FEC9BB13515CF6E5FC0F8D04
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 10D9BD8FB2D60563C80040844D6CFCFE
Requests: 6 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 915D2254A216EA02073435E8F1F7A4D8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZURppcCo8YAAADNoPvcAAAAA
Frame ID: 1AAF78D0FD7C1DDDAADB1C7DC80933DD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=mSVjJFhRnNs8jkO8TB8R&pi=gumgum&tc=1
Frame ID: D15F39CF386A779BC62E684429A4EA14
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2F1AE4D83354406C899F71A80A9515C1
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 2C03A8C6FEAC2850283047E162C66474
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 20A00D1D427C3BBC241C5FD9241699E4
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 08C219ACBF4750239D1CA04AE5B41B8B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: DF6F52EA617DD2F8C230B0C4DC3914BA
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=211703CA-977C-4652-B528-8CA341A71ECB&redir=true&gdpr=0&gdpr_consent=
Frame ID: 099B76628ECF562023982D5F72C10431
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NlQOnTZYW5gtVw_INFkXz2QDDZEtBQydYVaFVpYU
Frame ID: 852489C0F53DECBE6EED1E684693969E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8387421531271171339&gdpr=0&gdpr_consent=
Frame ID: 82612CF5BA81F4D46023B42FEDA1F186
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
Frame ID: D8D47293DE0A4DAD4CD8C2F9BAAFF413
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 296829AF68E6F4499BBEB95F44F36851
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
Frame ID: 31F0FD9B17B59AD429198F2B0AF29903
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 4A8841AA2F39389CFB021D45394342F4
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZURppAAAAS89AQBi
Frame ID: 4AC2B7B58A468EC7627A83AA35F80C08
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFHl07KiNMAABhuIJw3Pw&gdpr=0&gdpr_consent=
Frame ID: 554577789C1F54A5D43DF9A31D3E022A
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
Frame ID: BCD5C6DE25E8A25BA114CBE4421B6B5F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 0D80C5C7D767E7787DDC824D9BA094F5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 64C208E213F8B8B6B0CAA80189630D9C
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 69D34DCF8B5631586956AD5E77646843
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6072955426991292825
Frame ID: 084FBBB90263B6529E0AE3BB74789B66
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730638919969
Frame ID: C56DEBF01E467FFD472D678925EB28F8
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: FC684A209F6A5D52FFBEBFF994BD0A23
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: A2A7E9BD5B26549395CA073297BE100A
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=211703CA-977C-4652-B528-8CA341A71ECB
Frame ID: 5BAA686DCE79F34F29D2A199FCD49A38
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 13FA3BBBEDF83B11AD3DFCB2E188DC4C
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&us_ps=
Frame ID: 0CF7F17B390B42F94F3522FC90CA776B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6025499749
Frame ID: DF669BA1BE2E3C637CFF4D22A575D9CB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/df202a8c-68d3-5333-b97e-b57edc3adcdb
Frame ID: DFF97160084EBB0F76439333115A0B91
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
Frame ID: 2E6480C21F30D3F3FDCA5FC4CFECCD5F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3376543238220108584
Frame ID: 3DAA5C3DB5C9ED2CBF35FEB29FAEFDEC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-SKnMev1yuurZAPl9Laf_O6Px1JGrld0CIt5uUg
Frame ID: 29C3DEECC6CBF28D4B2074AC7B93C60D
Requests: 1 HTTP requests in this frame

Frame: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Frame ID: 19B09F58E87E70F2160F00A78427192C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/f760eaecca5c15e14c19884ac265e43?gdpr_consent=&gdpr=0
Frame ID: FE8FD7E20A6588ACC56C36D4876C6358
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=
Frame ID: CD1B12915EC49319A37A87D238A0092E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9F422F053AE0550B29D073D2859CD3DA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgXXWXSVbhUgWjQaT&gdpr=0&gdpr_consent=
Frame ID: D3B35C65DDFBF8D41775C69A5017C08D
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 1629E50B41779FA3D63D480D49308FF8
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: F3B621A83957EAD0D23A05C3B647AFFB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
Frame ID: F80C15C093A0B2D96092205EA15EC028
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2109489970
Frame ID: 480D70DCCA15936385F2D97A84EEF89E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=211703CA-977C-4652-B528-8CA341A71ECB
Frame ID: B820C36480D7CDE6560F367B48F11946
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=
Frame ID: 08AA1576308B0496CE9326B56C148972
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 34C4CDFC84D9CFED1872456E7F91E3E4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMMMTRbMaahURSSS&gdpr=0&gdpr_consent=
Frame ID: 1B66C0F9FD1DDC5E4192F9D68897C7E0
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 0B041F8AFEB2EA07164925FFD1A99C1A
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 5AB370F5871787735C98A6B0A0FC943A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
Frame ID: 7EA23E9EAEC7CDF803134F274D17E187
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5101831268
Frame ID: 84761FE0D6AFAB60F1BE98BB1EB89C4E
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=211703CA-977C-4652-B528-8CA341A71ECB
Frame ID: 31DCE000296B9F7E9644EDB423596563
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

深謀遠慮讓不當黨產過初審 網贊陳其邁:又其邁又可愛 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

652
Requests

76 %
HTTPS

25 %
IPv6

137
Domains

221
Subdomains

140
IPs

19
Countries

9151 kB
Transfer

18902 kB
Size

204
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 145
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 146
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
Request Chain 195
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZURpotJ3N8GOWqBdq-1wawAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESENE6FbI88sDcic8-h2vCPQM&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESENE6FbI88sDcic8-h2vCPQM&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=f7313c4f3bd5aade60f9aaf1668f13d2&uid=f7313c4f3bd5aade60f9aaf1668f13d2&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOsHWldA86LVYMhgIleS82U&google_cver=1
Request Chain 199
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM4NzQyMTUzMTI3MTE3MTMzOQ%3D%3D
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1
Request Chain 201
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJmNmRlNDQtODhiNi0yNTM5LWVlNmItMzU5ZDBlN2Q0ZDVi
Request Chain 222
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZURpotJ3N8GOWqBdq-1wawAA%263286&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZURpotJ3N8GOWqBdq-1wawAA%263286&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=aa6a0fa13ac54b24a2302d0946f5ff80 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=4a572172-9980-4e9a-87dd-fa94477b15ee%3A1698982306.9913738&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4a572172-9980-4e9a-87dd-fa94477b15ee%253A1698982306.9913738%26_%3D1698982306.9944382&cb=1698982306.9944718 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730638919969&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4a572172-9980-4e9a-87dd-fa94477b15ee%253A1698982306.9913738%26_%3D1698982306.9944382 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=4a572172-9980-4e9a-87dd-fa94477b15ee%3A1698982306.9913738&_=1698982306.9944382 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc0YTU3MjE3Mi05OTgwLTRlOWEtODdkZC1mYTk0NDc3YjE1ZWU6MTY5ODk4MjMwNi45OTEzNzM4EAAaDQij05GqBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIBvWVso5LxptL-rhd8p0tU&google_cver=1
Request Chain 223
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZURpotJ3N8GOWqBdq-1wawAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
Request Chain 224
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMiWkdMHso2ldCEll9QLKjQ&google_cver=1
Request Chain 226
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_cef4966e-f3e4-4da0-9b02-9e185be6d5ed&bsw_param=cb955613-9d69-4dd4-b968-162f8faff42d&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 227
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3376543238220108584&expiration=1700191906
Request Chain 231
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOI274NW-5-C2CF HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOI274NW-5-C2CF
Request Chain 237
  • https://hal90004.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=21c52f0e91&subid=&uid=6f3bbddf32c036c2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDvkQoWlEZcOrGejDjuwP9_a-sAeRwdCbaZvog5LcD_AuEAEguoTAM2D1BcgBCakCJ_iGPNvisT6oAwHIA5sEqgSZAk_Q9qf_YkxHHW7JUgTqt_e0KC6Gug7VeL7PRPobbEsH20hVm413kRM7928YTX60g65iuhx9Gav_3Y6snhXSKuOqqaXJgt0z5NSbxpvA5xjzq7aZIQBcIlEKeGviJOgoyHBXlAN0lX5B5-78bQ_QlVx8ZlVDCBRpuT3QGfKKx5IKI6CihEINmGNKYCi0VRY3TedgSfHIMGJb-HOxsOxTp94mvzAjjpAinroqLYA1JzXRROxdUD4w990mTAEAuyIYoji_wn6xhBzN27IFabsN-jmVcHCX3It97uB8negTr0ad4hOjxq6AibyDitMvlhUZX4dLeEnryqQ16uX685o3WLR6MvaBlXOkW1_dpTmDQbJfE0UsY6Mp10FtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCL3Dq6bypoIDFeihgwcdd7sPdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64_1ctCK5purfB7llltbtYCNh3bx7sQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Au6hy_8ZsD64PfbteSAWTt1IL0nF5e9xvrkTSjfn7lTq4R2Ar0nMe_YLXbYK1kgAV6YusyshNWebPoV3q1FNyp_mZvGytRkoRXxY_HvCea-i5gJm8PjxHQrbQ8D-JXMZ366oaNIpx0wTaFa5JXh-4-dshb2qrmW4hcZhUre5sQiaPYw-c%26cry%3D1%26dbm_d%3DAKAmf-AEK8ZZEBV3iZf9mtsvlUTwvwCpmOd2oP6HtL_B50YwcjwYa-zxX3xClby4Bd3p1fd1WOMsCXDPwjhK6Ipw6SKNQoPS_o1GozQ-fHvKKi0-kaJhT8zz3vLnG9HQtoa1h4PUShjx5MjtpsPzKovlXRBlnXBYUJXPpDZ9spHHFk28KsPmzdmwr7ilb9_UULLB34pp56HiAXkJdFH4OHiFqaEIHmXS2v8VQryyw8cEdAb5OJDT6XQI5KaAuZRO0AZlkPKeMl7tk0CawIsi4xr5BzrsCO9Gb9oXgXQHqp0vwdqvONyqZVOXeNEhYwOkSymrggE19LL_QpH-6zqV1TFt7WCAa-obL1uGnGYnDIgrZet5NhHKZa871GFKNMSonVY8m-YkZp5LJFyyThiR83FaLanoM2rBzuu2aXiqIUQanDlnaTChjP9JktEbTuECr1DKs3Qs-CuxWGEjhRzbMUE3jK5TfJ3wnnit9-rPQpCG-R21vlXLJi7m0vSHnre4djctOQ5ih7hcEyOjaKHPEY-7wCVMpwygH5sM0Bie2pIpF6dJMK7ZrX6cR8HMJJgM2NEiBVOEFuKi6WBCKKkLiSKDncFkuBMfVa6FpLzeCvYCWkQZC0gMBfRzRqjM0n2ti92rVqZQeF06nsPti0UTdlc4u19TK_va3cVoMnGpbflibxvH4MPfmhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=5191824914452&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90004.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=21c52f0e91&subid=&uid=6f3bbddf32c036c2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDvkQoWlEZcOrGejDjuwP9_a-sAeRwdCbaZvog5LcD_AuEAEguoTAM2D1BcgBCakCJ_iGPNvisT6oAwHIA5sEqgSZAk_Q9qf_YkxHHW7JUgTqt_e0KC6Gug7VeL7PRPobbEsH20hVm413kRM7928YTX60g65iuhx9Gav_3Y6snhXSKuOqqaXJgt0z5NSbxpvA5xjzq7aZIQBcIlEKeGviJOgoyHBXlAN0lX5B5-78bQ_QlVx8ZlVDCBRpuT3QGfKKx5IKI6CihEINmGNKYCi0VRY3TedgSfHIMGJb-HOxsOxTp94mvzAjjpAinroqLYA1JzXRROxdUD4w990mTAEAuyIYoji_wn6xhBzN27IFabsN-jmVcHCX3It97uB8negTr0ad4hOjxq6AibyDitMvlhUZX4dLeEnryqQ16uX685o3WLR6MvaBlXOkW1_dpTmDQbJfE0UsY6Mp10FtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCL3Dq6bypoIDFeihgwcdd7sPdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64_1ctCK5purfB7llltbtYCNh3bx7sQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Au6hy_8ZsD64PfbteSAWTt1IL0nF5e9xvrkTSjfn7lTq4R2Ar0nMe_YLXbYK1kgAV6YusyshNWebPoV3q1FNyp_mZvGytRkoRXxY_HvCea-i5gJm8PjxHQrbQ8D-JXMZ366oaNIpx0wTaFa5JXh-4-dshb2qrmW4hcZhUre5sQiaPYw-c%26cry%3D1%26dbm_d%3DAKAmf-AEK8ZZEBV3iZf9mtsvlUTwvwCpmOd2oP6HtL_B50YwcjwYa-zxX3xClby4Bd3p1fd1WOMsCXDPwjhK6Ipw6SKNQoPS_o1GozQ-fHvKKi0-kaJhT8zz3vLnG9HQtoa1h4PUShjx5MjtpsPzKovlXRBlnXBYUJXPpDZ9spHHFk28KsPmzdmwr7ilb9_UULLB34pp56HiAXkJdFH4OHiFqaEIHmXS2v8VQryyw8cEdAb5OJDT6XQI5KaAuZRO0AZlkPKeMl7tk0CawIsi4xr5BzrsCO9Gb9oXgXQHqp0vwdqvONyqZVOXeNEhYwOkSymrggE19LL_QpH-6zqV1TFt7WCAa-obL1uGnGYnDIgrZet5NhHKZa871GFKNMSonVY8m-YkZp5LJFyyThiR83FaLanoM2rBzuu2aXiqIUQanDlnaTChjP9JktEbTuECr1DKs3Qs-CuxWGEjhRzbMUE3jK5TfJ3wnnit9-rPQpCG-R21vlXLJi7m0vSHnre4djctOQ5ih7hcEyOjaKHPEY-7wCVMpwygH5sM0Bie2pIpF6dJMK7ZrX6cR8HMJJgM2NEiBVOEFuKi6WBCKKkLiSKDncFkuBMfVa6FpLzeCvYCWkQZC0gMBfRzRqjM0n2ti92rVqZQeF06nsPti0UTdlc4u19TK_va3cVoMnGpbflibxvH4MPfmhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=5191824914452&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 239
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJiYTc5YTRjMTJjOGVjNDk4YTk5OTMyZTNhNDYzN2NiMTQ1NzhiYg
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJqrMhU4UhL9nVzHt0muPpU&google_cver=1
Request Chain 241
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9Gq6yp3Fzfvh3L3ObjzURw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6at0B_RE2oKxxRJSlKDfmk_EZS7oAHZFHiKFoQ--~A
Request Chain 242
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HJucXcQQTyOZD13ybV8N4w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HJucXcQQTyOZD13ybV8N4w
Request Chain 244
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9JMjc0TlctNS1DMkNG HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL-DYCorIkpuOkazqUmh07c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9JMjc0TlctNS1DMkNG&google_push=
Request Chain 245
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5vgWeEpSQCWLWdJWy-B4kA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5vgWeEpSQCWLWdJWy-B4kA
Request Chain 246
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOI274NW-5-C2CF
Request Chain 247
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFHl07KiNMAABhuIJw3Pw&expires=30
Request Chain 248
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOI274NW-5-C2CF
Request Chain 249
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOI274NW-5-C2CF&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOI274NW-5-C2CF&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS02d2VxeldKRTJ1RkF2LmlYdEwuaUN3OUxwbG1UekJnS35B&ovsid=LOI274NW-5-C2CF&dpid=58160
Request Chain 250
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOI274NW-5-C2CF&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 251
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOI274NW-5-C2CF
Request Chain 252
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOI274NW-5-C2CF
Request Chain 253
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOI274NW-5-C2CF HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOI274NW-5-C2CF
Request Chain 254
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0ee9ee90-b1ab-4fc4-9aea-b85761667e55&expires=30
Request Chain 278
  • https://um.simpli.fi/gp_match?google_gid=CAESEEwKAhq-Nl-YGR8nWDqv0Ww&google_cver=1&google_push=AXcoOmTJgy87yKqSI99_2EFApyViNZG4r-aFb592w5Xzo3r5LI9G_xUUGEgdyTF5b5PsFG_NlvmmdMoNTPrQCVl2EB9FXZm6vQeH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A62F7EF8261B48ABA7DBE4F1B653282E&google_push=AXcoOmTJgy87yKqSI99_2EFApyViNZG4r-aFb592w5Xzo3r5LI9G_xUUGEgdyTF5b5PsFG_NlvmmdMoNTPrQCVl2EB9FXZm6vQeH
Request Chain 279
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEINx5oYWTp9a4s9EZICrB2Q&google_cver=1&google_push=AXcoOmSzL0mLRU2TBGeY8GVY6jW0tLeyPPxBgmhiF9pHjR5TvtC_ApBOZ3xo6UcvAQz8Nx-nFo-_myHp5Y3tnFVPXSz4tV5IQva4 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
Request Chain 280
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOtfjHJqz6KR8HCEag_D3FI&google_cver=1&google_push=AXcoOmQE3G9CYuS7y-6c-neKraks3x23aluizL8pb37sFcaOmWFwUM-h9YoHIDfgsIQQBiV92ZGvW7CzPy74z4V3Ktmw47RwjGaO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQE3G9CYuS7y-6c-neKraks3x23aluizL8pb37sFcaOmWFwUM-h9YoHIDfgsIQQBiV92ZGvW7CzPy74z4V3Ktmw47RwjGaO&google_hm=gc-HsuhHwrMd_yOTF4a5gQ==
Request Chain 281
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKXFWezpC_Xu3g3TuiffibM&google_cver=1&google_push=AXcoOmTgYBkdcOTWlw3iY2x_aUfBm09CTa2Yd2IfqVfsRff2fTjJzwioDgJScg0dXG9oQOk37Z8KzjGO1KH7pUMH6QbNRVXttGho HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKXFWezpC_Xu3g3TuiffibM&google_push=AXcoOmTgYBkdcOTWlw3iY2x_aUfBm09CTa2Yd2IfqVfsRff2fTjJzwioDgJScg0dXG9oQOk37Z8KzjGO1KH7pUMH6QbNRVXttGho&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTgYBkdcOTWlw3iY2x_aUfBm09CTa2Yd2IfqVfsRff2fTjJzwioDgJScg0dXG9oQOk37Z8KzjGO1KH7pUMH6QbNRVXttGho&google_hm=c1FjMThsdk1ULVB1QlhzaFRpcHY=
Request Chain 282
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEC4n2LvZRWqhS1plEghOb2I&google_cver=1&google_push=AXcoOmQOGaafgCYDhDuSXnFNFzIqhyPoik0yYqNIHFs6PsLT7a03TJe3hZOEn4Hy_BBPiy3c5A7drtGFYwLor-becYd3MuknzOsz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQOGaafgCYDhDuSXnFNFzIqhyPoik0yYqNIHFs6PsLT7a03TJe3hZOEn4Hy_BBPiy3c5A7drtGFYwLor-becYd3MuknzOsz&google_hm=M0ZxXzdjY1FRWWNPb0FCNEpBS0U=
Request Chain 283
  • https://trace.mediago.io/cs/google?google_gid=CAESEP_s8BI-yjRaKvv0FZRQVyk&google_cver=1&google_push=AXcoOmQ3hl5ydPtfbBBgduGI21I6KkNzy9XU_K2YuyWmIx7oYKvyWAY3RV59gsJv6ose09zkLjC19Z0xUVH1gVng-Rrj1ruBl6H01g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ3hl5ydPtfbBBgduGI21I6KkNzy9XU_K2YuyWmIx7oYKvyWAY3RV59gsJv6ose09zkLjC19Z0xUVH1gVng-Rrj1ruBl6H01g&google_hm=f34e9699801e8e7814vfyt00loi2765e
Request Chain 284
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEK96pktV3HQrLKOczSLiAy8&google_cver=1&google_push=AXcoOmTtIRfnfW7IjiMzjicEBqUoNl5_qglqPCUlppjHt1Ny1-GXyXbeh9ZrXD9f1LAAH1FSBkwSftrW3zp1UX2_pvEnnQ_GD2A4EA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4NzQyMTUzMTI3MTE3MTMzOQ%3D%3D&google_gid=CAESEK96pktV3HQrLKOczSLiAy8&google_cver=1&google_push=AXcoOmTtIRfnfW7IjiMzjicEBqUoNl5_qglqPCUlppjHt1Ny1-GXyXbeh9ZrXD9f1LAAH1FSBkwSftrW3zp1UX2_pvEnnQ_GD2A4EA
Request Chain 293
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?insert=AW
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBHzrSOssc0J09HnfmYXYpw&google_cver=1
Request Chain 314
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTFkNTM2MGUtM2VmZS00YTMyLThlNGEtNTljNGI4MjdlNDYw
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEIMjPCGCxVP1g49uDWv4iGo&google_cver=1
Request Chain 331
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOP5M5xsn3WiebJt6j5dTD4&google_cver=1&google_push=AXcoOmTWw7LUlbw7TTfHlvdIVCwqFYvXrqYtO9vTgBmpyr5gYGRTfyG2Uh0IxJSChJtScCXzrJSeGlTsdCpe2YuIQdVu15fQekgL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1ODI1MTIzNTAxMzQ4MjEwNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOP5M5xsn3WiebJt6j5dTD4&google_cver=1
Request Chain 332
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEINx5oYWTp9a4s9EZICrB2Q&google_cver=1&google_push=AXcoOmSTMmgTHyQKkbPDFvOgXKJBs386gAk-bPtVUjEOuRCauSXqb9UomeP-BQnKSrkQUINwdlKfWvUY71Yi7iqX2XE3dIBcdUY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSTMmgTHyQKkbPDFvOgXKJBs386gAk-bPtVUjEOuRCauSXqb9UomeP-BQnKSrkQUINwdlKfWvUY71Yi7iqX2XE3dIBcdUY&google_hm=y5VWE51pTdS5aBYvj6_0LQ==
Request Chain 333
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMPdqB6m42cHANrQik1_AUI&google_cver=1&google_push=AXcoOmRcO7DHbjHywzf5FRBqLF_EkKk2zw3BKR36jjstRAgYZIWqgxRMuRranoSFM5-zs0peez15wqJgGcHajSkf5r7y5hBgoFpi HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMPdqB6m42cHANrQik1_AUI&google_cver=1&google_push=AXcoOmRcO7DHbjHywzf5FRBqLF_EkKk2zw3BKR36jjstRAgYZIWqgxRMuRranoSFM5-zs0peez15wqJgGcHajSkf5r7y5hBgoFpi&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRcO7DHbjHywzf5FRBqLF_EkKk2zw3BKR36jjstRAgYZIWqgxRMuRranoSFM5-zs0peez15wqJgGcHajSkf5r7y5hBgoFpi
Request Chain 334
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHNx4254o-Imql95HH4FJw0&google_cver=1&google_push=AXcoOmTsokq-38vgvs2WNrNxDyJQSX9ckS9D8xyTp3JMve7sa3oqP_RA7Obz7e3IbQxoesENRA0y9UTwjKl_XzzTPKe8BUohPlEe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_npTEel5WHNtX_XPbHsnNLnDR9w&google_push=AXcoOmTsokq-38vgvs2WNrNxDyJQSX9ckS9D8xyTp3JMve7sa3oqP_RA7Obz7e3IbQxoesENRA0y9UTwjKl_XzzTPKe8BUohPlEe
Request Chain 335
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIjLNhfb1sd2gdJtMXCylkg&google_cver=1&google_push=AXcoOmQHt5fRYgZhtALjUeRYQk-v7AeuiIkHEgpmSVmPAhKgKFyFqay2lQ0AxwibeMIbJ2J__5behfUH9KYISOpuAhMF46zbBR-Y HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQHt5fRYgZhtALjUeRYQk-v7AeuiIkHEgpmSVmPAhKgKFyFqay2lQ0AxwibeMIbJ2J__5behfUH9KYISOpuAhMF46zbBR-Y&google_gid=CAESEIjLNhfb1sd2gdJtMXCylkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgzMTQ4MDA5NjA4MjEzODc0MDcwMA%3D%3D&google_push=AXcoOmQHt5fRYgZhtALjUeRYQk-v7AeuiIkHEgpmSVmPAhKgKFyFqay2lQ0AxwibeMIbJ2J__5behfUH9KYISOpuAhMF46zbBR-Y
Request Chain 337
  • https://an.yandex.ru/mapuid/google/CAESEIhMmFRSHofD3Ei9eXA_wwk?ext-param=AXcoOmTLk_NirVjzC4olvIwL4nVeSW_L9Rf-0FJRfGK8zlTX939VOXohufZMvehlP3qP6PKLgwxGeD3djuneFN_JrpI597dVMyGV7g&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEIhMmFRSHofD3Ei9eXA_wwk?redir-setuniq=1&ext-param=AXcoOmTLk_NirVjzC4olvIwL4nVeSW_L9Rf-0FJRfGK8zlTX939VOXohufZMvehlP3qP6PKLgwxGeD3djuneFN_JrpI597dVMyGV7g&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIhMmFRSHofD3Ei9eXA_wwk&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 403
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEINx5oYWTp9a4s9EZICrB2Q&google_cver=1&google_push=AXcoOmR0geJoOFO2ntPw2i7bNamXE3xtACAuaBThSp8s_rCDJL4E1PUKT0pywsr-_k51jurpbi3RO1N6N_HFNagG1GcwODItSmQUtuHlBcTvdpi5MM8DrRTDPjYvI6cXJt167sV9Qh9eHugZWCIcT-_rTNTz HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559730638919969&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR0geJoOFO2ntPw2i7bNamXE3xtACAuaBThSp8s_rCDJL4E1PUKT0pywsr-_k51jurpbi3RO1N6N_HFNagG1GcwODItSmQUtuHlBcTvdpi5MM8DrRTDPjYvI6cXJt167sV9Qh9eHugZWCIcT-_rTNTz&google_hm=y5VWE51pTdS5aBYvj6_0LQ==
Request Chain 405
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMPdqB6m42cHANrQik1_AUI&google_cver=1&google_push=AXcoOmTTKLFxuwbyKQam49mePhq-aTAFCpC86ILVcGDoMEQ9GOiONpDU1w_16MAtkxt8Yv71Ac8ZCefcJjJZwfFpmhbjX6rXPTo8pdIp1DLJry3mD4jaLtUyfhZWy0P-3l4pLmU3bGX05rE6Bzu0NEaI8vnw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTTKLFxuwbyKQam49mePhq-aTAFCpC86ILVcGDoMEQ9GOiONpDU1w_16MAtkxt8Yv71Ac8ZCefcJjJZwfFpmhbjX6rXPTo8pdIp1DLJry3mD4jaLtUyfhZWy0P-3l4pLmU3bGX05rE6Bzu0NEaI8vnw
Request Chain 406
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENW0L98UfoFqAMbY-ZYn4II&google_cver=1&google_push=AXcoOmTco1NF41gwUwg2Pb9dt7yIZoBFbIS3mDpLXvA6-zJOFURJJumi88nUiw7NZ5gnURs5OW_u19oj1Vh_LYO_3YzDCCg_Q45rJRsVzyDP8QjvF6zNnX-LtpjLUNWWULzhRlEZdlWXol7H4pmh4orurJAR HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENW0L98UfoFqAMbY-ZYn4II&google_cver=1&google_push=AXcoOmTco1NF41gwUwg2Pb9dt7yIZoBFbIS3mDpLXvA6-zJOFURJJumi88nUiw7NZ5gnURs5OW_u19oj1Vh_LYO_3YzDCCg_Q45rJRsVzyDP8QjvF6zNnX-LtpjLUNWWULzhRlEZdlWXol7H4pmh4orurJAR&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTco1NF41gwUwg2Pb9dt7yIZoBFbIS3mDpLXvA6-zJOFURJJumi88nUiw7NZ5gnURs5OW_u19oj1Vh_LYO_3YzDCCg_Q45rJRsVzyDP8QjvF6zNnX-LtpjLUNWWULzhRlEZdlWXol7H4pmh4orurJAR&google_hm=Hl6TJGZHJ0yzGRhuS46cxQ5i
Request Chain 407
  • https://match.360yield.com/match/ebda?google_gid=CAESEFj0DFGXk20xlyNDGFG3peI&google_cver=1&google_push=AXcoOmRkmBlhTiM9HatRQmCRDQ0qQwNCrbCe5kiF5tgvuiEdNfiXwEGtmwFFqzGc3YfOWBY54W4LV1XnfIgm_s9VTZKsLCmK29ZwHq3DbiJosidjaFFVGuz2WMA_EIcGvWK5xGHTSao4Fy1vWIAz0qHbxog HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFj0DFGXk20xlyNDGFG3peI&google_cver=1&google_push=AXcoOmRkmBlhTiM9HatRQmCRDQ0qQwNCrbCe5kiF5tgvuiEdNfiXwEGtmwFFqzGc3YfOWBY54W4LV1XnfIgm_s9VTZKsLCmK29ZwHq3DbiJosidjaFFVGuz2WMA_EIcGvWK5xGHTSao4Fy1vWIAz0qHbxog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kWm0efzeTRSWf_L5boDd_A&google_push=AXcoOmRkmBlhTiM9HatRQmCRDQ0qQwNCrbCe5kiF5tgvuiEdNfiXwEGtmwFFqzGc3YfOWBY54W4LV1XnfIgm_s9VTZKsLCmK29ZwHq3DbiJosidjaFFVGuz2WMA_EIcGvWK5xGHTSao4Fy1vWIAz0qHbxog
Request Chain 408
  • https://cs.media.net/cksync?type=g&google_gid=CAESECmai7VSf079k1HJyPyJv6w&google_cver=1&google_push=AXcoOmTSZxjaB2FtNegvStBIbYMHyZwrnWx1V_IQ6R1yPiKXDhRzBerpg-inLxq3U4Foz1KqgLFU3mjI-VuSUjJMqFttnNBOMPJosN-OeqVQn1M5deskxSZ03tARKIhmLwrUk3wQWWkKhbIfw6joV3rx5Kk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxOTgzOTA3ODI4NzY3NTAwMFYxMA%3d%3d&mn_hm=MzQxOTgzOTA3ODI4NzY3NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTSZxjaB2FtNegvStBIbYMHyZwrnWx1V_IQ6R1yPiKXDhRzBerpg-inLxq3U4Foz1KqgLFU3mjI-VuSUjJMqFttnNBOMPJosN-OeqVQn1M5deskxSZ03tARKIhmLwrUk3wQWWkKhbIfw6joV3rx5Kk&gdpr=&gdpr_consent=
Request Chain 433
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=BonBR3xZbENHOVEycXFhRlBmUWZSWVJreHlESWh3N3k5dngxTCtEMy9SZFZxcEZSeU9laTZQaDdxcUVkM1FadTZ1SmJKM21yMm85dnhRSWlhRjQwQnFZZVJOU0VDWnc2ZjJ0K3ZTeU1NdkNRbnBFbEtjQjdtOHNOeEl3bDNXRjNwN3ZQWlJZUWhhZlEvdVhLM0hDRUk0QUtBRXZ2U0UrMDBBYVNrZlFhdzlQaE5FNno3NmFKb01GRFZxWXpoRWtzMTUyUHBxQllnUFFtVU4xTlVqK2RLU3cybUhpSmZkV0pUNTFUa0lLbnBtMGsrRUZuRWovWVA4bTVoU1UxaGtkMUlnOGxueWY1MTgvQS8xNjZrQkVUUHhLN3o0Zz09fA&cppv=2
Request Chain 463
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yMwXzcjAQsjTzxaYysEOn5qbFMHTnRXNn84OnzGv
Request Chain 464
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3376543238220108584
Request Chain 468
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1
Request Chain 469
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZURpotJ3N8GOWqBdq-1wawAA%263286&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8058251235013482105 HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80&rd=Y
Request Chain 470
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8387421531271171339
Request Chain 471
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=1QBtBtUMOAPOA2xT1w10VIdXbgrOUW8GggKi6Vpm
Request Chain 473
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=341699ca7f72163f&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIufjmfkmc5wNVPmECAAAAAAA&expiration=1699068708&is_secure=true
Request Chain 474
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=847953322030&us_privacy=1---
Request Chain 483
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 488
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8387421531271171339
Request Chain 489
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Hl6TJGZHJ0yzGRhuS46cxQ5i
Request Chain 491
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698982308623 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5097535392 HTTP 302
  • https://sync.1rx.io/usersync/turn/8058251235013482105?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5252745e-4c37-4609-a16c-5af8a66ba38d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-5252745e-4c37-4609-a16c-5af8a66ba38d-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-5252745e-4c37-4609-a16c-5af8a66ba38d-003
Request Chain 492
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5108559730638919969
Request Chain 493
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=ec38c491-e39a-4422-aaad-afc439955c5d
Request Chain 494
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 495
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
Request Chain 496
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEyAgYMOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEyAgYMOAE=&buyeruid= HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEyAgYMOAI=
Request Chain 497
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
Request Chain 499
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 504
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZURpotJ3N8GOWqBdq-1wawAA%263286&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8058251235013482105 HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80&rd=Y
Request Chain 505
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
Request Chain 506
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFHl07KiNMAABhuIJw3Pw&expiration=1700191908
Request Chain 507
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714707108&external_user_id=ecef4d28-1943-4539-a0c3-168d201e68f9
Request Chain 508
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZURpotJ3N8GOWqBdq-1wawAA%263286 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=a4a3d394-2de3-4077-9a93-71dbd6746471
Request Chain 509
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=042ac4325401445fb06c8a2ae1f66575&expiration=1701574308
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMiWkdMHso2ldCEll9QLKjQ&google_cver=1
Request Chain 518
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=mk5gJZpCNSCBTWFwmEN5d8gZYymBH2IlzUyxLPRz
Request Chain 519
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDk2Njc4MDgyODIxMjIwNDM0OA==&gdpr=0&gdpr_consent=
Request Chain 522
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8387421531271171339
Request Chain 523
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_97a6e4bc-4314-416b-ac2d-ef89fbcf4a5a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3376543238220108584&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 524
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=a9a4a9fe-69d4-43cb-9cf0-7fc90ccf827d
Request Chain 525
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734$ip$185.195.71.220
Request Chain 526
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-LEnqjcNE2pcS0jukI0O8rG5Q.S4EwTEiAIy6~A
Request Chain 527
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=0ee9ee90-b1ab-4fc4-9aea-b85761667e55
Request Chain 529
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_97a6e4bc-4314-416b-ac2d-ef89fbcf4a5a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=sQc18lvMT-PuBXshTipv&gdpr=0&us_privacy=1---
Request Chain 530
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Nxn7cZHThJQ9&ev=1&pid=558355
Request Chain 531
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4966780828212204348
Request Chain 534
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=3376543238220108584&gdpr=0&gdpr_consent=
Request Chain 538
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZURppcCo8YAAADNoPvcAAAAA
Request Chain 539
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=mSVjJFhRnNs8jkO8TB8R&pi=gumgum&tc=1
Request Chain 540
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 543
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOI274NW-5-C2CF HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LOI274NW-5-C2CF
Request Chain 545
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZURpotJ3N8GOWqBdq-1wawAA%263286
Request Chain 546
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8387421531271171339
Request Chain 547
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=c7c0ef8a-3e53-44c9-8313-76d3849c09de
Request Chain 548
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 549
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1831480096082138740700
Request Chain 551
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=f1ae65977bbb2a6b03ed04f98e89eacd
Request Chain 554
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 556
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NlQOnTZYW5gtVw_INFkXz2QDDZEtBQydYVaFVpYU
Request Chain 557
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8387421531271171339&gdpr=0&gdpr_consent=
Request Chain 558
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7297073436466217318&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
Request Chain 559
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8915715d-48f3-4ed5-970b-5aab4494b7d6&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 560
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_npTEel5WHNtX_XPbHsnNLnDR9w&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
Request Chain 561
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 562
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZURppAAAAS89AQBi
Request Chain 563
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGSGwwN0tpTk1BQUJodUlKdzNQdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFHl07KiNMAABhuIJw3Pw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFHl07KiNMAABhuIJw3Pw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFHl07KiNMAABhuIJw3Pw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4966780828212204348&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFHl07KiNMAABhuIJw3Pw&gdpr=0&gdpr_consent=
Request Chain 564
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU0b97f1088e334c6b8a402e93d5dc4d7c HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
Request Chain 565
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 568
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6072955426991292825
Request Chain 569
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730638919969
Request Chain 573
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 574
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=&ct=y
Request Chain 575
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2512242981
Request Chain 576
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=211703CA-977C-4652-B528-8CA341A71ECB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MmlhN1g0LS1GNWtSbzJLS21NenpBV0FiQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3376543238220108584&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 577
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjExNzAzQ0EtOTc3Qy00NjUyLUI1MjgtOENBMzQxQTcxRUNC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 578
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECOE4s0LViCAirLFVm0wV6M&google_cver=1
Request Chain 580
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3376543238220108584
Request Chain 582
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=211703CA-977C-4652-B528-8CA341A71ECB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-n0x1WSpE2uXtDlLpT0DmK0_3PymqrFM-~A&gdpr=0
Request Chain 584
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=908ce486-5d77-4dc1-9066-528fac85c320-654469a5-4348&gdpr=0&gdpr_consent=
Request Chain 585
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8058251235013482105&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 586
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=538fe287916615d4&is_secure=true&networkId=17100&version=1&nuid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIar8rI55WeQMSDxqXAAAAAAA&expiration=1699068708&nuid=211703CA-977C-4652-B528-8CA341A71ECB&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 587
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:67cb4075-ffb4-4e91-9334-d0fd4afcc75d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 590
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=29f45b7e-e596-406a-ae1d-1zz1698982293 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-8813248165786065703 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=cfb574be-ddcc-5333-9a57-453dff132c98&ssp=richaudience&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&us_ps=
Request Chain 591
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8387421531271171339
Request Chain 592
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=f760eaecca5c15e14c19884ac265e43&gdpr_consent=&gdpr=0
Request Chain 595
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6025499749
Request Chain 598
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=5300638922811625121 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/df202a8c-68d3-5333-b97e-b57edc3adcdb
Request Chain 599
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOI274NW-5-C2CF HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LOI274NW-5-C2CF
Request Chain 600
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
Request Chain 602
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3376543238220108584
Request Chain 604
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=FC_Z019wSFpTbXVqbVolMkYyUmpwUiUyQmxtMTZ3amtrbVBxMDJXRHlWaWUzOHBIc2NoeDVRM2xvdW5OVzk2dUl2cUVKMGUlMkZyT1R4amxkV05kZ0JwdGVIc1g1aHcwbWVTZVJnYlhxdFppU2g2Wm9ia0tOT1cwV0Z6ajdBSlN3c2t4Z3BESWRkU3IwJTJGYm81a1JCN2x6bUFsQmJ5RDRhSXh3UGZxd3dETHdXQ0k4bEs5dVRVR0ZySEc1a3Z5OWJtejhHa2RseGd5ZQ&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-WJJN3P1yuurZAPl9Laf_O6Px1JHTymbD4TuSdQ HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8915715d-48f3-4ed5-970b-5aab4494b7d6&ssp=criteo HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=FC_Z019wSFpTbXVqbVolMkYyUmpwUiUyQmxtMTZ3amtrbVBxMDJXRHlWaWUzOHBIc2NoeDVRM2xvdW5OVzk2dUl2cUVKMGUlMkZyT1R4amxkV05kZ0JwdGVIc1g1aHcwbWVTZVJnYlhxdFppU2g2Wm9ia0tOT1cwV0Z6ajdBSlN3c2t4Z3BESWRkU3IwJTJGYm81a1JCN2x6bUFsQmJ5RDRhSXh3UGZxd3dETHdXQ0k4bEs5dVRVR0ZySEc1a3Z5OWJtejhHa2RseGd5ZQ&u=cb955613-9d69-4dd4-b968-162f8faff42d HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-SKnMev1yuurZAPl9Laf_O6Px1JGrld0CIt5uUg
Request Chain 608
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/f760eaecca5c15e14c19884ac265e43?gdpr_consent=&gdpr=0
Request Chain 625
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 626
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a2242851b6a4cd07/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgXXWXSVbhUgWjQaT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d4a007d921c50dd2599a1ed6d683cd07&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DHHt10NrrgXXWXSVbhUgWjQaT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgXXWXSVbhUgWjQaT&gdpr=0&gdpr_consent=
Request Chain 629
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
Request Chain 630
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2109489970
Request Chain 633
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 634
  • https://pixel.onaudience.com/?partner=214&mapped=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 636
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 637
  • https://pixel.onaudience.com/?partner=214&mapped=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 639
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 640
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfff791f00b69888/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhMMMTRbMaahURSSS%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d4a007d921c50dd2599a1ed6d683cd07&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhMMMTRbMaahURSSS%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMMMTRbMaahURSSS&gdpr=0&gdpr_consent=
Request Chain 643
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
Request Chain 644
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5101831268

652 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
www.bg3.co/a/ 		61 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f0ec5b202866c0dad1213b6bba6e7a3b7d39f9a4c54b03b9bc8f5117086d85f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:43 GMT
etag
"f34f-Ip+wcAoCnCaHL5ZeSbN5I4aqbaI"
expires
Fri, 03 Nov 2023 03:32:43 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 03 Nov 2023 03:31:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73131
x-xss-protection
0
server
sffe
etag
"8cd1ce497f4c5169"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Nov 2023 03:31:44 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8772a132b701c01463cd2da89c0f05adc6a0d45824ae699de2e9abc043dba71
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 03 Nov 2023 03:31:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9636
x-xss-protection
0
server
sffe
etag
"8e4fe4ecd2caf064"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Nov 2023 03:31:44 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4022a5cf728cb77376280dead8b08f3d8bd307681563f227ad2cfd880217afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30791
x-xss-protection
0
server
cafe
etag
405 / 19664 / m202310300101 / config-hash: 8628985261000830790
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:44 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f16b2d3a72a7876cbffa77a40be8c62e73735aadb21faac54c95d9f89ea9d3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91479
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 03:31:44 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 13:45:39 GMT
server
cloudflare
age
40384
etag
W/"6543a803-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
82018bc9aa756aa1-GVA
expires
Fri, 03 Nov 2023 04:18:40 GMT
adRecover.js
delivery.adrecover.com/43519/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C54) /
Resource Hash
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
age
61796
x-cache
HIT
x-client-device
desktop
content-length
10744
x-ap-device
DESKTOP
last-modified
Thu, 02 Nov 2023 06:59:43 GMT
server
ECAcc (mil/6C54)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Fri, 03 Nov 2023 04:31:44 GMT
adpushup.js
cdn.adpushup.com/42753/ 		733 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C73) /
Resource Hash
e6aa60e383a19f8563783ce016ff63568f23092f50550661c62803f167d9f80b

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
age
39565
x-cache
HIT
x-client-device
desktop
content-length
155058
x-ap-device
DESKTOP
last-modified
Thu, 02 Nov 2023 14:34:24 GMT
server
ECAcc (mil/6C73)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Fri, 03 Nov 2023 04:31:44 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		574 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
77f8456ea95eed1583cfd8890fbc36804b459738e1a882c2373e1fc6f90a361c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tFWw6W8sYF8H1PqqmuRzJjDcEmH_tsYy
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:44 GMT
x-amz-request-id
MS6W5D8P737J3PA7
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
9
x-amz-replication-status
FAILED
content-length
55765
x-amz-id-2
GtEFThEgXhbFnuw+FhlljlKU+3HrxWf9NvFbWQ4VbN1TDiYMadYHwwMpfjzBUXoY244Rcsy/azE=
x-served-by
cache-mxp6938-MXP
last-modified
Fri, 03 Nov 2023 03:31:44 UTC
server
nginx
x-timer
S1698982304.265020,VS0,VE56
etag
"6c670232568129b1bb3f6857baa4fa7d1eef9af4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
21
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11319
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUkyC6p0OhxFEfXwa4F5VRd0xgHpXEco9G1Wz1H%2BLHNvRQkyJXwzYdQ30%2FjFeXhcg%2BExkAe%2BbJyRz3q4dGhdF8xvNGn93oD2qS7ydXN6ZGV05jBCGNpvgXj13%2BOupX%2FhNYzW1tqJzPKUzkCBFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
82018bcefd4e3b5d-GVA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
player.js
cdn.unibotscdn.com/player/mvp/ 		327 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
438eac9d3f8eabcd1fc9585819263fc5b6e393e9772ca54266c435b5ed287306

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-662
cdn-cachedat
10/18/2023 10:50:29
cdn-pullzone
873945
last-modified
Wed, 18 Oct 2023 10:48:10 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
656
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"652fb7ea-51d4f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
609de5b79528e06b6dea3ce285a2cb5f
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
t.php
c.statcounter.com/ 		192 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=9F2F15E0A5E84FFA579A821F26836A04&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&t=%E6%B7%B1%E8%AC%80%E9%81%A0%E6%85%AE%E8%AE%93%E4%B8%8D%E7%95%B6%E9%BB%A8%E7%94%A2%E9%81%8E%E5%88%9D%E5%AF%A9%E3%80%80%E7%B6%B2%E8%B4%8A%E9%99%B3%E5%85%B6%E9%82%81%EF%BC%9A%E5%8F%88%E5%85%B6%E9%82%81%E5%8F%88%E5%8F%AF%E6%84%9B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2397&sc_rum_e_e=2400&sc_rum_f_s=0&sc_rum_f_e=2394&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
82018bca2ab96aa1-GVA
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4181673
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-mxp6963-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1698982304.401665,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
49, 9835
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/ 		424 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:12:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
1176
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136180
x-xss-protection
0
server
cafe
etag
6663949485869648659
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 02 Nov 2024 03:12:08 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b11v9102959953&_p=1698982304191&gcd=11l1l1l1l1&cid=65000381.1698982304&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1698982304&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dt=%E6%B7%B1%E8%AC%80%E9%81%A0%E6%85%AE%E8%AE%93%E4%B8%8D%E7%95%B6%E9%BB%A8%E7%94%A2%E9%81%8E%E5%88%9D%E5%AF%A9%E3%80%80%E7%B6%B2%E8%B4%8A%E9%99%B3%E5%85%B6%E9%82%81%EF%BC%9A%E5%8F%88%E5%85%B6%E9%82%81%E5%8F%88%E5%8F%AF%E6%84%9B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2480
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20231102-5-RELEASE.js
cdn.taboola.com/libtrc/ 		816 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c6d2c15417ece5810ab49b0733446e929b26927dbac35048bb190f2b66c7a31c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wrDy.6GHMPq9jWSxsFcy..8q5a_CWg0N
content-encoding
br
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:44 GMT
x-amz-request-id
VD49MY9NHS3BK74R
age
4229
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172939
x-amz-id-2
bW6ccJXdkZI7K1pP2lKYksXe/Kpva96UgO/SK8ii2qdedeOAY3Qf22PE8V1BljOXkqRW1uEJa6w=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:12:44 GMT
server
AmazonS3-br
x-timer
S1698982304.445083,VS0,VE0
etag
"881017214fa5e056e755814aa025b7b3"
vary
Accept-Encoding
content-type
application/javascript
abp
6
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1378
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3744203
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mxp6963-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1698982304.478438,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
13, 795655
block.jpg
delivery.adrecover.com/ 		631 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1698982304485
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C71) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 02 Nov 2024 03:31:44 GMT
date
Fri, 03 Nov 2023 03:31:44 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (mil/6C71)
age
6711946
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
234080
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=04%3A31%3A44.536&lti=deflated&data=%7B%22id%22%3A648%2C%22ii%22%3A%22%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698927321915%2C%22vi%22%3A1698982304534%2C%22cv%22%3A%2220231102-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%22%2C%22vpi%22%3A%22%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3550%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2656.203125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0821b83864782329906749de2530edc53e21de45cbf7a27bb58dce5129586211

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
379
date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.4739583333333333
x-fastly-to-nlb-rtt
70559
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-mxp6938-MXP
x-log-content-encoding
gzip
server
nginx
x-timer
S1698982305.557039,VS0,VE379
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BB6) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
age
31219
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (mil/6BB6)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:31:44 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BBC) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
age
7245062
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (mil/6BBC)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:31:44 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:883a:48dc:4b0f:3957 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C88) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
age
4226161
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (mil/6C88)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:31:44 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg5ODIzMDQ1ODEsInBhY2tldElkIjoiMDAwMEE3MDEtNmVkMjY4MTQtMDY3OS00MzU0LTk1OTYtNzE5NDgwY2UyZjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoZW4tbW91LXl1YW4tbHUtcmFuZy1idS1kYW5nLWRhbmctY2hhbi1ndW8tY2h1LXNoZW4td2FuZy16YW4tY2hlbi1xaS1tYWkteW91LXFpLW1haS15b3Uta2UtYWkuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2656.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:44 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg5ODIzMDQ3MTgsInBhY2tldElkIjoiMDAwMEE3MDEtNmVkMjY4MTQtMDY3OS00MzU0LTk1OTYtNzE5NDgwY2UyZjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoZW4tbW91LXl1YW4tbHUtcmFuZy1idS1kYW5nLWRhbmctY2hhbi1ndW8tY2h1LXNoZW4td2FuZy16YW4tY2hlbi1xaS1tYWkteW91LXFpLW1haS15b3Uta2UtYWkuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2793.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg5ODIzMDQ3MjQsInBhY2tldElkIjoiMDAwMEE3MDEtNmVkMjY4MTQtMDY3OS00MzU0LTk1OTYtNzE5NDgwY2UyZjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoZW4tbW91LXl1YW4tbHUtcmFuZy1idS1kYW5nLWRhbmctY2hhbi1ndW8tY2h1LXNoZW4td2FuZy16YW4tY2hlbi1xaS1tYWkteW91LXFpLW1haS15b3Uta2UtYWkuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2799
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg5ODIzMDQ3MjcsInBhY2tldElkIjoiMDAwMEE3MDEtNmVkMjY4MTQtMDY3OS00MzU0LTk1OTYtNzE5NDgwY2UyZjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoZW4tbW91LXl1YW4tbHUtcmFuZy1idS1kYW5nLWRhbmctY2hhbi1ndW8tY2h1LXNoZW4td2FuZy16YW4tY2hlbi1xaS1tYWkteW91LXFpLW1haS15b3Uta2UtYWkuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2802.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3389567392143493&correlator=1754887870529794&eid=31079343&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698982304740&lmt=1698982304&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=65000381.1698982304&ga_sid=1698982305&ga_hid=1523756064&ga_fc=true&dlt=1698982304172&idt=318&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_20_0_pv%26cluster_reporting%3Dchrome_DESKTOP_20_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_1%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_1%26faid%3Dfalse%26adro%3Dv8_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c993079438bd899967bf73351c33eef1f251f263e96cc44b3b8878eb3cb4b89a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21694
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6DD8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:44 GMT
expires
Sat, 02 Nov 2024 03:31:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a19b3a770a433295ec7c946e9a2d4d263489be69ebab4d54aafb13ecd9d337b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:58:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30792
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13755
x-xss-protection
0
server
cafe
etag
4541188775071356988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:58:32 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg5ODIzMDQ3MTgsInBhY2tldElkIjoiMDAwMEE3MDEtNmVkMjY4MTQtMDY3OS00MzU0LTk1OTYtNzE5NDgwY2UyZjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoZW4tbW91LXl1YW4tbHUtcmFuZy1idS1kYW5nLWRhbmctY2hhbi1ndW8tY2h1LXNoZW4td2FuZy16YW4tY2hlbi1xaS1tYWkteW91LXFpLW1haS15b3Uta2UtYWkuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2873.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
7b10cfab292c61e6b3332aebee609258.jpg
static.bg3.co/imgs/202105/ 		0
0
eb0dd34db8f8da35617bd059c083c07a.jpg
static.bg3.co/imgs/202105/ 		0
0
6941a7c30f9890ff3ac77ed62e3be4f9.jpg
static.bg3.co/imgs/202106/ 		0
0
e838760d93634fd39079c2d02aca3812.jpg
static.bg3.co/imgs/202309/ 		0
0
602c580e5c71d2d48730120e1d066911.jpg
static.bg3.co/imgs/202105/ 		0
0
7cefc464e08273eed27ad48e006b7d51.jpg
static.bg3.co/imgs/202106/ 		0
0
bf0bd0a3224be1556d235615c6f4b8eb.jpg
static.bg3.co/imgs/202203/ 		0
0
ec760afede175b908c66d7a23f536a13.jpg
static.bg3.co/imgs/202106/ 		0
0
33633daba608636eca473e1ec79e78e4.jpg
static.bg3.co/imgs/202106/ 		0
0
db574accd4ff1191d03e6a7a313a39c3.jpg
static.bg3.co/imgs/202106/ 		0
0
14623bc592ed903d9c2a68f0b345f4d1.jpg
static.bg3.co/imgs/202105/ 		0
0
716a8b26f5f4a717194bbc634351e24a.jpg
static.bg3.co/imgs/202106/ 		0
0
7747d5432921b197af15029a8c4f689e.jpg
static.bg3.co/imgs/202310/ 		0
0
c4b0967be0cb1480787e23da643c0bfa.jpg
static.bg3.co/imgs/202309/ 		0
0
7daf1b3a7b3f55b829a512ecf4754500.jpg
static.bg3.co/imgs/202105/ 		0
0
7b58ebc00d362fb0a865e3f0a7d9e904.jpg
static.bg3.co/imgs/202202/ 		0
0
d40d312bd25803747de43783de8c13cb.jpg
static.bg3.co/imgs/202309/ 		0
0
212a6fc9abbd079779aea6dd1507566a.jpg
static.bg3.co/imgs/202309/ 		0
0
0fd93f18624ee9cc7090cbd8d17e256e.jpg
static.bg3.co/imgs/202105/ 		0
0
2d77c30ecedf7d1362e4b9606f2ae8c6.jpg
static.bg3.co/imgs/202110/ 		0
0
f3e10b17f2099b2fb3993f2d2cf4d3f3.jpg
static.bg3.co/imgs/202105/ 		0
0
2464d1cfabd9a91ef170608a6759ce32.jpg
static.bg3.co/imgs/202309/ 		0
0
83b2bb0817719b78dc3ebb4a30949d86.jpg
static.bg3.co/imgs/202106/ 		0
0
a6e955739f4ceb18bc4fe7aff5445b19.jpg
static.bg3.co/imgs/202105/ 		0
0
07789ce018534e0299dfe9b54b201f78.jpg
static.bg3.co/imgs/202105/ 		0
0
e3bb0af7acd30ecf5c89f0498d9ed5f4.jpg
static.bg3.co/imgs/202309/ 		0
0
206fbc8b035190311bd833d95b7c4bae.jpg
static.bg3.co/imgs/202309/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:15 GMT
age
206129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"4ca4ccf1afd64d82"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:15 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:15 GMT
age
206129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3941
x-xss-protection
0
server
sffe
etag
"aef77be21ea5e253"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:15 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 10 Nov 2023 03:31:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231103
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
471550ed7025e2abacc6b0cf8aafb152a479d00674d64561b109bbbd22abc469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41454
x-jsd-version
1.0.1862
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230050-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"636-3D/jHWfel29mvhLHMtDUyTircVE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0LZEUxxmU5rpOkFNxpB9%2FSHDb6CSJGVPHPuE9oh9rmsAgOO6nykm%2F5Q9enaTsEaRnal1CgRquxh%2FbG8Aay0ybLeqZbZQLi29cRkezihan95u4No73eUvdlDry0g%2FcYsfZy1aIP%2FbnR4xzUd2qk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82018bceec36020d-ZRH
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.26.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-26-2.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
6
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		121 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4fb4412d7c19507705d4e00cd20b6465381a15cd0f8f47f5334eea369c28854

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaicbMSlto1JnWQb628aykWQgFlDXEbOp9LESOE4YhjlcIcw2LuUlPYOQmnmzgsILfmCSh3%2BYtKYNmdnHMsP5%2F%2FHRZ1T%2F%2BfJKLvHCSe4vgUHPnXpCz1cU0750ibSZb3aV3vfB9Xa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82018bcef9cb2397-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fe99d2615002ac44eed7734e4a67473ebd2a0d4f85b871923019ea5fbd5076b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUDTsp0MXI0ncaC9UsFBxMLn%2FX7N%2FyGxVUwSaw3Ma5070Ogbf%2F3IsAdaQ4w9v%2FZKCUNfSAlN6jBC3O8Dmk%2FUmtWvw%2FuYSaLS9gaiK5cCXsS1ltZNvuxFSbs7f1oMeVmK8Dxw%2BKYh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82018bcef9cd2397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fe99d2615002ac44eed7734e4a67473ebd2a0d4f85b871923019ea5fbd5076b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k90oOrbr3Hr84JGahW%2BPMWfCTbhl%2BBeFg0MD9PK0VBOsHW5UHKq9JJQztcWh0ezNx3Xk1L7TK59Vvhu9q7xOQCFJ%2BXIxG8ZX3%2FXL8P111iOYP7OPPvGqp94hSMMNVwg%2FXjcEGV8f"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82018bcef9cf2397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
c
prebid.a-mo.net/a/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 03 Nov 2023 03:31:44 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
server
envoy
vary
origin, Accept-Encoding
prebidjs
rtb.openx.net/openrtbb/ 		53 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
d36158b2e7eb69b3e8b7105cf18dbfa247ba390c1397a966c613b7e6b9d1eee0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
4bd2ee3635819252168074e3794d73fd2889b54b457e8d31d98cbab3e62b4cc5

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=f75623e7-d21c-4ffa-b6a4-588a4e97a5f5%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%B7%B1%E8%AC%80%E9%81%A0%E6%85%AE%E8%AE%93%E4%B8%8D%E7%95%B6%E9%BB%A8%E7%94%A2%E9%81%8E%E5%88%9D%E5%AF%A9%E7%B6%B2%E8%B4%8A%E9%99%B3%E5%85%B6%E9%82%81%EF%BC%9A%E5%8F%88%E5%85%B6%E9%82%81%E5%8F%88%E5%8F%AF%E6%84%9B&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=967de7aa-f260-452a-a67f-5e49bea36665%3B88f98719-a31f-4be6-be5b-81b77676812d&l_pb_bid_id=2852b56a35ef328%3B29c089e52210b91&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=967de7aa-f260-452a-a67f-5e49bea36665%3B88f98719-a31f-4be6-be5b-81b77676812d&rp_maxbids=1&slots=2&rand=0.7067149226692693
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
44c00976c63c0b191533208779d395c6da10e28b38b909e2bfe3656c8f01bd63

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.189.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-189-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 03 Nov 2023 03:31:45 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82018bcef9f76aa0-GVA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82018bcef9f86aa0-GVA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid-request
onetag-sys.com/ 		50 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
aec17fe4c92b4c0a84e7805a9a694067191b7473f37bd05c83ec1eccd3ef9dad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
26728
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
adreq
ads.servenobid.com/ 		592 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7799
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
106094bb32d91e6cd43c2093eb478d23b78dc005303eb0209463fa48df83310a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		19 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.134.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-134-167.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
691f71808a5a10f5e6461831e6ee82292ad18c5d315d2f64b5c51f5da9d364f0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 03 Nov 2023 03:31:45 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
15399
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=44703977700&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 03 Nov 2023 03:31:44 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		33 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
763cf512a1a61c6db5b0797ae644b5dd9e2757c5ae1daeb8eb81645d3a58f24c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
an-x-request-uuid
3f67c5ac-a464-4679-9ae6-d29d577fb401
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
946cc4cebc2e776d4d50a7223139f2a9f1c483ff3756a9a5ce9b5739fcbad8ca

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:44 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
105
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 03:31:45 GMT
floating-unit.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02aef444d225d88a60f9bbb70f190757efd61304171291003c73df554bfadcce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rJBj7r3aGOmnh9rdJ.PQq.kv31RrnXMV
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:44 GMT
x-amz-request-id
1CFX6829CX91G1A8
age
61828
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2493
x-amz-id-2
IoAr3dNfrGXlXtAPgmVhkEYJ41zEk1aCXw3HVNLHfnubAgKVziJp05v+wbzMQyk4wM4baRygmy8=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:12:59 GMT
server
AmazonS3
x-timer
S1698982305.980843,VS0,VE0
etag
"b4559913b4b33779e784cf78bc64803e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
0
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4547
taboola-vignette-new-scanning.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6284df0f00bd4a37b7e380df638c5c0457a83d28a52001baab667eaecfe17f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yYOLwAYB0rw30DMRiwJv2htrBJNIJkrt
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:44 GMT
x-amz-request-id
Q2ZVGFZNPM7NKWHA
age
61709
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
8019
x-amz-id-2
fxgTsFWwoWdFZhAZA6b5J4PBTj4V4qtgySVLgl7hVHvNohuQae8Je9Yt40cXNSyy+Ax3+ogZJfs=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:12:40 GMT
server
AmazonS3
x-timer
S1698982305.982217,VS0,VE0
etag
"c7b10b42b5653223470e984a34e2d477"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
6
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2652
distance-from-article.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1976b2ad90c95b61cd1a449f6992d2c2908f337a462d2015f1c77aabded22705

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Q4nPZ1Vsr1DZaknG1M2kxDhmiL6aHyQB
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:44 GMT
x-amz-request-id
1CFQTHZ2T4BXQJVT
age
61828
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1132
x-amz-id-2
HnrXGxjSq2o3Cd21+OTYmdhW0Kr222DG14iObSSyXbHx03/rq/rs8EoW3DDi6MIutuZqOt6/rvY=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:13:09 GMT
server
AmazonS3
x-timer
S1698982305.993304,VS0,VE0
etag
"ce1c5235fb33d6ac81096f98bf8f41d6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
64
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
85016
article-detection.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75142c35f7c00a41c4f722667770f7eda135d815f970b5e6be8de87095ea12f3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cld8mb4sNxuGvc7o3N5Gp0OiXn67hxmI
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:44 GMT
x-amz-request-id
1CFHTT5SBEVHN61A
age
61828
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
viRvQe4Ri5ZnZ3MkARTafDRqdviJ/mj5RFfQ7fyAnbRkicESGBf2broag+8infFIGHSwPEhsrYw=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:13:16 GMT
server
AmazonS3
x-timer
S1698982305.993284,VS0,VE0
etag
"97186553f83167d1af6b074dbef424b2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
84955
feed-card-placeholder.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23106e7c3c425ac991acdeb26c55eced3a41e8e439c65f794ef3fac7b1a5fe1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8ScQxE5jmxIfPawgNFDkv9nBXShHCw8b
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:44 GMT
x-amz-request-id
1CFXX3BHN48BF3XH
age
61828
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1262
x-amz-id-2
gURLUFVVweT7nAjEGGpHuhknfGIq3BF3fHihDkr9WA5hQ5A0u0CcEumn8PEzdj8ehJ/EyCtbSUM=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:13:04 GMT
server
AmazonS3
x-timer
S1698982305.994902,VS0,VE0
etag
"4f8cee22ab16cd8c964b1296c28d5408"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
2
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
87086
userx.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
207b5d5af193855b0b3c7068a3ec3f7b4a0594f18eec78d7a9c5a2f79c51b4ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
m.gzQ89G.tLhr4O5GAMMB2EbQ82A9SI.
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:45 GMT
x-amz-request-id
1CFJQ7V7KYZW1VWG
age
61828
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
hg6hp1BZAAwDMw1mJHBVwTLbWe54ICzxTBhGCsWY8wxEUynW/mdMSr/yqyQusqUNOXih8tPcOk4=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:12:37 GMT
server
AmazonS3
x-timer
S1698982305.000086,VS0,VE0
etag
"ca1ef71d1f82df4e5a0623b12689695c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
74
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11054
explore-more.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7aa6b6e9a3bb07a6e7a1b473023f32f86b2b8672e3af6ef299d980882cc859a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gcLotEmTDkTFeD.3ks3kOBzh4JSjLk9p
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:45 GMT
x-amz-request-id
1CFXX0NH8YM7FQGN
age
61828
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7706
x-amz-id-2
Umrz8ISV7jKRRTLZ7b6S6dBGjJaIEn4TIXqOfl+51LZyH3UisqotLom2irPiPh5jiRpwOGUOHRU=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:13:06 GMT
server
AmazonS3
x-timer
S1698982305.009459,VS0,VE0
etag
"fe17033fa4e142de49847aa185754e17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
58
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
52172
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=04%3A31%3A44.972&id=111&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1698982304973%7D&tim=04%3A31%3A44.973&id=9397&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698982304980%7D&tim=04%3A31%3A44.980&id=9886&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A31%3A45.001&id=4371&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A31%3A45.003&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2044&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
81917
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A31%3A45.004&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=9940&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
81917
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A31%3A45.009&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=1007&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
81917
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A31%3A45.009&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=1949&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
81917
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A31%3A45.014&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2361&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82259
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:45 GMT
x-amz-request-id
2BXJKKX2RZV89N9D
age
67
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
WyL2v7Y6tMjGZIwQzTqLEakrV0fvos6RjsnPZZi2oiW+JmOnNuMfVUBcREdsw9/uoKeZa4qMe/Y=
x-served-by
cache-mxp6938-MXP
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1698982305.024955,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
60
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
12
3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3747e29d91ed5c62dfdc5cb7b81a2e326fc7e4b913182ece229d1728c111bba1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age
732324
edge-cache-tag
399188960726298103335710303397794594010,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
399188960726298103335710303397794594010,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
499
expiration
expiry-date="Sun, 15 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://cdn-af.feednews.com/
content-length
113738
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100068-IAD, cache-iad-kjyo7100068-IAD, cache-lax-kwhp1940059-LAX, cache-iad-kcgs7200021-IAD, cache-mxp6938-MXP
last-modified
Thu, 14 Sep 2023 20:38:15 GMT
server
nginx
surrogate-reporting
width=1194,height=896,bytes=194325,owidth=1344,oheight=896,obytes=2077089
x-timer
S1698982305.047610,VS0,VE1
etag
"7045c07b5ea463fb33744920e816db98"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 1, 1
3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c9cc2a537f72c0114b491a9c17fc05c7de6b38ad22f314376ca68d5bca37b0c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age
2655532
edge-cache-tag
399188960726298103335710303397794594010,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
399188960726298103335710303397794594010,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
402
expiration
expiry-date="Sat, 14 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newshub.co.nz/
content-length
63822
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000077-IAD, cache-iad-kiad7000077-IAD, cache-sna10749-LGB, cache-iad-kiad7000105-IAD, cache-mxp6938-MXP
last-modified
Wed, 13 Sep 2023 05:39:32 GMT
server
nginx
surrogate-reporting
width=1344,height=672,bytes=154205,owidth=1344,oheight=896,obytes=2077089
x-timer
S1698982305.047628,VS0,VE1
etag
"c317022981eae96b91711fdcc49e9a20"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 4, 1
498e920f33659777edfcff7c654bde60.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/498e920f33659777edfcff7c654bde60.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a87e831ad576606c49105170c49d0a6894aafff4ce59e03112bb13e2704e199

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/498e920f33659777edfcff7c654bde60.jpg
age
2568441
edge-cache-tag
462319851651903981603033377035487474661,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
462319851651903981603033377035487474661,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
151
expiration
expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://revistaforum.com.br/
content-length
8526
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100112-IAD, cache-iad-kjyo7100115-IAD, cache-iad-kiad7000037-IAD, cache-mxp6938-MXP
last-modified
Wed, 06 Sep 2023 08:31:09 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=1000,oheight=804,obytes=154987
x-timer
S1698982305.118361,VS0,VE1
etag
"ccd58a051aea0e26f72ba080a4cf7120"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 651, 1
2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c131b7d7074657a3c6b3c78070b555c08c806b6aa112b5eb079adfedf01285db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age
2967528
edge-cache-tag
495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
115
expiration
expiry-date="Mon, 16 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.com/
content-length
27248
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100039-IAD, cache-iad-kjyo7100039-IAD, cache-lga21930-LGA, cache-iad-kjyo7100043-IAD, cache-mxp6938-MXP
last-modified
Fri, 15 Sep 2023 21:01:09 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=41106,owidth=1000,oheight=668,obytes=535178
x-timer
S1698982305.118343,VS0,VE0
etag
"4da26575e1978428f0b62597ca689e9e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 3477, 5
1b89571e30ee96b84fc2a3b271e0e3e1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b89571e30ee96b84fc2a3b271e0e3e1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c9169b48ae3a92bb08e40190308a42039a56af231f5c14458e4287e9bfb277a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b89571e30ee96b84fc2a3b271e0e3e1.jpg
age
656316
edge-cache-tag
551685138355279341766625047573963768772,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
551685138355279341766625047573963768772,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
185
req-referer
https://www.insuedthueringen.de/
content-length
25170
x-request-id
ea3cf1b8d7a857a9230932e288a325fe
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100164-IAD, cache-iad-kjyo7100164-IAD, cache-lax-kwhp1940082-LAX, cache-iad-kjyo7100050-IAD, cache-mxp6938-MXP
last-modified
Thu, 26 Oct 2023 07:57:48 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=55786,owidth=1200,oheight=800,obytes=107233
x-timer
S1698982305.152152,VS0,VE2
etag
"2525230e551bedaad907948246f90691"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 64, 1
d7f78446-51b9-40c6-af7d-e46ad9f0a888__VUe8wmGj.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d7f78446-51b9-40c6-af7d-e46ad9f0a888__VUe8wmGj.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4e867a01f5bb9bc9563b1ca370b4520f6f5c870698532ca27cb74bf50341ac0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d7f78446-51b9-40c6-af7d-e46ad9f0a888__VUe8wmGj.jpg
age
2674859
edge-cache-tag
489727138580025332010196959511015963585,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
489727138580025332010196959511015963585,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
113
expiration
expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.handball-world.news/
content-length
8834
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000033-IAD, cache-iad-kiad7000033-IAD, cache-lga21958-LGA, cache-iad-kcgs7200020-IAD, cache-mxp6938-MXP
last-modified
Wed, 06 Sep 2023 23:53:25 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=2000,oheight=1499,obytes=146460
x-timer
S1698982305.152426,VS0,VE1
etag
"2f635643d069658f2bef41fece432eba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 17, 1
8b563647ba25060e69e2f71b35297de2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d5f2d6e22d3ae659a498f7ba6c45f01556a8b02d3b10b25c07d6f7ca75e8e48

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
age
2683844
edge-cache-tag
469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
102
req-referer
https://www.recetasgratis.net/
content-length
16590
x-request-id
89339b3cbe998ab0ac66a9f90300ad49
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100020-IAD, cache-iad-kjyo7100020-IAD, cache-lga21982-LGA, cache-iad-kjyo7100167-IAD, cache-mxp6938-MXP
last-modified
Wed, 13 Sep 2023 19:24:41 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=33477,owidth=1344,oheight=896,obytes=1243876
x-timer
S1698982305.152428,VS0,VE1
etag
"ff39c8a01202a06ef26c0143701091ae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 0, 1743, 1
3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
082da8d20ae0f8d1198c2975e3bff3cd785f9d26d0eac584c7f2bafea4bae4f3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age
1941265
edge-cache-tag
399188960726298103335710303397794594010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
399188960726298103335710303397794594010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
311
expiration
expiry-date="Thu, 26 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cambridge-news.co.uk/news/cambridge-news/travel-warnings-fuerteventura-gran-canaria-27893835
content-length
78452
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000056-IAD, cache-iad-kiad7000056-IAD, cache-lga21940-LGA, cache-iad-kiad7000055-IAD, cache-mxp6938-MXP
last-modified
Mon, 25 Sep 2023 00:25:33 GMT
server
nginx
surrogate-reporting
width=1344,height=746,bytes=180789,owidth=1344,oheight=896,obytes=2077089
x-timer
S1698982305.158111,VS0,VE2
etag
"78dafeacc64b6b97989b38b48c90a6b1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 13, 1
1b89571e30ee96b84fc2a3b271e0e3e1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b89571e30ee96b84fc2a3b271e0e3e1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
76d0d15688f66a6512490a49ed6d0189d568c6c7c421c1b648aa06173cac3300

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b89571e30ee96b84fc2a3b271e0e3e1.jpg
age
675236
edge-cache-tag
551685138355279341766625047573963768772,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
551685138355279341766625047573963768772,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
307
req-referer
https://www.sueddeutsche.de/
content-length
28148
x-request-id
bfbb2e71ce64053cae7af4c5e6f81c44
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200177-IAD, cache-iad-kcgs7200177-IAD, cache-chi-klot8100043-CHI, cache-iad-kcgs7200031-IAD, cache-mxp6938-MXP
last-modified
Thu, 26 Oct 2023 07:57:50 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=61583,owidth=1200,oheight=800,obytes=107233
x-timer
S1698982305.185701,VS0,VE1
etag
"473ee0d94864c44c6f6267c261aeb58e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 5, 1
498e920f33659777edfcff7c654bde60.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/498e920f33659777edfcff7c654bde60.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c6321cefd9bbd7220eb910f67bbbe1961084487f50de40a089d8d5d8fabed249

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/498e920f33659777edfcff7c654bde60.jpg
age
3819226
edge-cache-tag
462319851651903981603033377035487474661,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
462319851651903981603033377035487474661,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
296
expiration
expiry-date="Fri, 20 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.milliyet.com.tr/
content-length
21866
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100177-IAD, cache-iad-kiad7000169-IAD, cache-iad-kcgs7200061-IAD, cache-mxp6938-MXP
last-modified
Tue, 19 Sep 2023 07:16:50 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=49200,owidth=1000,oheight=804,obytes=154987
x-timer
S1698982305.185853,VS0,VE1
etag
"c7d72e69bffa3d2d49fed6ee227c9a29"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 182, 1
2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1f092f6197eacc2363e809fd2dc07638f8a9859883130d144ca74903027b870

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age
4385884
edge-cache-tag
495917111911929012461748354836139372250,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
495917111911929012461748354836139372250,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
243
expiration
expiry-date="Sun, 17 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.orovillemr.com/
content-length
93950
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kiad7000068-IAD, cache-iad-kjyo7100020-IAD, cache-mxp6938-MXP
last-modified
Thu, 17 Aug 2023 04:36:39 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=668,obytes=535178
x-timer
S1698982305.186511,VS0,VE1
etag
"fd2cfe471f8e594719367f0536a90b0a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1058, 1
container.html
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC3A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:44 GMT
expires
Sat, 02 Nov 2024 03:31:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame AC3A 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 01:34:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 03:31:45 GMT
widget.js
widgets.outbrain.com/n2d/widget/ Frame 2369 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 03 Nov 2023 07:31:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 2369 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 2369 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:48 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2369 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
143943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Oct 2024 11:32:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2369 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame AC3A 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 20:49:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
24120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8796
x-xss-protection
0
server
cafe
etag
1225823381704108053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 20:49:45 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 02:48:19 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2607
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Gbo15AQ1jF2oFlQfOJi3x9DZVCxODZhUJ8G36JHUoV2B4fq_XIrfkQ==
playerConfig
socket.unibots.in/website/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.104.206.52 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-104-206-52.ip.linodeusercontent.com
Software
/ Express
Resource Hash
6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:45 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
3737
etag
W/"e99-DlD8MarDyco2rkZchfDXSV4nBa4"
content-type
application/json; charset=utf-8
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2533
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FazoBA7k5LUyiwq3LZeaYXhTR8quSRNsua%2FHy2Lx9JZApbvyiBoFG5HASPU9b8TstxUQpg6ws1HcV8QSBcEuSSzZ1rNxLbTx0ALLlLtb6AUFwUUR2dw61p38i9vM3vN7djElDXtXC1UeBe4dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
82018bcfdd8d3b5d-GVA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e91a25647d0ac40582377200ea42f12969ae4f73e8fb8d5ea15eb9d4169a54e6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
next-up-widget.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff50c1a50cc8fc3493ed21f3cbf9fa572cce75af3baf98cb081bc6b5a0f61d22

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0t0Ww6wSvVNNylsnWLNrgi8i0lDT3Mny
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:45 GMT
x-amz-request-id
4KRBWT5JF14N1YV2
age
61828
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4622
x-amz-id-2
K7MVapjGd9T0oxtHzBo+3GkOFZHMmj6rNJWQlJlZVhaP6bYthFTcJG/xYgqMZthPF7V8Ih3W5Uo=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:12:55 GMT
server
AmazonS3
x-timer
S1698982305.266850,VS0,VE0
etag
"b380733a896440a5ecd531a4cc5702aa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4419
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1089%7D%22%2C%22eventTime%22%3A1698982305260%7D&tim=04%3A31%3A45.260&id=1034&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A31%3A45.279&id=2676&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/ 		20 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 03:21:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 03:31:45 GMT
spa-detector.20231102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f73ca3ca5aa08959a088d050b97134eaf9384499c9e354bc69b237404b03026

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
H66Q7jPMtpcrGFGt6k3.1w1D_cBdvCGZ
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:45 GMT
x-amz-request-id
4KR0BZ2JXXWHJB2M
age
61827
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
778
x-amz-id-2
2TfmmLYCyvdLpKutZg+jax2WqLFCwoN8l+gnc7kyq5sfLoeSKb34hLy6vnflr6m6HN5FGzslU1A=
x-served-by
cache-mxp6938-MXP
last-modified
Thu, 02 Nov 2023 10:12:49 GMT
server
AmazonS3
x-timer
S1698982305.300106,VS0,VE0
etag
"71b706780f839d0c2cf277ffdf220737"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
92
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
52432
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A31%3A45.284&id=883&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1698982305286%7D&tim=04%3A31%3A45.286&id=1020&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A31%3A45.288&id=7452&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=13623&lti=deflated&ri=920867a262edcf53af6f30f80dba6af9&sd=v2_2707c44ff582b940335805e2fb449684_14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20_1698982304_1698982304_CNawjgYQ2YJdGJa28pm5MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&pi=/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&wi=-5152418893311810643&pt=text&vi=1698982304534&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1698982305289%7D&tim=04%3A31%3A45.289&id=1661&llvl=2&cv=20231102-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A31%3A45.301&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9744&cv=20231102-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82587
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.10567747799228511&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:45 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3389567392143493&correlator=3423096872105616&eid=31079343&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&arp=1&abxe=1&dt=1698982305361&lmt=1698982305&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=65000381.1698982304&ga_sid=1698982305&ga_hid=1523756064&ga_fc=true&dlt=1698982304172&idt=318&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_20_0%26cluster_reporting%3Dchrome_DESKTOP_20_1_active_0%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.05%26hb_ap_adid%3D75c85cf12d43954%26hb_ap_bidder%3Drubicon%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A77b0d662e4857e4%26hb_native_image_appn%3Dhb_native_image%253A77b0d662e4857e4%26hb_native_body_appne%3Dhb_native_body%253A77b0d662e4857e4%26hb_native_title_appn%3Dhb_native_title%253A77b0d662e4857e4%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_20_0%26cluster_reporting%3Dchrome_DESKTOP_20_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D91cf2c4a594c9ec%26hb_ap_bidder%3Donetag%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A78cefdfa8b8f997%26hb_native_image_appn%3Dhb_native_image%253A78cefdfa8b8f997%26hb_native_body_appne%3Dhb_native_body%253A78cefdfa8b8f997%26hb_native_title_appn%3Dhb_native_title%253A78cefdfa8b8f997%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_1%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_1%26faid%3Dfalse%26adro%3Dv8_c&adks=1420297610%2C2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb5fa5f53afd2af25112e83ffe0034e828f98cfbf0eb3ffa65091f62c118ba11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19739
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
creative__300x600_previous_gen_widget.css
widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/ Frame 2369 		482 B
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/creative__300x600_previous_gen_widget.css
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 03 Nov 2023 07:31:45 GMT
date
Fri, 03 Nov 2023 03:31:45 GMT
last-modified
Tue, 22 Aug 2023 10:30:49 GMT
server
AkamaiNetStorage
etag
"9d8b870db69e4f578fee693ff233fc33:1692700772.366871"
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
482
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 2369 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 03 Dec 2023 03:31:45 GMT
date
Fri, 03 Nov 2023 03:31:45 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
writeStatistics
stas.outbrain.com/Stas/api/ Frame 2369 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stas.outbrain.com/Stas/api/writeStatistics?p=R6QWPzXmyj5uCf7z2ZEBzelVcpvjA239wAseajWxHWtc9z_DV6YLsQ5LZKvFF5tl1eAvYt49J_xIVNgvLvNsc1Ce5DvVYjj90WnmBsEiVZZVsB5qI1lqjgJbJO7fYnzj-lKZOasm3HQGh1QSvlu0_VpS9nLYYNvMtLWv3FC9tLVzOFTPeOUeY3GvImKALzkIMIWqHwXinm350QdrYkxHrlcHcJlo6lX8L3JEpNh4hJWcEgZbfTq_igqCnVqonoZBplakacdHTt4I6lqAl7aOuqzLY9QEnA5pCicTwd5cqJqiWKtpgD_mA9x8YdZP3parKqEjZftaG5MnixRc3Jh6ZCRRls79PB3vVJW11ms4xXp8hL0NLP2NIGX4sI62cDI8FTUaUaLZx7rNdBIHxcRC3PR0kfXMFEvyQH45mHuUNNkxni0428QzApUSa4KK60tdQV7c-qYNJWlcAFRpwPMlR63Ud_ftJC8XEGdUF6tVPA70FhAGOEm5pWAZuvzxyu3KfuCU3VSJpczyjG67C2gWE4g7LdK4lXih_M-6Odyia9ZptYxWWVYXY7f9OSF6sGPNc0ub4UOrb7Ami-bcTidb5VWj6NFxr5aEMEPQOOKgnZLLyWhuGGd2-QJNqvH4sWFgM0O8pLyobbuAgpQgQ7hCPJWHVDm8xAebBRfVLMqXo_vsY55ME9kBsgOlGIQFOq9a&c=bf9397f7&v=3&deb=9748573
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:45 GMT
Cache-Control
no-cache
content-encoding
br
Connection
close
X-TraceId
ef6ce0a6bac505ba3e529621bea4c4f8
Content-Length
49
Content-Type
image/gif
/
b1t-eudc1.zemanta.com/t/imp/impression/GQJ3G4BQX7TW36ATLZTNGSNNFEQORGHWVCJDJBG3FQUOQLRP5BNYTOMANI3MDQBLNCXSPLUKTRXS6YTP7ZZFVWMUU63X4KCS4YKR432INXBOOGGGKE54WI2NNAVELJPRWLWBTPJCL6AZCBAIX56NNXVTSZ6HOV... Frame 2369 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/GQJ3G4BQX7TW36ATLZTNGSNNFEQORGHWVCJDJBG3FQUOQLRP5BNYTOMANI3MDQBLNCXSPLUKTRXS6YTP7ZZFVWMUU63X4KCS4YKR432INXBOOGGGKE54WI2NNAVELJPRWLWBTPJCL6AZCBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NPPVOJYF4YZ6Q6Z76P2BRAC5DB7C3GHMFHJ2INW5EWFF3CL3LFDWHRP2B6NIG3JIO6NA6IFYS5IF6X5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWKBEPKBPX62XMD6JVOMUTCOAFG6CHRHJ3KRKSHMMQUDKHWYFM7QBW2FG5FEP4BZNXH5C5YCNHR2HI55FAPF42SJJY4R/?
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:45 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
pixel;r=588231373;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html;uh=e51ed67dfb8d91dc24...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=588231373;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1372460953-1698982305226;pbc=f75623e7-d21c-4ffa-b6a4-588a4e97a5f5;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1698982305394;tzo=-60;ogl=;ses=3ec102f8-e5fe-4436-8fbc-399b4c542e47;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
903f3e48e49b21836bcd03e2636a90e04849493fe08efb777a183a571ba79a00

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age
240827
edge-cache-tag
399188960726298103335710303397794594010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
399188960726298103335710303397794594010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
63
expiration
expiry-date="Fri, 03 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.bg3.co/
content-length
7190
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200167-IAD, cache-iad-kcgs7200105-IAD, cache-lga21980-LGA, cache-iad-kiad7000105-IAD, cache-mxp6938-MXP
last-modified
Tue, 03 Oct 2023 12:20:21 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=10246,owidth=1344,oheight=896,obytes=2077089
x-timer
S1698982305.424369,VS0,VE1
etag
"f6113d02fca7e1ee5f6e84932d9ba725"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 0, 1
498e920f33659777edfcff7c654bde60.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/498e920f33659777edfcff7c654bde60.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f00526324216b6d91576e96796f825de7e1357a4f48061dcebfc6aef4f2f64b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/498e920f33659777edfcff7c654bde60.jpg
age
1950444
edge-cache-tag
462319851651903981603033377035487474661,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
462319851651903981603033377035487474661,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
94
expiration
expiry-date="Fri, 13 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://dialogos.com.cy/
content-length
4260
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100036-IAD, cache-iad-kiad7000171-IAD, cache-chi-kigq8000173-CHI, cache-iad-kcgs7200079-IAD, cache-mxp6938-MXP
last-modified
Tue, 12 Sep 2023 12:25:47 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=8029,owidth=1000,oheight=804,obytes=154987
x-timer
S1698982305.424353,VS0,VE1
etag
"49ff79bde920d7e76dc85222f606f7fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 680, 1
2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72e314452d2ce42e199ea761b1fcce05c12817f36ebcd868801a51dc1fd284fb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 03 Nov 2023 03:31:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age
2681675
edge-cache-tag
495917111911929012461748354836139372250,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
495917111911929012461748354836139372250,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
62
req-referer
https://www.usatoday.com/
content-length
5348
x-request-id
077ae4a6fb67dcdff3230c8f96ccccf9
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200179-IAD, cache-iad-kiad7000078-IAD, cache-chi-kigq8000146-CHI, cache-iad-kjyo7100112-IAD, cache-mxp6938-MXP
last-modified
Tue, 26 Sep 2023 23:04:33 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=10382,owidth=1000,oheight=668,obytes=535178
x-timer
S1698982305.425445,VS0,VE1
etag
"baf6759a169ac17b06948f44bbb78a81"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 29, 1
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame E69C 		714 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
9952
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
82018bd2cb6d3b52-GVA
content-encoding
br
content-type
text/html
date
Fri, 03 Nov 2023 03:31:45 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ph2oMUpsNT2myhizLNXGcyR5A1GgiY8c4Xp6UugsV3Zih9sUZLMHhCUn9l49CSE%2FeqTCzITCuH7wXosPdHXzg1RCkHa7oy%2BmgRVwUZ2b3v0HRY%2BpPPw8%2Bw4lMONmn9CJMYmoTCHBZ7jIV%2Br74Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6BD5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Nov 2023 03:31:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 03 Nov 2023 03:31:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Fri, 03 Nov 2023 03:31:45 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 88AE 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46f52ab934281d42dcb5d5d138a989a5ccb8634823a74e2b8fc9e1b129d4d775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10261
x-xss-protection
0
server
cafe
etag
3415638646323961304
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E69C 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd57b824842433d6ded041bbd6cad0bae15b9579213c1c8089663d6087086bc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30716
x-xss-protection
0
server
cafe
etag
706 / 19664 / 31079371 / config-hash: 8628985261000830790
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
container.html
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 57FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:44 GMT
expires
Sat, 02 Nov 2024 03:31:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:883a:48dc:4b0f:3957 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame E984 		267 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWeKpRA0SHbGIH_2P4QpeyRPRLI-oj589xUOpLJL0XL3uYuLuOWDn28XTlRVivqWf9K9ACRYe6qYFixwL3tfHjptpdq8w
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5457 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
r62eglto.js
ad4m.at/ Frame 5457 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1752
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgFDYOakI5veN%2F6z7S%2Bpsuh3q%2BWmzc6DV1M7TQ77YFcQyU4fqsrg8wZwbGC5U4UCGJHb21k4IaRqIGEs585tBqO%2FjihS358yWa8faf%2Bs5yy8LH8a4Av%2FgMMBgv9M71LYEmcAnqY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82018bd3dc0d3b51-GVA
alt-svc
h3=":443"; ma=86400
expires
Thu, 02 Nov 2023 04:46:21 GMT
48fc5946-6d55-4797-b2ad-82003200ca3d
a5156.casalemedia.com/impression/v2/693656/85/cl26j880q84qb8ccs3cg/ Frame 5457 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5156.casalemedia.com/impression/v2/693656/85/cl26j880q84qb8ccs3cg/48fc5946-6d55-4797-b2ad-82003200ca3d?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1698982905&profileIDs=&creativeID=18d3693&pubID=189372&format=banner&channel=site
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.70 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:45 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5457 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-MgY4GitwLWbpzXnG0ao0YKg629ooDchn2rRIw9NCoOa-Q2GGoz0CKJYN33hpUefDRB1WbPSF5oIVpjEv5Eqfrzhuc9MfUJDkRzD5ppkptvsEf6U
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5457 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12689829192710861556&x=13&ct=77
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:883a:48dc:4b0f:3957 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9zaGVuLW1vdS15dWFuLWx1LXJhbmctYnUtZGFuZy1kYW5nLWNoYW4tZ3VvLWNodS1zaGVuLXdhbmctemFuLWNoZW4tcWktbWFpLXlvdS1xaS1tYWkteW91LWtlLWFpLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS02ZWQyNjgxNC0wNjc5LTQzNTQtOTU5Ni03MTk0ODBjZTJmMTAiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJyZXNwb25zZVRpbWUiOjQ1MCwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiaXgiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5Nywid2lubmVyQWRVbml0SWQiOiI4MmEyYmU3YWE0YmNkYWIiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMDB4MjUwIiwicHJlYmlkQXVjdGlvbklkIjoiYTRmNzU1ODUtZGViZC00NTJmLTlmZGQtMWI5MDkxZjJiMGQ3IiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3869.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
container.html
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 212C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:44 GMT
expires
Sat, 02 Nov 2024 03:31:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C084 		478 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNU-wPa_Qn8cvbiyrBBrwZQdMoJQ_T9oQ0TVikFe7zggwcVb7TeIKPscIRYycOm1fkILBjg4GRXwD7QJeA2VphwW32Q3Zw
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 57FC 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57FC 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARD9JEoMwaejHDH8C7mAIxCXJAMTkrgdS1-qznU8QqrvLYX_n8s9GuwWHS2A1jGET1KcsFIkGfAacyi1oCQqQibAUMpnMKJm8K-r51_RZt-TDuLaM
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57FC 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9903877684605801275&x=1&ct=77
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame 57FC 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 57FC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CU3s-oWlEZcKrGejDjuwP9_a-sAfJgf_6c9H-nLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn-IY82-KxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp_yuHAHYenXPSH8TEMH-58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE_oz0DopQ_KA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry_dzCyRuKp665oR3hmrbOHEBdHuM2_unLpc7x5scOoM0da4sms2SiM-Pbzghfrs85ZI2LWNdy72eHx-kCLb8MROtEZt_tCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE&sig=AOD64_3d5P_i-fplZNn6D9vHmSCOdq8Rkg&client=ca-pub-8933329999391104&dbm_c=AKAmf-DTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4-Zor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK-tiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H_wYQ&cry=1&dbm_d=AKAmf-BisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz-PsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0-g693QZs1rvDEYzkfMfm8R-yMRCAnWIRJNpwCZcjkUEnfYtrnd-UTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU-2Z8x5ZmCAKxf5Jf2NlNDQ-0KC7xVDWlgPMc_9hgxGaB2tELautLKSqRHy2ReqBOvw-PrhVNQGKJnIO83S3s2GdUmJ-zcwCT3o-ItOAW8Il_dwxh_XIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN--roTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ_b6ygKtCg-KrZk_pkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc_T17pu60F7tuBmHVce8e-8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM-mECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH-odRSIBNJ88GwGfk&adurl=
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
0237aee8bb3dae5aca75f9ca754657eb9316ffb44c6101afbc370910c284e21c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Fri, 03 Nov 2023 04:31:45 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 57FC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 57FC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:48 GMT
l
www.google.com/ads/measurement/ Frame 57FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsN7oq7YyMFezvOmaa52O1j2I8wlOHxXKO4zOv7t6G6NukcvlsOi2inlZQpRcQitBgAxM9qmtR1pCUyQSoZ7sPBrOEPA
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 57FC 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9462 		611 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNVlG3e-MtONDnvQkv5lBCkt3ZkUoOgrA_Emfx4STM67AAUs93sjXWs_c9OHwQOBAxucEG4k8h2_FV1BtJRIXaZ560Hl8A
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 212C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 212C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CR2OWGFuc0NGKdzwnH9bZb9AeniNK4hCD0jfNKLHeIEFJlqdB8werOVskx35KR5rIMB1jON5TVvOeMsGCcsXaxBvd0Xkc8-JzeKsoGLQt_FMcipio
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 212C 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10474873840945219562&x=1&ct=77
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 212C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 212C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:48 GMT
l
www.google.com/ads/measurement/ Frame 212C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpuY8LwQzETZpaHORpO6b4sqTLuMlwGUujdvwf6VoBqzCa-1YhvBOlZGw9hBiH9p9Dwmn2vaDpoZ0FoJv6w32XqES1fw
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 212C 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
L2Evc2hlbi1tb3UteXVhbi1sdS1yYW5nLWJ1LWRhbmctZGFuZy1jaGFuLWd1by1jaHUtc2hlbi13YW5nLXphbi1jaGVuLXFpLW1haS15b3UtcWktbWFpLXlvdS1rZS1haS5odG1s.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2Evc2hlbi1tb3UteXVhbi1sdS1yYW5nLWJ1LWRhbmctZGFuZy1jaGFuLWd1by1jaHUtc2hlbi13YW5nLXphbi1jaGVuLXFpLW1haS15b3UtcWktbWFpLXlvdS1rZS1haS5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 02 Nov 2024 03:31:46 GMT
date
Fri, 03 Nov 2023 03:31:02 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 88AE 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
491084d822ce22e4c60b29f8226b3655afb7406709e7db51aae0421256464562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51990
x-xss-protection
0
server
cafe
etag
13278321890732247705
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ Frame E69C 		425 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 15:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
44811
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136288
x-xss-protection
0
server
cafe
etag
17302374607849014435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 01 Nov 2024 15:04:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5457 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4392793954354&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5457 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4392793954354&version=m202309260101&ct=77&x=13&cor=12689829192710860000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5457 		32 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGFC-D6pe9GRRcL1BVm6tyL0BCJKZxohti0aAKYnk5Ie5jfFfe5G535Bp2prFOLct0gZJuyoOg2ZRLdhxcDighfIqEUE999P8pQ5v9uuLGiwWeK5MH0L3r3J4gUTErCKqhtsSh-wbCRilVvteFmW-NDYL5xQ&cry=1&dbm_d=AKAmf-ACOhdIE06gSMbOb-bECF6TpkmF245Xq64eElhzdfJANcfAz_uTQQcRtDkCvrRdJ1Jvjg8I09aW0SxTQG76QZyLa61uGXNjb9ScKlfUNfmblMemkX5ccaqTAqMc3zzorFVf4cPTzp6PMZko-uNaW6OgGVIFZpGv0Jtci9kFWBhGINWZ-zxCGFe8bp7Um8UVNbzxBS03XpNSQireAty2Q0czl0aY8ts9JkCsUXe7V3pvSLyuehxBn-jYfy4Mn_K8aXdHsO8qXzhD-eIkKOlG3xq15VKB271XyzhQ0rtZq-ZuZxWd2viY1SwI6RsGWi-DvhgmiQfCRbjHRv7tEiBHVkBOp9tGun8V0qAX6_p5OoicsVyuh_TmElIWXPQxJgU3q9v_jzph7OFZZh3MiBIYtKZcsO0iqAPgXqZLnkHWkI6YuriatWlO-XtUsbEZNUVGFXRnvaubT9M0hEfCB1tzfDxDCyJwh2NuudHE1QKjHAfaDf33PXXbeD7PB28yuCebUiSVA6S8BfA9WYA7JsrZwNxZ7XhCDqETJVVCL9mZ-lFJ34Ot1Rd7KK-kLKpfcvQf7XSG3adBZEBRbdDwLasQlCJazSb55Pq3yQQ75zBgdUFyOui1NBrLaZ-bgYqWjN_Slwn9zI0vrNUHOMq59ovCSFBI-Dn-oD-HjYqr_7bGqdP_gF13-tQDZ7cYXBiMKzcoKhQ1YtII_ll63PSk8RNkr0sGEOBBYa4Jk3VCRj52seEg_8p6R791-w7v-vDvbRlzLMSJU_j0ASSymkB37ZEN64_vpW6cc0vLw8nH8kU9lDfD0CMLZBjYdRdf5A0gy8lXGln98Z8ZyFXJKyIxTbiXAFSoBOfmb7ZWy7EcqDX5exLwF7QPHZn7M5Y5PygCIXadK49SmtXrbAsdAkga82BXaFMyREccnOgIBbd7kbCnLnV0D3fRMgR5JG2rshhBWkyoERbtTbf5R3iyp3kSsv70K9qABdRrbMLGzWcdhBxWMZSBSJt2N474oDet_Xwfh-qN70KWyGe4eUaNY9eq6uPTGW6IMumTHrb_sQis1bBuYLIh-OqOodMxw2Ey2n0jPVPGtmXhKTZnU9bfFVonn01NIz7ugnM1Z4wD5sNK9BWGYRhk4iVmw2avZo_OqpBrD4shQZkgSZhlh9SSPgAvuQ2sY69d_TizVZTGdkfFesmkKP92zu7sPIyMPicsxyIayLc9YdRTfcf5istgqcKlZ7lJO1eT52YhykgmsdYWD4ZEnZM4wGeJiXxkXpkl8fZCBwXDHe_wJ8uZ6N9JONGtNjE4WHBp1jFj-K1SJaZL97gCk1P6Dlonc5E26tEILpnWGu8yLfTcFbNkr9dGbbsrLlVn9ZVJS6hHOitYN5f_4qKoZLDN9odNG5uhVwnfxBorVrAYhoSmi-DJOujxt3GqpTGiB1C0mZx2CDl_4r8pQ4cL_ndFnkUuHOWxjRJ4oubLaiDB7vINF-8UcyPhpkG6qaHfQ6gQZaBSnU35kDUSTsCc-ajYJMhvDkSE5Te8LY_-H3siuCfTGfkTWYNAgz7NSfydxwEpFzitzK4fT24eYpmgZGXU3LtAL5PkCpkPRyQAOHto-Hb5KFx-blEbLqKi_8RdFAPf56xfjqQFb-Yu_n2Ms_-aNgPcDShLgbzY3SZBtoAsYXUS_y1e3BQcEz74Lto6lvWTEOM5xymdEO3wjx-IprlmmO56be-Lxr71HTcKTM75UpWANC6ePbGMPV2boNNAxgTcoT92zgwEH0NO69p8EZJgdQuoGKW3c8GcAo81oBP5BORWHOBqnEeDIhzOCCMTCwXyBgA2EaHW2EdHwRfr5BaZxnppACVJOm7aHx9IQJJA1ypFMQsV2xrs5mhRVrX8_q9MzKCCCjL4XCGc1qmtMobTNeU1VdGDyIl6DSC6DdJyfw9bIjwQcqZx8xAJ6_wIV0P0fXCUgo1BajqgjQrJ4aToF0ZsE4VvMek3cb8BjUkr80GAv06-reqIJH14oaARcWE5OcBXOkNNWeeUt5GKi1lUE_QCPt8rJoJ_0YN8t-ei75W32gd63fGS4o6XfeSnk8IFBPNx0fyf1PG2MGGZc25cDUu7-nmUQlcdx9SW5kH1JAWRsld6d8N_vymeLV5t5uehiwDoPfesgClw3xWpmqfIqCq44yTqg3JHPqHVc-hcqtoZj0NHl0iQF-Kv4vAL59ziWt5M3mz-mjU3SIV8-kZuowvBT3cLffu1eAQwES21--tCU9_RkEKBN7y7DWVrOf4Ga2no7zy0BF0hAQQ4dqYN93tOasmhyf1Ksc9CLg0a_w18LVPTfUJoItX4FbMNEsNjynIb5BuWYyI4xQ-qJGs4lmQFMXzP_m7Gn2ljnrVFeuNQf2d_eVmTLW7OpuBgCSFdcoN2Zojr_zqAUWeW2gQ60yyMoh_zLENn1745OtPRrd_7oi_bJxjfDeNp1jWEuYGd32BOQMgjfc66aNFEXrKI89ZIcUzL6cG_sUno3kot1ybARI0jfzC0nFbYICnKJeg6Wp4OVrMBkwBMeb-UkZ4oAI0Xu-Gv3p_NMj45cvPA3FgbcbBVu2qlPNOtAOQQjLZfK-EA7ieb1nEiFjlrrO2cKAn1JC3fWyqGQWIyVAd_iHRogaAlsfr62Xd6jIyjuTGOsE_B878bc852nalhKXie3iW4ZjM9RSaSlkETq6rHYTjsUj-1NNVBa1Kmw_xUb68QGKWIcNcixEw_3l74WvxtqwnMeBhZQ80VE4bL712EGj2lleKOtBroLQrKo1Vc_Tmc7xtSnTf2FrLAIjXauqKOkSua49TzmePFDwxeVxf55ZcjULTZC1_55tmNSl3QjgAkZidNcqt9oxUpxkE830aNYDGuPpmUnG_B__FY4ZrQTol0Oez61weVSLZ1l3uTwSqkBvOT7EtDOWUQwFS1YK5R7XDsjDFzmq3l-yZzfdl5IQY2EQhiOqwJmuKP2h9bAokuLvCdAwLrUvi7obClU8K5wy8JcKq9PkwOsE9zyvnCHWrLMoDw_zDRLRu_PVaqvwuspIckx5vMSI6t1F0vRmyxaIhbiwwp-a0vaXqj_2kGXfVxGA2AVJEJCo3YiyMH5yehTmG6GaR0b0r4ItT69dqg3QGz_YqHbaZXcSjwUEW5R1iSMKJ-QtEW1WBmEEmV_bKu1BluK7hpyXDM7ZksSuaPPL2XxtX5983Zl5m8VeoDaMjegY4_wmSjMsl3zoP1G67WgdVm2n9zkQAnr54cFgg47lvAXFI-LU0hm_7XjA1jbpELa8ESE-ewfUEx0dXd8PkoovB0K5q70_SR6WqkQSCALOlkiIZ38ZE4JodXuspR6FS3QBj44rUZvnyUPdPqP_e4xYcjV97ZQqRGRcWkt274h9afLX_gj64qrXmxZM4h197ryumETK8md_RjLpDor56txCydatGQ6w33FniGuxypgd65tMHGFyfooWQ6IDRWM3Q4hBsdu1_x9wSGBVtlhS8MUwysvNWQulf--8LU3djVDosfpgQSTZpsaWUQNPPWEtnznictf_S9P8L5RCVH_E99RgEnHRL23Dxdu_lRTI8kVkxBb2YfsGOelqh_zVD7opzhP-RyppBfnezdf-H52FdbtU0q3zNtTg_aQv-PETfaVtrf56BqnBUyY1cb_sbMB2FrVxUEJbw5BkYIffd7P_Nqhn0_6JUT_nZsbJyr2X8eV0lBX8c&pr=13%3AZURpoQAAAAALIUufkosqh_yqzXWs_AHdy0-jkw&cid=CAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ds=l&xdt=0&iif=1&cor=12689829192710860000&adk=4027077851&idt=89&cac=0&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4eaebe517808424ce52a9626a6b2f37c7246c5aacd2265e6c98076552515c21c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19012
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57FC 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2986441337857&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57FC 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2986441337857&version=m202309260101&ct=77&x=1&cor=9903877684605800000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 57FC 		30 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bq-lS6gB413R4MoTudPUgDXjDgQErUhgJmqx9Mj9knqz29ybPNlvONuY1D19Ujg4a2ucsY-7-1QFAyeeMancPpFQwiuI5Q_xXQdFWia2UoKstgQT4TwpmUfrBvF54vVAQ54qYYpK3X48LvyCuIPVvYoJKNi4PNDofhd88ZMsjyyHlshXE&cry=1&dbm_d=AKAmf-AuZ5sCYgvlICjkCmui2tmRrIUvQyJwJsp2OkZUbnr3SdrbC2uhIe8g_UDdYNf5tWWQfs6h1mr2V_llOUwBy4T8I8k5B9ja_TibakiswP3K0p4nj4ZSK_vNrAhvvkZ975xV6ZmtZdW_WjFsClX6oRfzAcp9l95KSl-EmZJF478pYtwQ5GUk_C8hL7JYO8g92eWjaX5K4jGe6HglSifA9eqx2fz3dy75qUzHDPIdh4znoEmnDVPIHOQK2nd5C7RED9NCSdcmMUCCjPocasbgbiA7k0F74LyE2XBafvJMRHJ4duqYOTYtmL6h8sXkaGj9T7Y_n2celtnl6_dGdmNMvHHxMx8Id5DZugIW9ujMcPoKb2l_UFtubZ-VFdvYIjfl5oEDrev3AUM2Y1KdRLKwP_i5tFuRG4nh7YAgNEsWoUpbh1a3PhiikiaT4GTV0wx10cIvTIKc-hJGIJHnvAlpHVkplxJvrrNE_GNTRAwOno0pbmlg-59_PjjPxjZybNbg7qJ_YBzEFcrO8N2UT9KP1Iq0t2_15cW8Bf9DGyeAIV1fkGjPltQm79m8FGE__yMeZpgsCp3nUy4VAvety0tY82JZMt0rMmOO0rAmwEJJBQpSYQ8fCtCWOTOcgUh_PjqqlZFEsmm6-YkpLWokRRPJVE3nF4xr9UHYYZ3-bSLWkwmIKR7c7OM3kuoghWNqDwFMnxv0EEQ-pNpAY5GuEUWOACVVE9SWjBXExQB-CIH76TXMs16vFuqrUezsH3633xOi1EbTu_IoyP0Tj5cPX0j98YGHBkUGBwPOcpVd2W2gYmPbdPHv7L33hD9Z7RcwcFopRD5lgPRkO8wen7KKPdHacsqanyCXGYxzfMN8N3yeseqdq87bzUE9VSshc-wbsMhPy3hAIV7W7TCt9TW1u1nOxCU3LiqIloBiQcLsEfm0AtDSi6AZ1DBzwvAVosWhqqyqlEhGMkimlnB1n0aFMXKwiiaSnqQL1z8YAKHh4ek-Owxc2R94uoe5acIThCqxU-q0PasQIn-K95KumTvuEegfa1XWxgZglo6kY9aubZmh6zWa4j5-M394fh1FSfYf2RZFBnpbMVawr-GMsYZe-8BC6Hno58kF7mTIC77NVUW2QLz__jp8nUZm_v_sXHa2459grQXhqPxe5o7-MxLBEka_CJ0og0O4ugQzgXPe56sS-v3QdWr3nrVoAcf9kug5q5-PBPdQQHF-fF1V7-pfv0OZXIDF6n6WfirK6C3jQDBj-FT28hUzXZTAqVKJncetwHXoeCfYB6WJxGJKd67nCXK7u2SIH1hDTmY5rJg6nuB_-yuGbkJ2A0ViCcCjsVwf8MHLxplJzp0rKU64zAH8xh4iFI9ZfI9tUk7rFgKyfoe_THkvh2VbDWL9HvAWEJQxKn3gruCJ4C0WQfe6XK56TV4gMB-bF_0TiCxYR5WVIIeCLM8GQ7m5FOzXnw93E1jYQHmcrblUWuq43WfLFIq1ZUGotCVhPqUXYUuY-cLm70wyJFnP7GX0edMas1ppq8mEAW5xKTo7uoW9K2fmy7Jp1fjKyoFAhrtuUD_CeibzHOKD0g1jTOC1ooENtswzUcHCLa8qAdlGvcTIcinDzJbY_H5dYT65W8Ce5RTPg5LEgvpJdnm_GIDClM7jLZvamX0XuMyk6oK7TCfDanh8tSeRLVwxbugfttx5EPDcZ00UtE44UPiniNpKa0w610xiaUfPlBDpWh08QP7lO4b-Afa1ey-Vglo4GnKJXwYJJMha0SaxtNyES-yZ5kiC7SzIPAGWfJWR3_O9NX298oj8iAtnnl2qkLU7T9rxuzG9vKezpi5dbdePHxmpIi77rBj41BFzkJ0GzQDCXaFi-QQqKrjBQPSvPq4gX_o5wPGdp3mri31vCGfUZkqf8WO58C4MclsBBho0v__1SMT2d20p96y4wyQnW3X9LXnl4w2aac5SmhxFMTrhZp1eWng6scSxyHkyDwfEbjOkUhHAH8uf7dK48Gfwlj-4VcKr9RIjoYezjkDCHB9BBxyZZkgxgv4RfD2712N1TQ6T4ba2da7p0avnWmRBZmEnzMJoe6gHbApQs39_ESam83jO1l286FBK41CSZf_JR30qrGE0Prd9qX_VijW0HozX2hWujPF-0atDALSTbQFJRCA-yyMHT-yt2U2SralfgYczeiNP-8mBOiP9MZg9qz5rOqXMMdBU6ZBITlA8KeJHtLU18NuQWA1orGvrosJfLZLWT4u5VdbuioFvQX4CTeXg-UPzXR0U4GTQe_LmYOXo3Ne9IvNZy_gGwbG7Bynpzgkqn8An3AcSFwW8N7DD_BMKW10sfQzvtc_7w-XYk0N-2VbC-MrdUzWeGtKAMCJbLp27-_LXZVoutT51SB8w3EzlHZhT8UwiT7ds6YGPoXOk430K1aH6kMb2O1igfHNG9MsL-x4fuIR7moXeAw66e4YKDXA78pB83Qqw5APURZT52ovMt1JTAQcpP-tHEZ8vDIBGKu78f6Np4bq5KdnQeARzf-S6WipGfnja-_4iPLKB-cqNED_yHzwexOpPKglXe4s9rZewD4p5bRPToA5Qu1P9ETiTsGCsQ_avTA4_M9Lb1RHsF0RPEud4NiefmEVnQNEFFOZ36loEcebmlgQifOQLr-s12_NjzKOmiCgaN8gxETeuLX2XefBCjaW0jvtULwhfUPhTBfBEB11nhYvQ_n_fz8Sd3BvI_fM3gOWBZqsajtaOvbChRPdCCftUUFMbrPK-S5jw3BtZA3lQSMNwr_8M3L1NltFfJVhN2VLA9ESYoZ9E-Mljhb7mX8uuLaciTtWYfNV2K_urHfh1lLf_s9BcM1gB6yBS0lKflm3tM0PoWuMdXMsAE4DbEBlg0Op95-BnAEJnjt1OiuDwHKo8tM_FHCX0W6GSHXQEzqNWpozF-S69TPuK6y3y0JHk1Hbe-weWnTKxLcq3HLM9_SrTm2OCRX2VPydtl8hH5D31t110MgFREE0572eXFhcLvFy1WlkF4qnZCRBHTqjVnK16ybyUj7PFwTpDPKhymPuYS_uskldfFd0V_HSzSDsdZo6vdTjGE_s-HMYHR02heHnzpwK5TOoXlgatEpbUGh3zXHE0-3GH3jZc48BLmYIx_KF0dnbDXAE75xbj2mwU590_ma6_R95JGA5Yqfd0DB2iLz6_27agBAjjwh51rwPgBJ8HMRKw8siPaYJP2JGQnGCpWuQLlho866DWFCBIVTE_g6VK5ZrTul6Z7PpybJQd4GIUMI854BywOcXevxeRUO-Juz2SJhU7SNLg5dIhPmWiRobMlyD-AH5MjyqlmjitCEREXwlu4gt86qVEo4O7VcrQmWwnqtzsO668kocBM561LQdmK277AqfZVVM5-kI6i54hODD_3MpvvP37_t_nSr9FOPXHym7gLkO-hSFS-ktUY7Km-QFz3XUqYKa3wM4IW6kbkpY9oJOs0ZDWWhavDJt7HBHLtpItJ7PNLsEGYtcweqvKG1Qnkji6cDIDp5iTDDQ7bMJRKvIHnUhaCOaDLKX9ByzrzRUmH9ljIVw86faV9suq0i4_sNa_E8sZOWaZ3XwdIo7MWxUOSNbDPcLDzZAv2X3DQzCEjlF19VoHjK8bX0CD6UHF7QKAiKTDz7lqYIBNqMNV8xiwHQYiEDXtJV-NSM37hb9_Q22lwoFV5wA12wISwX_pF1eN3jHWKVjRRkJCxhs4E35WliqlwGN0iVGmbLe7F3raI6DEIcsHs7ClSu5yBYqZ-LPxeG0FkbB_CfJKswx0rq1ySXfGG1r17jSUFOXl4M-kjpdY3gl0Ta3dlI7UZtk86wKN3wbikO-23yJbu0iIcw90yFsKHg1sOjvG9Vqi5kCV2b0AIQIKTwkfFqCfxA_nbqRP4GXjPdBaq_lpStv7r5JhdI0tqNaBkqRyVmUGk3B3clDdU7xEBOCUQNwJBdR-T6W2MITcOeanOyvs5zrGmuzTCp2OTuYFZydHyY-6ZLNp548VXUCHL9TeUa88-SouRrc&cid=CAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=9903877684605800000&adk=2228999115&idt=89&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
795b505a4aabc1b2835d0c9259362e39716d279bfdd2a4d389eec0927d6536f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18457
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 212C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7210319540276&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 212C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7210319540276&version=m202309260101&ct=77&x=1&cor=10474873840945220000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 212C 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AffKayShXI4AlaYcc6sGx1n0OeF_ZReyR70PUSBCSgTuxfWaRailHoI9nIXZFZghPvbqHDSnR_7OljtQieZYyMb8n66w7LZifzWNftSeKWJ3kNB2240A3BhgNDOlwa2aielxWlB3aCmqTiROmRWy0V79nyXHMnAcmB84cAnkhSPq53754&cry=1&dbm_d=AKAmf-BtmQIU6bspNcgeyPomhddHwljm6mfa1CUVrGB7VGjlN9ABJaYKS2FjHBG2hKrW_9AlIGyR6FBxJ7viniEff4O0gyXoLbiL9VZEk6oaPf1P17tnLDsTHrWt_1kRJpIO8sI-7S5Az-fBgiPOa8dKa3ZTr_8DXhedEnetsxuKUN8D2vFv0YlMi6oJJ8FnREmUywXa6ESc3I5E9sxFNeLZBhLHFHnmeBggwaEswE1DmVihnkTAKy8lYu9cxCnueCSgPl_JrUn9h9AKfbJ4dWm-ZPHrjwWVUXi_FToZ_4SYocmHxMNaUeqiJS7Jw6IZzclGH_yCtaqfyo9liTly7Nql5LmeTqSY9jbvCowyceJUKQ6GocPajr7kEfCKS21r0C9Ajm3FEU5VxcTbXIY323zVbld82WTzsdLR6uF_kKUhUKLgYbvgcy8DsC7LxVGs4kBGpAqLe7x28LjrMeEda8OeL30zj_WMTqISpX5KT0H4Z8UFJf1IgY43Zl8RnG7beCtzhZbNX4DFzSqwNhfxjs_45CwO8W4dTSHHOsnNPyQh8d5mhGbyunqraHsrjLE1oz72d5B7L5m6EiTX1AWrwMGkqXASulJVKcnSOS6D3ZBCxLNVtwoPyRgJy_kAK_QVHwyXBP8CYZ2WA_ZzUBbd0hB6yvBv0Q6ErBxjNZDZq8yFkP5a4scFlxMKcPBC_ric30O887-Yvsj4o_zfWzak6MaDIx8nAmAgXjhUcHPeM2j1Hla1dM2bkc_iQBc3bYPwDqkdsK5mXLpQYrTbK-zYLQmN02Homwv4xGyqcUlK1uZtz9I0dpb06ULub1TJTYvfXDfXs91Hq6Fle1qkys15P8j618VsvWzXXKOCV71STpJmEUtdpcHnZ0MIQTPMEy8YNdZB8cbRbwTgWIGxpo6bs_cB1PYoSO4PaDHznlZnjicMeOLpyQVkTTNjEay1ISL_vADMYvqR9jZGBITQ0-lQw-IfBOt2ANNqxuM8Vbz2KUesWELHWWX0EAdNshaPlwYxeNrfQV7uUcjOeXYklRsXYAq7L5-xXjoD1lupkhsn1zr8TLQApTzSeYQlibIzRC5kZ5MuDJIePI93bgWjw47cWzfCAY45QYa3wJMosZzXzr24X5cX7xv0LrHCmr2AjkPU6YNVo5exke7sRmHqYjhdWJ2T6CA0UROjNRUA40eF90EXYT7ebvf9RlvrNp9dm-j1uXkmmafGT_bNBRs_A5jkhVBY_jhPaDCL42T0GULKZFrEViqYcynb_8-72Nnxjrka9WuF-mSLOCoX9dlKvYbO31jDzFNj-tZldg8WcenKZ53NUcHeD_BpvPBqMxQJQQS5ovrIyGTp-Hc5JL55oKdpCFKlGPiRQ33f6iNNdqPUrzM2JC21CBF7PN4Tij76N6O5LEEbmd5ETHFGBmrRUwHAbT9lEFDj1vs_RaKUcWr7V4GfoG5-nAcNT6_997yu8RawAC7lW9EqRNUeaJUCLHIvIcz_Q0TpC_s-n7JvrV39N1OCTGU8aelweT0OoWD3j6ch_vKUkB1ke58hj2DO1GEI1IC8oOA-nimoQdMQl3AY-y2yrjhO9QaRTJPNjGlQL0-rYigRZfhd0TiPRK9kPMziyaDLaez6rDmMn0BkPLg-Q1Sin_dOs6fsK2Nrb5kZomigS1eWOGfpR31sS2OrlL1QXr9wnzzT_z2-hVsUS9e9xaJcoshwoQ0dHlvoea_PkgOgKBB8G-wuvwbLjK20JbMlG_cK42tPzgvFV8EMYTv5BEQL2ca4rFqUDtY9FCUCbCTW-Be-pVsW3CaGg9u2pTxjcnHqz7yzGFmXcU9qtLaPcDAetvdSePoXEik4syyQXjWWTBqE_6gJ-ZoOh0SwABmIXJ2zqDAbvhzUavbvucDKkkbrDXI9FiEAZzj26aiOactKSpam94J5AGeYxk94oBmm1A59j-D2CWlzkkL8KepfV8tJK8Eha5hc1teWhf5UlqYUeLmOUyEyIGtXEeo9zD-A-h7aAjgvuM5MlfoRvE4HoR2GGPYCIbxmDiZ6XqLcc19v-YFbvPo_9K4WfvF5UyICOxginAl2e-dd6Z9OcTIWCVmU6v0NwmuffmLE-IZxFyghbN7bS2POkBSK3TyT5SVDoPTSajfqzQlfI1ypZDFl7c7RNz-z--UfCUIfsI92XM1BNTwQPaz7wQ-6EiCk57EdoWXYNZxdl4f8KF8LFhu3pUUgIaqxF5whmiG-Amo9_SjJ3mpit1gMSF0z52Ise42ltD44ZYEIv2Ugx4fYxOFuHjrzbTMkInEKrI_vmo1WfhjQ9Z1g5aB32Z6PS1sUDnoE3WL9Vv6BPY9Aul0WswAJcKsnuMOEVSJCG6QhSg8HP8MMwbLdzXG8R9V5i69Y_Mszt0hMZ843EcwdgqFs3iJhFlFyT41e1NkfmAv4CPdGFpe80CijLIW-6sQn07WJUDhM9sVRGCgqLMErfCxybCyIRvaksdJtclo1N-tqnB46zwM-kH7BO9_rivcRNNga3Isty_Z2DVggwN4-rxdbP8n6ySV4XkYS245sQOwTl8xi-jSYf-hOdKiMDX9mdZ2mTHu9NZNkV4gQlA7azTBR23yh6Yad9n83jxf7DCG_7SjXr4LVLz1KBl0eCOIIhzrhFIPEKv2xvWTfOKat5CRD_bXuFqeOXx3IftZASSMY7Luc6Cby3gXGr3GRN_tLorlQuuMt6be7WvaZDcIygi0PZ-OnGEinW0SlEhFy7HmQIq2b3BVNhtNYkfD4-jppvvH4V0AGBsn91NFn8o14O0IFCM2SFUnQxEu4qhFHiZCX8BB2X3fyJJt-gYbjKso_xetOAL_YDFlYdTo_6q05k3MZHRJSSTo6pfaf-nWvXbvkxm4AGFV7mp1KZ8jK8n6Zlxubxq2pQs7EwXkmWhxfBnaM-g_b8-PcDZofRjenkIW1PuAgsGeUgKvwpLdUSBWgie2qmQrJCmrymhSWEC9fR9bk0gWryMyTraDaTFxRWsV1isMQuf1xZ5wvi-lZ7tlEYt3tVkgzd6K1Kl1_scbG2lK2Gkcm1i8VPh3wpGobSe9olGAAnL1NY02nR1edlNCLFkuPmYwUMQaXBsWUCU23hXSUP8wX8RdiLN1oubv8asxMr4WKXOsNCQjDLpTSa-IUcfmMp2UYlJBazI9HSjsQ-rJJgr87VNWCUPJvBHv9U4vqNon7FejnTqkSlopmuqKY_jjIHcyRIJSFkOaXwmLWSpplRR9xNWOhW2E2aXSSmwiaW6SSCEmq12QvRurCthnaBfSFknrcD5IFCFEly4mjNVYHbEUiBYJLsLaM42fhBjhCBOJeOM8Ns-lqlhAAeC9C95gmxjpOzHcyB8a2GtNQwmT6eHV_ZVL1va4G52-oYFXs2-nauyeD8TsuwXYiUTZRKK5Sn0DwI4cVNou5RxijHdQahuyEGEXEvRT_dXzikUxyrcrNUJ0sfmU0XMLMa8XSeG0gWIcVMLNn0MNZDhem9gOWtODx7hhyqi9w2YR4E9Aghj6KiKP4Nj5vth-Y3hlUaiGs_MF_84mc6w9UGDXeB8PiwejqpuC6BPoKmiVTRn9bFWc2L80jASs2oaIhpB02tW_nbzZ2wmzql16dxxhoWQ6upI9DaHV9kkeFtldKkVHcjxZ8plZwltozwqHpkxDJhWP4MIZr-2tPLqa1Rj3w-1ko_4bBOTL9UxincyxTATheaoVW7EooHLQ6H2teOCSAqXWk6N6KDvo5P9BJ_IJk5nvBhLbDua2qfs7XP9wUcG2TPj7pjP20l49kT7j7WBkwiFBM1prAT_jtQSJBXysUaFh0fIYf_FMlKIUKxmD4yxA8yKLTPogYhWRUggYeixYzgnW_3nFd5xCQG87EBLQKZZzMS7Qp7s5icx3ouW7tlLOmn4MSgmmhAfWeCZzT6RhvJO7Yq2Tz8OIZEIDyBJ9Bq2JMM_Jvc8KS3oEu8ViP7LofM4AkmV21M8XcG8h4eUlW3Pip9Fov5MbTVByh-HAG7v9yt-aeteocNofFyC8krbzcfS5OxynB8v8MreaY_wcrnU-z6WPcKAQo36bUKn99q_479W1ebW6k8LfJxBmGlcZL7XrgSsgP2VenJYN5KRClWR3Shp6MUKqVuHM7WadHKQ&cid=CAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=10474873840945220000&adk=2857193498&idt=66&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b50f2faefb05d6d3577b69243a26eee2b4e664402d8b4b57926d8b78cfd09c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6BD5 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e85e099758968e12502438257864835ace171ce312c8bb951649b9ad8c95fc83

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 23:30:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71822
Connection
keep-alive
Content-Length
13281
Expires
Fri, 03 Nov 2023 23:28:47 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/ Frame 88AE 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_fy2021.js?bust=31079328
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c60cc76a2aaf1b481b52db3cd2850d24a9121a3e4217ad247dba7a67daed2450
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138198
x-xss-protection
0
server
cafe
etag
9843602904849754099
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 0185 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
9024
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 01:01:22 GMT
etag
251720774729838433
expires
Fri, 17 Nov 2023 01:01:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame C084 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNU-wPa_Qn8cvbiyrBBrwZQdMoJQ_T9oQ0TVikFe7zggwcVb7TeIKPscIRYycOm1fkILBjg4GRXwD7QJeA2VphwW32Q3Zw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C084
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNU-wPa_Qn8cvbiyrBBrwZQdMoJQ_T9oQ0TVikFe7zggwcVb7TeIKPscIRYycOm1fkILBjg4GRXwD7QJeA2VphwW32Q3Zw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7n2lvqLCK6UQUTg3njA72n5TJxw35y2278nsurEVAl0%2FR8%2FD9m%2BtXgoYc02uKpoDPwclZGVCMGxAbc1TbeGQvbOJa6NER3EBbunULIZI0GJjLvCTiLjgqikH46U0%2B34Zxc285huZdg0VA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018bd55c3323c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C084
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZURpotJ3N8GOWqBdq-1wawAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNU-wPa_Qn8cvbiyrBBrwZQdMoJQ_T9oQ0TVikFe7zggwcVb7TeIKPscIRYycOm1fkILBjg4GRXwD7QJeA2VphwW32Q3Zw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkOu3MiX2S5xxvVkLHtKXp7KbkSs8tWFthcqyh1bLbjbhocrG36CXhAhEFrNrlAv9sL5vCQ0C7b5MLJd3VRWAH5LufVKBaSuLklvb6zGfrRowwqtCmBLxGgVNL%2FmmiFDMyn5OSQGpkKNLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018bd5bc9123c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E984
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESENE6FbI88sDcic8-h2vCPQM&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESENE6FbI88sDcic8-h2vCPQM&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=f7313c4f3bd5aade60f9aaf1668f13d2&uid=f7313c4f3bd5aade60f9aaf1668f1...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWeKpRA0SHbGIH_2P4QpeyRPRLI-oj589xUOpLJL0XL3uYuLuOWDn28XTlRVivqWf9K9ACRYe6qYFixwL3tfHjptpdq8w
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:46 GMT
Last-Modified
Fri, 03 Nov 2023 03:31:46 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E984 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWeKpRA0SHbGIH_2P4QpeyRPRLI-oj589xUOpLJL0XL3uYuLuOWDn28XTlRVivqWf9K9ACRYe6qYFixwL3tfHjptpdq8w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9462
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOsHWldA86LVYMhgIleS82U&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOsHWldA86LVYMhgIleS82U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNVlG3e-MtONDnvQkv5lBCkt3ZkUoOgrA_Emfx4STM67AAUs93sjXWs_c9OHwQOBAxucEG4k8h2_FV1BtJRIXaZ560Hl8A
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
an-x-request-uuid
e6cdbb01-ec25-470f-b231-b793d626b26f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOsHWldA86LVYMhgIleS82U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9462
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM4NzQyMTUzMTI3MTE3MTMzOQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM4NzQyMTUzMTI3MTE3MTMzOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNVlG3e-MtONDnvQkv5lBCkt3ZkUoOgrA_Emfx4STM67AAUs93sjXWs_c9OHwQOBAxucEG4k8h2_FV1BtJRIXaZ560Hl8A
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
an-x-request-uuid
ed5e39bb-c37f-4ca0-8880-752c9f185b2a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM4NzQyMTUzMTI3MTE3MTMzOQ%3D%3D
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9462
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNVlG3e-MtONDnvQkv5lBCkt3ZkUoOgrA_Emfx4STM67AAUs93sjXWs_c9OHwQOBAxucEG4k8h2_FV1BtJRIXaZ560Hl8A
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1
date
Fri, 03 Nov 2023 03:31:46 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 9462
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJmNmRlNDQtODhiNi0yNTM5LWVlNmItMzU5ZDBlN2Q0ZDVi
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJmNmRlNDQtODhiNi0yNTM5LWVlNmItMzU5ZDBlN2Q0ZDVi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNVlG3e-MtONDnvQkv5lBCkt3ZkUoOgrA_Emfx4STM67AAUs93sjXWs_c9OHwQOBAxucEG4k8h2_FV1BtJRIXaZ560Hl8A
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJmNmRlNDQtODhiNi0yNTM5LWVlNmItMzU5ZDBlN2Q0ZDVi
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
khaos.json
token.rubiconproject.com/ Frame 6BD5 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10637&tvi50=13623&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
92
date
Fri, 03 Nov 2023 03:31:46 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
70618
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6938-MXP
pragma
no-cache
server
nginx
x-timer
S1698982306.068052,VS0,VE92
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
socket.io.min.js
cdn.socket.io/4.5.4/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-112.fra56.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 13:22:18 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA56-P2
age
6574513
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
fra1::hff6x-1696252938493-701d121ca797
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
TtjYf7R1BPP_fUbtRn8-KUQaQF2woZzkHTo-bpyZNJCVNn6TXUiNTw==
prebid.js
cdn.unibotscdn.com/player/prebid/ 		519 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
b499758f19f8908ac7f96fcb014f53fc5ab0fb1b372828c83c9c0d4f76403bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-51
cdn-cachedat
10/31/2023 18:58:52
cdn-pullzone
873945
last-modified
Mon, 16 Oct 2023 11:44:57 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"652d2239-81b53"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
b3a8aa87eee998d72d49c50da4880579
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 57FC 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bq-lS6gB413R4MoTudPUgDXjDgQErUhgJmqx9Mj9knqz29ybPNlvONuY1D19Ujg4a2ucsY-7-1QFAyeeMancPpFQwiuI5Q_xXQdFWia2UoKstgQT4TwpmUfrBvF54vVAQ54qYYpK3X48LvyCuIPVvYoJKNi4PNDofhd88ZMsjyyHlshXE&cry=1&dbm_d=AKAmf-AuZ5sCYgvlICjkCmui2tmRrIUvQyJwJsp2OkZUbnr3SdrbC2uhIe8g_UDdYNf5tWWQfs6h1mr2V_llOUwBy4T8I8k5B9ja_TibakiswP3K0p4nj4ZSK_vNrAhvvkZ975xV6ZmtZdW_WjFsClX6oRfzAcp9l95KSl-EmZJF478pYtwQ5GUk_C8hL7JYO8g92eWjaX5K4jGe6HglSifA9eqx2fz3dy75qUzHDPIdh4znoEmnDVPIHOQK2nd5C7RED9NCSdcmMUCCjPocasbgbiA7k0F74LyE2XBafvJMRHJ4duqYOTYtmL6h8sXkaGj9T7Y_n2celtnl6_dGdmNMvHHxMx8Id5DZugIW9ujMcPoKb2l_UFtubZ-VFdvYIjfl5oEDrev3AUM2Y1KdRLKwP_i5tFuRG4nh7YAgNEsWoUpbh1a3PhiikiaT4GTV0wx10cIvTIKc-hJGIJHnvAlpHVkplxJvrrNE_GNTRAwOno0pbmlg-59_PjjPxjZybNbg7qJ_YBzEFcrO8N2UT9KP1Iq0t2_15cW8Bf9DGyeAIV1fkGjPltQm79m8FGE__yMeZpgsCp3nUy4VAvety0tY82JZMt0rMmOO0rAmwEJJBQpSYQ8fCtCWOTOcgUh_PjqqlZFEsmm6-YkpLWokRRPJVE3nF4xr9UHYYZ3-bSLWkwmIKR7c7OM3kuoghWNqDwFMnxv0EEQ-pNpAY5GuEUWOACVVE9SWjBXExQB-CIH76TXMs16vFuqrUezsH3633xOi1EbTu_IoyP0Tj5cPX0j98YGHBkUGBwPOcpVd2W2gYmPbdPHv7L33hD9Z7RcwcFopRD5lgPRkO8wen7KKPdHacsqanyCXGYxzfMN8N3yeseqdq87bzUE9VSshc-wbsMhPy3hAIV7W7TCt9TW1u1nOxCU3LiqIloBiQcLsEfm0AtDSi6AZ1DBzwvAVosWhqqyqlEhGMkimlnB1n0aFMXKwiiaSnqQL1z8YAKHh4ek-Owxc2R94uoe5acIThCqxU-q0PasQIn-K95KumTvuEegfa1XWxgZglo6kY9aubZmh6zWa4j5-M394fh1FSfYf2RZFBnpbMVawr-GMsYZe-8BC6Hno58kF7mTIC77NVUW2QLz__jp8nUZm_v_sXHa2459grQXhqPxe5o7-MxLBEka_CJ0og0O4ugQzgXPe56sS-v3QdWr3nrVoAcf9kug5q5-PBPdQQHF-fF1V7-pfv0OZXIDF6n6WfirK6C3jQDBj-FT28hUzXZTAqVKJncetwHXoeCfYB6WJxGJKd67nCXK7u2SIH1hDTmY5rJg6nuB_-yuGbkJ2A0ViCcCjsVwf8MHLxplJzp0rKU64zAH8xh4iFI9ZfI9tUk7rFgKyfoe_THkvh2VbDWL9HvAWEJQxKn3gruCJ4C0WQfe6XK56TV4gMB-bF_0TiCxYR5WVIIeCLM8GQ7m5FOzXnw93E1jYQHmcrblUWuq43WfLFIq1ZUGotCVhPqUXYUuY-cLm70wyJFnP7GX0edMas1ppq8mEAW5xKTo7uoW9K2fmy7Jp1fjKyoFAhrtuUD_CeibzHOKD0g1jTOC1ooENtswzUcHCLa8qAdlGvcTIcinDzJbY_H5dYT65W8Ce5RTPg5LEgvpJdnm_GIDClM7jLZvamX0XuMyk6oK7TCfDanh8tSeRLVwxbugfttx5EPDcZ00UtE44UPiniNpKa0w610xiaUfPlBDpWh08QP7lO4b-Afa1ey-Vglo4GnKJXwYJJMha0SaxtNyES-yZ5kiC7SzIPAGWfJWR3_O9NX298oj8iAtnnl2qkLU7T9rxuzG9vKezpi5dbdePHxmpIi77rBj41BFzkJ0GzQDCXaFi-QQqKrjBQPSvPq4gX_o5wPGdp3mri31vCGfUZkqf8WO58C4MclsBBho0v__1SMT2d20p96y4wyQnW3X9LXnl4w2aac5SmhxFMTrhZp1eWng6scSxyHkyDwfEbjOkUhHAH8uf7dK48Gfwlj-4VcKr9RIjoYezjkDCHB9BBxyZZkgxgv4RfD2712N1TQ6T4ba2da7p0avnWmRBZmEnzMJoe6gHbApQs39_ESam83jO1l286FBK41CSZf_JR30qrGE0Prd9qX_VijW0HozX2hWujPF-0atDALSTbQFJRCA-yyMHT-yt2U2SralfgYczeiNP-8mBOiP9MZg9qz5rOqXMMdBU6ZBITlA8KeJHtLU18NuQWA1orGvrosJfLZLWT4u5VdbuioFvQX4CTeXg-UPzXR0U4GTQe_LmYOXo3Ne9IvNZy_gGwbG7Bynpzgkqn8An3AcSFwW8N7DD_BMKW10sfQzvtc_7w-XYk0N-2VbC-MrdUzWeGtKAMCJbLp27-_LXZVoutT51SB8w3EzlHZhT8UwiT7ds6YGPoXOk430K1aH6kMb2O1igfHNG9MsL-x4fuIR7moXeAw66e4YKDXA78pB83Qqw5APURZT52ovMt1JTAQcpP-tHEZ8vDIBGKu78f6Np4bq5KdnQeARzf-S6WipGfnja-_4iPLKB-cqNED_yHzwexOpPKglXe4s9rZewD4p5bRPToA5Qu1P9ETiTsGCsQ_avTA4_M9Lb1RHsF0RPEud4NiefmEVnQNEFFOZ36loEcebmlgQifOQLr-s12_NjzKOmiCgaN8gxETeuLX2XefBCjaW0jvtULwhfUPhTBfBEB11nhYvQ_n_fz8Sd3BvI_fM3gOWBZqsajtaOvbChRPdCCftUUFMbrPK-S5jw3BtZA3lQSMNwr_8M3L1NltFfJVhN2VLA9ESYoZ9E-Mljhb7mX8uuLaciTtWYfNV2K_urHfh1lLf_s9BcM1gB6yBS0lKflm3tM0PoWuMdXMsAE4DbEBlg0Op95-BnAEJnjt1OiuDwHKo8tM_FHCX0W6GSHXQEzqNWpozF-S69TPuK6y3y0JHk1Hbe-weWnTKxLcq3HLM9_SrTm2OCRX2VPydtl8hH5D31t110MgFREE0572eXFhcLvFy1WlkF4qnZCRBHTqjVnK16ybyUj7PFwTpDPKhymPuYS_uskldfFd0V_HSzSDsdZo6vdTjGE_s-HMYHR02heHnzpwK5TOoXlgatEpbUGh3zXHE0-3GH3jZc48BLmYIx_KF0dnbDXAE75xbj2mwU590_ma6_R95JGA5Yqfd0DB2iLz6_27agBAjjwh51rwPgBJ8HMRKw8siPaYJP2JGQnGCpWuQLlho866DWFCBIVTE_g6VK5ZrTul6Z7PpybJQd4GIUMI854BywOcXevxeRUO-Juz2SJhU7SNLg5dIhPmWiRobMlyD-AH5MjyqlmjitCEREXwlu4gt86qVEo4O7VcrQmWwnqtzsO668kocBM561LQdmK277AqfZVVM5-kI6i54hODD_3MpvvP37_t_nSr9FOPXHym7gLkO-hSFS-ktUY7Km-QFz3XUqYKa3wM4IW6kbkpY9oJOs0ZDWWhavDJt7HBHLtpItJ7PNLsEGYtcweqvKG1Qnkji6cDIDp5iTDDQ7bMJRKvIHnUhaCOaDLKX9ByzrzRUmH9ljIVw86faV9suq0i4_sNa_E8sZOWaZ3XwdIo7MWxUOSNbDPcLDzZAv2X3DQzCEjlF19VoHjK8bX0CD6UHF7QKAiKTDz7lqYIBNqMNV8xiwHQYiEDXtJV-NSM37hb9_Q22lwoFV5wA12wISwX_pF1eN3jHWKVjRRkJCxhs4E35WliqlwGN0iVGmbLe7F3raI6DEIcsHs7ClSu5yBYqZ-LPxeG0FkbB_CfJKswx0rq1ySXfGG1r17jSUFOXl4M-kjpdY3gl0Ta3dlI7UZtk86wKN3wbikO-23yJbu0iIcw90yFsKHg1sOjvG9Vqi5kCV2b0AIQIKTwkfFqCfxA_nbqRP4GXjPdBaq_lpStv7r5JhdI0tqNaBkqRyVmUGk3B3clDdU7xEBOCUQNwJBdR-T6W2MITcOeanOyvs5zrGmuzTCp2OTuYFZydHyY-6ZLNp548VXUCHL9TeUa88-SouRrc&cid=CAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=9903877684605800000&adk=2228999115&idt=89&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:21:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29392
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
server
cafe
etag
17132697034905592634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:21:54 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 57FC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bq-lS6gB413R4MoTudPUgDXjDgQErUhgJmqx9Mj9knqz29ybPNlvONuY1D19Ujg4a2ucsY-7-1QFAyeeMancPpFQwiuI5Q_xXQdFWia2UoKstgQT4TwpmUfrBvF54vVAQ54qYYpK3X48LvyCuIPVvYoJKNi4PNDofhd88ZMsjyyHlshXE&cry=1&dbm_d=AKAmf-AuZ5sCYgvlICjkCmui2tmRrIUvQyJwJsp2OkZUbnr3SdrbC2uhIe8g_UDdYNf5tWWQfs6h1mr2V_llOUwBy4T8I8k5B9ja_TibakiswP3K0p4nj4ZSK_vNrAhvvkZ975xV6ZmtZdW_WjFsClX6oRfzAcp9l95KSl-EmZJF478pYtwQ5GUk_C8hL7JYO8g92eWjaX5K4jGe6HglSifA9eqx2fz3dy75qUzHDPIdh4znoEmnDVPIHOQK2nd5C7RED9NCSdcmMUCCjPocasbgbiA7k0F74LyE2XBafvJMRHJ4duqYOTYtmL6h8sXkaGj9T7Y_n2celtnl6_dGdmNMvHHxMx8Id5DZugIW9ujMcPoKb2l_UFtubZ-VFdvYIjfl5oEDrev3AUM2Y1KdRLKwP_i5tFuRG4nh7YAgNEsWoUpbh1a3PhiikiaT4GTV0wx10cIvTIKc-hJGIJHnvAlpHVkplxJvrrNE_GNTRAwOno0pbmlg-59_PjjPxjZybNbg7qJ_YBzEFcrO8N2UT9KP1Iq0t2_15cW8Bf9DGyeAIV1fkGjPltQm79m8FGE__yMeZpgsCp3nUy4VAvety0tY82JZMt0rMmOO0rAmwEJJBQpSYQ8fCtCWOTOcgUh_PjqqlZFEsmm6-YkpLWokRRPJVE3nF4xr9UHYYZ3-bSLWkwmIKR7c7OM3kuoghWNqDwFMnxv0EEQ-pNpAY5GuEUWOACVVE9SWjBXExQB-CIH76TXMs16vFuqrUezsH3633xOi1EbTu_IoyP0Tj5cPX0j98YGHBkUGBwPOcpVd2W2gYmPbdPHv7L33hD9Z7RcwcFopRD5lgPRkO8wen7KKPdHacsqanyCXGYxzfMN8N3yeseqdq87bzUE9VSshc-wbsMhPy3hAIV7W7TCt9TW1u1nOxCU3LiqIloBiQcLsEfm0AtDSi6AZ1DBzwvAVosWhqqyqlEhGMkimlnB1n0aFMXKwiiaSnqQL1z8YAKHh4ek-Owxc2R94uoe5acIThCqxU-q0PasQIn-K95KumTvuEegfa1XWxgZglo6kY9aubZmh6zWa4j5-M394fh1FSfYf2RZFBnpbMVawr-GMsYZe-8BC6Hno58kF7mTIC77NVUW2QLz__jp8nUZm_v_sXHa2459grQXhqPxe5o7-MxLBEka_CJ0og0O4ugQzgXPe56sS-v3QdWr3nrVoAcf9kug5q5-PBPdQQHF-fF1V7-pfv0OZXIDF6n6WfirK6C3jQDBj-FT28hUzXZTAqVKJncetwHXoeCfYB6WJxGJKd67nCXK7u2SIH1hDTmY5rJg6nuB_-yuGbkJ2A0ViCcCjsVwf8MHLxplJzp0rKU64zAH8xh4iFI9ZfI9tUk7rFgKyfoe_THkvh2VbDWL9HvAWEJQxKn3gruCJ4C0WQfe6XK56TV4gMB-bF_0TiCxYR5WVIIeCLM8GQ7m5FOzXnw93E1jYQHmcrblUWuq43WfLFIq1ZUGotCVhPqUXYUuY-cLm70wyJFnP7GX0edMas1ppq8mEAW5xKTo7uoW9K2fmy7Jp1fjKyoFAhrtuUD_CeibzHOKD0g1jTOC1ooENtswzUcHCLa8qAdlGvcTIcinDzJbY_H5dYT65W8Ce5RTPg5LEgvpJdnm_GIDClM7jLZvamX0XuMyk6oK7TCfDanh8tSeRLVwxbugfttx5EPDcZ00UtE44UPiniNpKa0w610xiaUfPlBDpWh08QP7lO4b-Afa1ey-Vglo4GnKJXwYJJMha0SaxtNyES-yZ5kiC7SzIPAGWfJWR3_O9NX298oj8iAtnnl2qkLU7T9rxuzG9vKezpi5dbdePHxmpIi77rBj41BFzkJ0GzQDCXaFi-QQqKrjBQPSvPq4gX_o5wPGdp3mri31vCGfUZkqf8WO58C4MclsBBho0v__1SMT2d20p96y4wyQnW3X9LXnl4w2aac5SmhxFMTrhZp1eWng6scSxyHkyDwfEbjOkUhHAH8uf7dK48Gfwlj-4VcKr9RIjoYezjkDCHB9BBxyZZkgxgv4RfD2712N1TQ6T4ba2da7p0avnWmRBZmEnzMJoe6gHbApQs39_ESam83jO1l286FBK41CSZf_JR30qrGE0Prd9qX_VijW0HozX2hWujPF-0atDALSTbQFJRCA-yyMHT-yt2U2SralfgYczeiNP-8mBOiP9MZg9qz5rOqXMMdBU6ZBITlA8KeJHtLU18NuQWA1orGvrosJfLZLWT4u5VdbuioFvQX4CTeXg-UPzXR0U4GTQe_LmYOXo3Ne9IvNZy_gGwbG7Bynpzgkqn8An3AcSFwW8N7DD_BMKW10sfQzvtc_7w-XYk0N-2VbC-MrdUzWeGtKAMCJbLp27-_LXZVoutT51SB8w3EzlHZhT8UwiT7ds6YGPoXOk430K1aH6kMb2O1igfHNG9MsL-x4fuIR7moXeAw66e4YKDXA78pB83Qqw5APURZT52ovMt1JTAQcpP-tHEZ8vDIBGKu78f6Np4bq5KdnQeARzf-S6WipGfnja-_4iPLKB-cqNED_yHzwexOpPKglXe4s9rZewD4p5bRPToA5Qu1P9ETiTsGCsQ_avTA4_M9Lb1RHsF0RPEud4NiefmEVnQNEFFOZ36loEcebmlgQifOQLr-s12_NjzKOmiCgaN8gxETeuLX2XefBCjaW0jvtULwhfUPhTBfBEB11nhYvQ_n_fz8Sd3BvI_fM3gOWBZqsajtaOvbChRPdCCftUUFMbrPK-S5jw3BtZA3lQSMNwr_8M3L1NltFfJVhN2VLA9ESYoZ9E-Mljhb7mX8uuLaciTtWYfNV2K_urHfh1lLf_s9BcM1gB6yBS0lKflm3tM0PoWuMdXMsAE4DbEBlg0Op95-BnAEJnjt1OiuDwHKo8tM_FHCX0W6GSHXQEzqNWpozF-S69TPuK6y3y0JHk1Hbe-weWnTKxLcq3HLM9_SrTm2OCRX2VPydtl8hH5D31t110MgFREE0572eXFhcLvFy1WlkF4qnZCRBHTqjVnK16ybyUj7PFwTpDPKhymPuYS_uskldfFd0V_HSzSDsdZo6vdTjGE_s-HMYHR02heHnzpwK5TOoXlgatEpbUGh3zXHE0-3GH3jZc48BLmYIx_KF0dnbDXAE75xbj2mwU590_ma6_R95JGA5Yqfd0DB2iLz6_27agBAjjwh51rwPgBJ8HMRKw8siPaYJP2JGQnGCpWuQLlho866DWFCBIVTE_g6VK5ZrTul6Z7PpybJQd4GIUMI854BywOcXevxeRUO-Juz2SJhU7SNLg5dIhPmWiRobMlyD-AH5MjyqlmjitCEREXwlu4gt86qVEo4O7VcrQmWwnqtzsO668kocBM561LQdmK277AqfZVVM5-kI6i54hODD_3MpvvP37_t_nSr9FOPXHym7gLkO-hSFS-ktUY7Km-QFz3XUqYKa3wM4IW6kbkpY9oJOs0ZDWWhavDJt7HBHLtpItJ7PNLsEGYtcweqvKG1Qnkji6cDIDp5iTDDQ7bMJRKvIHnUhaCOaDLKX9ByzrzRUmH9ljIVw86faV9suq0i4_sNa_E8sZOWaZ3XwdIo7MWxUOSNbDPcLDzZAv2X3DQzCEjlF19VoHjK8bX0CD6UHF7QKAiKTDz7lqYIBNqMNV8xiwHQYiEDXtJV-NSM37hb9_Q22lwoFV5wA12wISwX_pF1eN3jHWKVjRRkJCxhs4E35WliqlwGN0iVGmbLe7F3raI6DEIcsHs7ClSu5yBYqZ-LPxeG0FkbB_CfJKswx0rq1ySXfGG1r17jSUFOXl4M-kjpdY3gl0Ta3dlI7UZtk86wKN3wbikO-23yJbu0iIcw90yFsKHg1sOjvG9Vqi5kCV2b0AIQIKTwkfFqCfxA_nbqRP4GXjPdBaq_lpStv7r5JhdI0tqNaBkqRyVmUGk3B3clDdU7xEBOCUQNwJBdR-T6W2MITcOeanOyvs5zrGmuzTCp2OTuYFZydHyY-6ZLNp548VXUCHL9TeUa88-SouRrc&cid=CAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=9903877684605800000&adk=2228999115&idt=89&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 14:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
566027
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 14:17:59 GMT
banner
ad4.adfarm1.adition.com/ Frame 57FC 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=771191830&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CU3s-oWlEZcKrGejDjuwP9_a-sAfJgf_6c9H-nLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn-IY82-KxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp_yuHAHYenXPSH8TEMH-58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE_oz0DopQ_KA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry_dzCyRuKp665oR3hmrbOHEBdHuM2_unLpc7x5scOoM0da4sms2SiM-Pbzghfrs85ZI2LWNdy72eHx-kCLb8MROtEZt_tCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE&sig=AOD64_3d5P_i-fplZNn6D9vHmSCOdq8Rkg&client=ca-pub-8933329999391104&dbm_c=AKAmf-DTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4-Zor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK-tiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H_wYQ&cry=1&dbm_d=AKAmf-BisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz-PsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0-g693QZs1rvDEYzkfMfm8R-yMRCAnWIRJNpwCZcjkUEnfYtrnd-UTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU-2Z8x5ZmCAKxf5Jf2NlNDQ-0KC7xVDWlgPMc_9hgxGaB2tELautLKSqRHy2ReqBOvw-PrhVNQGKJnIO83S3s2GdUmJ-zcwCT3o-ItOAW8Il_dwxh_XIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN--roTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ_b6ygKtCg-KrZk_pkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc_T17pu60F7tuBmHVce8e-8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM-mECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH-odRSIBNJ88GwGfk&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
62d55b047e0926b5d4e8a17cc75caa218394d459dd6b1a14530c9ebb0cd9992c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 04:31:46 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame E69C 		492 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3523048316238567&correlator=2565013050566179&eid=31079305%2C44807410%2C31079371&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1698982306082&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=iqrh16etzenl&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1992131697.1698982306&ga_sid=1698982306&ga_hid=1832111257&ga_fc=false&dlt=1698982305762&idt=303&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096562b6054ffa5454a2c4bd33f23e0c8f669b6a2c2c9b1bbd81580e38d3165a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
69be34fe654769228626d28f7f45bd7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7913 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://69be34fe654769228626d28f7f45bd7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:46 GMT
expires
Sat, 02 Nov 2024 03:31:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 5457 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGFC-D6pe9GRRcL1BVm6tyL0BCJKZxohti0aAKYnk5Ie5jfFfe5G535Bp2prFOLct0gZJuyoOg2ZRLdhxcDighfIqEUE999P8pQ5v9uuLGiwWeK5MH0L3r3J4gUTErCKqhtsSh-wbCRilVvteFmW-NDYL5xQ&cry=1&dbm_d=AKAmf-ACOhdIE06gSMbOb-bECF6TpkmF245Xq64eElhzdfJANcfAz_uTQQcRtDkCvrRdJ1Jvjg8I09aW0SxTQG76QZyLa61uGXNjb9ScKlfUNfmblMemkX5ccaqTAqMc3zzorFVf4cPTzp6PMZko-uNaW6OgGVIFZpGv0Jtci9kFWBhGINWZ-zxCGFe8bp7Um8UVNbzxBS03XpNSQireAty2Q0czl0aY8ts9JkCsUXe7V3pvSLyuehxBn-jYfy4Mn_K8aXdHsO8qXzhD-eIkKOlG3xq15VKB271XyzhQ0rtZq-ZuZxWd2viY1SwI6RsGWi-DvhgmiQfCRbjHRv7tEiBHVkBOp9tGun8V0qAX6_p5OoicsVyuh_TmElIWXPQxJgU3q9v_jzph7OFZZh3MiBIYtKZcsO0iqAPgXqZLnkHWkI6YuriatWlO-XtUsbEZNUVGFXRnvaubT9M0hEfCB1tzfDxDCyJwh2NuudHE1QKjHAfaDf33PXXbeD7PB28yuCebUiSVA6S8BfA9WYA7JsrZwNxZ7XhCDqETJVVCL9mZ-lFJ34Ot1Rd7KK-kLKpfcvQf7XSG3adBZEBRbdDwLasQlCJazSb55Pq3yQQ75zBgdUFyOui1NBrLaZ-bgYqWjN_Slwn9zI0vrNUHOMq59ovCSFBI-Dn-oD-HjYqr_7bGqdP_gF13-tQDZ7cYXBiMKzcoKhQ1YtII_ll63PSk8RNkr0sGEOBBYa4Jk3VCRj52seEg_8p6R791-w7v-vDvbRlzLMSJU_j0ASSymkB37ZEN64_vpW6cc0vLw8nH8kU9lDfD0CMLZBjYdRdf5A0gy8lXGln98Z8ZyFXJKyIxTbiXAFSoBOfmb7ZWy7EcqDX5exLwF7QPHZn7M5Y5PygCIXadK49SmtXrbAsdAkga82BXaFMyREccnOgIBbd7kbCnLnV0D3fRMgR5JG2rshhBWkyoERbtTbf5R3iyp3kSsv70K9qABdRrbMLGzWcdhBxWMZSBSJt2N474oDet_Xwfh-qN70KWyGe4eUaNY9eq6uPTGW6IMumTHrb_sQis1bBuYLIh-OqOodMxw2Ey2n0jPVPGtmXhKTZnU9bfFVonn01NIz7ugnM1Z4wD5sNK9BWGYRhk4iVmw2avZo_OqpBrD4shQZkgSZhlh9SSPgAvuQ2sY69d_TizVZTGdkfFesmkKP92zu7sPIyMPicsxyIayLc9YdRTfcf5istgqcKlZ7lJO1eT52YhykgmsdYWD4ZEnZM4wGeJiXxkXpkl8fZCBwXDHe_wJ8uZ6N9JONGtNjE4WHBp1jFj-K1SJaZL97gCk1P6Dlonc5E26tEILpnWGu8yLfTcFbNkr9dGbbsrLlVn9ZVJS6hHOitYN5f_4qKoZLDN9odNG5uhVwnfxBorVrAYhoSmi-DJOujxt3GqpTGiB1C0mZx2CDl_4r8pQ4cL_ndFnkUuHOWxjRJ4oubLaiDB7vINF-8UcyPhpkG6qaHfQ6gQZaBSnU35kDUSTsCc-ajYJMhvDkSE5Te8LY_-H3siuCfTGfkTWYNAgz7NSfydxwEpFzitzK4fT24eYpmgZGXU3LtAL5PkCpkPRyQAOHto-Hb5KFx-blEbLqKi_8RdFAPf56xfjqQFb-Yu_n2Ms_-aNgPcDShLgbzY3SZBtoAsYXUS_y1e3BQcEz74Lto6lvWTEOM5xymdEO3wjx-IprlmmO56be-Lxr71HTcKTM75UpWANC6ePbGMPV2boNNAxgTcoT92zgwEH0NO69p8EZJgdQuoGKW3c8GcAo81oBP5BORWHOBqnEeDIhzOCCMTCwXyBgA2EaHW2EdHwRfr5BaZxnppACVJOm7aHx9IQJJA1ypFMQsV2xrs5mhRVrX8_q9MzKCCCjL4XCGc1qmtMobTNeU1VdGDyIl6DSC6DdJyfw9bIjwQcqZx8xAJ6_wIV0P0fXCUgo1BajqgjQrJ4aToF0ZsE4VvMek3cb8BjUkr80GAv06-reqIJH14oaARcWE5OcBXOkNNWeeUt5GKi1lUE_QCPt8rJoJ_0YN8t-ei75W32gd63fGS4o6XfeSnk8IFBPNx0fyf1PG2MGGZc25cDUu7-nmUQlcdx9SW5kH1JAWRsld6d8N_vymeLV5t5uehiwDoPfesgClw3xWpmqfIqCq44yTqg3JHPqHVc-hcqtoZj0NHl0iQF-Kv4vAL59ziWt5M3mz-mjU3SIV8-kZuowvBT3cLffu1eAQwES21--tCU9_RkEKBN7y7DWVrOf4Ga2no7zy0BF0hAQQ4dqYN93tOasmhyf1Ksc9CLg0a_w18LVPTfUJoItX4FbMNEsNjynIb5BuWYyI4xQ-qJGs4lmQFMXzP_m7Gn2ljnrVFeuNQf2d_eVmTLW7OpuBgCSFdcoN2Zojr_zqAUWeW2gQ60yyMoh_zLENn1745OtPRrd_7oi_bJxjfDeNp1jWEuYGd32BOQMgjfc66aNFEXrKI89ZIcUzL6cG_sUno3kot1ybARI0jfzC0nFbYICnKJeg6Wp4OVrMBkwBMeb-UkZ4oAI0Xu-Gv3p_NMj45cvPA3FgbcbBVu2qlPNOtAOQQjLZfK-EA7ieb1nEiFjlrrO2cKAn1JC3fWyqGQWIyVAd_iHRogaAlsfr62Xd6jIyjuTGOsE_B878bc852nalhKXie3iW4ZjM9RSaSlkETq6rHYTjsUj-1NNVBa1Kmw_xUb68QGKWIcNcixEw_3l74WvxtqwnMeBhZQ80VE4bL712EGj2lleKOtBroLQrKo1Vc_Tmc7xtSnTf2FrLAIjXauqKOkSua49TzmePFDwxeVxf55ZcjULTZC1_55tmNSl3QjgAkZidNcqt9oxUpxkE830aNYDGuPpmUnG_B__FY4ZrQTol0Oez61weVSLZ1l3uTwSqkBvOT7EtDOWUQwFS1YK5R7XDsjDFzmq3l-yZzfdl5IQY2EQhiOqwJmuKP2h9bAokuLvCdAwLrUvi7obClU8K5wy8JcKq9PkwOsE9zyvnCHWrLMoDw_zDRLRu_PVaqvwuspIckx5vMSI6t1F0vRmyxaIhbiwwp-a0vaXqj_2kGXfVxGA2AVJEJCo3YiyMH5yehTmG6GaR0b0r4ItT69dqg3QGz_YqHbaZXcSjwUEW5R1iSMKJ-QtEW1WBmEEmV_bKu1BluK7hpyXDM7ZksSuaPPL2XxtX5983Zl5m8VeoDaMjegY4_wmSjMsl3zoP1G67WgdVm2n9zkQAnr54cFgg47lvAXFI-LU0hm_7XjA1jbpELa8ESE-ewfUEx0dXd8PkoovB0K5q70_SR6WqkQSCALOlkiIZ38ZE4JodXuspR6FS3QBj44rUZvnyUPdPqP_e4xYcjV97ZQqRGRcWkt274h9afLX_gj64qrXmxZM4h197ryumETK8md_RjLpDor56txCydatGQ6w33FniGuxypgd65tMHGFyfooWQ6IDRWM3Q4hBsdu1_x9wSGBVtlhS8MUwysvNWQulf--8LU3djVDosfpgQSTZpsaWUQNPPWEtnznictf_S9P8L5RCVH_E99RgEnHRL23Dxdu_lRTI8kVkxBb2YfsGOelqh_zVD7opzhP-RyppBfnezdf-H52FdbtU0q3zNtTg_aQv-PETfaVtrf56BqnBUyY1cb_sbMB2FrVxUEJbw5BkYIffd7P_Nqhn0_6JUT_nZsbJyr2X8eV0lBX8c&pr=13%3AZURpoQAAAAALIUufkosqh_yqzXWs_AHdy0-jkw&cid=CAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ds=l&xdt=0&iif=1&cor=12689829192710860000&adk=4027077851&idt=89&cac=0&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:21:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29392
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
server
cafe
etag
17132697034905592634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:21:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5457 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGFC-D6pe9GRRcL1BVm6tyL0BCJKZxohti0aAKYnk5Ie5jfFfe5G535Bp2prFOLct0gZJuyoOg2ZRLdhxcDighfIqEUE999P8pQ5v9uuLGiwWeK5MH0L3r3J4gUTErCKqhtsSh-wbCRilVvteFmW-NDYL5xQ&cry=1&dbm_d=AKAmf-ACOhdIE06gSMbOb-bECF6TpkmF245Xq64eElhzdfJANcfAz_uTQQcRtDkCvrRdJ1Jvjg8I09aW0SxTQG76QZyLa61uGXNjb9ScKlfUNfmblMemkX5ccaqTAqMc3zzorFVf4cPTzp6PMZko-uNaW6OgGVIFZpGv0Jtci9kFWBhGINWZ-zxCGFe8bp7Um8UVNbzxBS03XpNSQireAty2Q0czl0aY8ts9JkCsUXe7V3pvSLyuehxBn-jYfy4Mn_K8aXdHsO8qXzhD-eIkKOlG3xq15VKB271XyzhQ0rtZq-ZuZxWd2viY1SwI6RsGWi-DvhgmiQfCRbjHRv7tEiBHVkBOp9tGun8V0qAX6_p5OoicsVyuh_TmElIWXPQxJgU3q9v_jzph7OFZZh3MiBIYtKZcsO0iqAPgXqZLnkHWkI6YuriatWlO-XtUsbEZNUVGFXRnvaubT9M0hEfCB1tzfDxDCyJwh2NuudHE1QKjHAfaDf33PXXbeD7PB28yuCebUiSVA6S8BfA9WYA7JsrZwNxZ7XhCDqETJVVCL9mZ-lFJ34Ot1Rd7KK-kLKpfcvQf7XSG3adBZEBRbdDwLasQlCJazSb55Pq3yQQ75zBgdUFyOui1NBrLaZ-bgYqWjN_Slwn9zI0vrNUHOMq59ovCSFBI-Dn-oD-HjYqr_7bGqdP_gF13-tQDZ7cYXBiMKzcoKhQ1YtII_ll63PSk8RNkr0sGEOBBYa4Jk3VCRj52seEg_8p6R791-w7v-vDvbRlzLMSJU_j0ASSymkB37ZEN64_vpW6cc0vLw8nH8kU9lDfD0CMLZBjYdRdf5A0gy8lXGln98Z8ZyFXJKyIxTbiXAFSoBOfmb7ZWy7EcqDX5exLwF7QPHZn7M5Y5PygCIXadK49SmtXrbAsdAkga82BXaFMyREccnOgIBbd7kbCnLnV0D3fRMgR5JG2rshhBWkyoERbtTbf5R3iyp3kSsv70K9qABdRrbMLGzWcdhBxWMZSBSJt2N474oDet_Xwfh-qN70KWyGe4eUaNY9eq6uPTGW6IMumTHrb_sQis1bBuYLIh-OqOodMxw2Ey2n0jPVPGtmXhKTZnU9bfFVonn01NIz7ugnM1Z4wD5sNK9BWGYRhk4iVmw2avZo_OqpBrD4shQZkgSZhlh9SSPgAvuQ2sY69d_TizVZTGdkfFesmkKP92zu7sPIyMPicsxyIayLc9YdRTfcf5istgqcKlZ7lJO1eT52YhykgmsdYWD4ZEnZM4wGeJiXxkXpkl8fZCBwXDHe_wJ8uZ6N9JONGtNjE4WHBp1jFj-K1SJaZL97gCk1P6Dlonc5E26tEILpnWGu8yLfTcFbNkr9dGbbsrLlVn9ZVJS6hHOitYN5f_4qKoZLDN9odNG5uhVwnfxBorVrAYhoSmi-DJOujxt3GqpTGiB1C0mZx2CDl_4r8pQ4cL_ndFnkUuHOWxjRJ4oubLaiDB7vINF-8UcyPhpkG6qaHfQ6gQZaBSnU35kDUSTsCc-ajYJMhvDkSE5Te8LY_-H3siuCfTGfkTWYNAgz7NSfydxwEpFzitzK4fT24eYpmgZGXU3LtAL5PkCpkPRyQAOHto-Hb5KFx-blEbLqKi_8RdFAPf56xfjqQFb-Yu_n2Ms_-aNgPcDShLgbzY3SZBtoAsYXUS_y1e3BQcEz74Lto6lvWTEOM5xymdEO3wjx-IprlmmO56be-Lxr71HTcKTM75UpWANC6ePbGMPV2boNNAxgTcoT92zgwEH0NO69p8EZJgdQuoGKW3c8GcAo81oBP5BORWHOBqnEeDIhzOCCMTCwXyBgA2EaHW2EdHwRfr5BaZxnppACVJOm7aHx9IQJJA1ypFMQsV2xrs5mhRVrX8_q9MzKCCCjL4XCGc1qmtMobTNeU1VdGDyIl6DSC6DdJyfw9bIjwQcqZx8xAJ6_wIV0P0fXCUgo1BajqgjQrJ4aToF0ZsE4VvMek3cb8BjUkr80GAv06-reqIJH14oaARcWE5OcBXOkNNWeeUt5GKi1lUE_QCPt8rJoJ_0YN8t-ei75W32gd63fGS4o6XfeSnk8IFBPNx0fyf1PG2MGGZc25cDUu7-nmUQlcdx9SW5kH1JAWRsld6d8N_vymeLV5t5uehiwDoPfesgClw3xWpmqfIqCq44yTqg3JHPqHVc-hcqtoZj0NHl0iQF-Kv4vAL59ziWt5M3mz-mjU3SIV8-kZuowvBT3cLffu1eAQwES21--tCU9_RkEKBN7y7DWVrOf4Ga2no7zy0BF0hAQQ4dqYN93tOasmhyf1Ksc9CLg0a_w18LVPTfUJoItX4FbMNEsNjynIb5BuWYyI4xQ-qJGs4lmQFMXzP_m7Gn2ljnrVFeuNQf2d_eVmTLW7OpuBgCSFdcoN2Zojr_zqAUWeW2gQ60yyMoh_zLENn1745OtPRrd_7oi_bJxjfDeNp1jWEuYGd32BOQMgjfc66aNFEXrKI89ZIcUzL6cG_sUno3kot1ybARI0jfzC0nFbYICnKJeg6Wp4OVrMBkwBMeb-UkZ4oAI0Xu-Gv3p_NMj45cvPA3FgbcbBVu2qlPNOtAOQQjLZfK-EA7ieb1nEiFjlrrO2cKAn1JC3fWyqGQWIyVAd_iHRogaAlsfr62Xd6jIyjuTGOsE_B878bc852nalhKXie3iW4ZjM9RSaSlkETq6rHYTjsUj-1NNVBa1Kmw_xUb68QGKWIcNcixEw_3l74WvxtqwnMeBhZQ80VE4bL712EGj2lleKOtBroLQrKo1Vc_Tmc7xtSnTf2FrLAIjXauqKOkSua49TzmePFDwxeVxf55ZcjULTZC1_55tmNSl3QjgAkZidNcqt9oxUpxkE830aNYDGuPpmUnG_B__FY4ZrQTol0Oez61weVSLZ1l3uTwSqkBvOT7EtDOWUQwFS1YK5R7XDsjDFzmq3l-yZzfdl5IQY2EQhiOqwJmuKP2h9bAokuLvCdAwLrUvi7obClU8K5wy8JcKq9PkwOsE9zyvnCHWrLMoDw_zDRLRu_PVaqvwuspIckx5vMSI6t1F0vRmyxaIhbiwwp-a0vaXqj_2kGXfVxGA2AVJEJCo3YiyMH5yehTmG6GaR0b0r4ItT69dqg3QGz_YqHbaZXcSjwUEW5R1iSMKJ-QtEW1WBmEEmV_bKu1BluK7hpyXDM7ZksSuaPPL2XxtX5983Zl5m8VeoDaMjegY4_wmSjMsl3zoP1G67WgdVm2n9zkQAnr54cFgg47lvAXFI-LU0hm_7XjA1jbpELa8ESE-ewfUEx0dXd8PkoovB0K5q70_SR6WqkQSCALOlkiIZ38ZE4JodXuspR6FS3QBj44rUZvnyUPdPqP_e4xYcjV97ZQqRGRcWkt274h9afLX_gj64qrXmxZM4h197ryumETK8md_RjLpDor56txCydatGQ6w33FniGuxypgd65tMHGFyfooWQ6IDRWM3Q4hBsdu1_x9wSGBVtlhS8MUwysvNWQulf--8LU3djVDosfpgQSTZpsaWUQNPPWEtnznictf_S9P8L5RCVH_E99RgEnHRL23Dxdu_lRTI8kVkxBb2YfsGOelqh_zVD7opzhP-RyppBfnezdf-H52FdbtU0q3zNtTg_aQv-PETfaVtrf56BqnBUyY1cb_sbMB2FrVxUEJbw5BkYIffd7P_Nqhn0_6JUT_nZsbJyr2X8eV0lBX8c&pr=13%3AZURpoQAAAAALIUufkosqh_yqzXWs_AHdy0-jkw&cid=CAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ds=l&xdt=0&iif=1&cor=12689829192710860000&adk=4027077851&idt=89&cac=0&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5457 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGFC-D6pe9GRRcL1BVm6tyL0BCJKZxohti0aAKYnk5Ie5jfFfe5G535Bp2prFOLct0gZJuyoOg2ZRLdhxcDighfIqEUE999P8pQ5v9uuLGiwWeK5MH0L3r3J4gUTErCKqhtsSh-wbCRilVvteFmW-NDYL5xQ&cry=1&dbm_d=AKAmf-ACOhdIE06gSMbOb-bECF6TpkmF245Xq64eElhzdfJANcfAz_uTQQcRtDkCvrRdJ1Jvjg8I09aW0SxTQG76QZyLa61uGXNjb9ScKlfUNfmblMemkX5ccaqTAqMc3zzorFVf4cPTzp6PMZko-uNaW6OgGVIFZpGv0Jtci9kFWBhGINWZ-zxCGFe8bp7Um8UVNbzxBS03XpNSQireAty2Q0czl0aY8ts9JkCsUXe7V3pvSLyuehxBn-jYfy4Mn_K8aXdHsO8qXzhD-eIkKOlG3xq15VKB271XyzhQ0rtZq-ZuZxWd2viY1SwI6RsGWi-DvhgmiQfCRbjHRv7tEiBHVkBOp9tGun8V0qAX6_p5OoicsVyuh_TmElIWXPQxJgU3q9v_jzph7OFZZh3MiBIYtKZcsO0iqAPgXqZLnkHWkI6YuriatWlO-XtUsbEZNUVGFXRnvaubT9M0hEfCB1tzfDxDCyJwh2NuudHE1QKjHAfaDf33PXXbeD7PB28yuCebUiSVA6S8BfA9WYA7JsrZwNxZ7XhCDqETJVVCL9mZ-lFJ34Ot1Rd7KK-kLKpfcvQf7XSG3adBZEBRbdDwLasQlCJazSb55Pq3yQQ75zBgdUFyOui1NBrLaZ-bgYqWjN_Slwn9zI0vrNUHOMq59ovCSFBI-Dn-oD-HjYqr_7bGqdP_gF13-tQDZ7cYXBiMKzcoKhQ1YtII_ll63PSk8RNkr0sGEOBBYa4Jk3VCRj52seEg_8p6R791-w7v-vDvbRlzLMSJU_j0ASSymkB37ZEN64_vpW6cc0vLw8nH8kU9lDfD0CMLZBjYdRdf5A0gy8lXGln98Z8ZyFXJKyIxTbiXAFSoBOfmb7ZWy7EcqDX5exLwF7QPHZn7M5Y5PygCIXadK49SmtXrbAsdAkga82BXaFMyREccnOgIBbd7kbCnLnV0D3fRMgR5JG2rshhBWkyoERbtTbf5R3iyp3kSsv70K9qABdRrbMLGzWcdhBxWMZSBSJt2N474oDet_Xwfh-qN70KWyGe4eUaNY9eq6uPTGW6IMumTHrb_sQis1bBuYLIh-OqOodMxw2Ey2n0jPVPGtmXhKTZnU9bfFVonn01NIz7ugnM1Z4wD5sNK9BWGYRhk4iVmw2avZo_OqpBrD4shQZkgSZhlh9SSPgAvuQ2sY69d_TizVZTGdkfFesmkKP92zu7sPIyMPicsxyIayLc9YdRTfcf5istgqcKlZ7lJO1eT52YhykgmsdYWD4ZEnZM4wGeJiXxkXpkl8fZCBwXDHe_wJ8uZ6N9JONGtNjE4WHBp1jFj-K1SJaZL97gCk1P6Dlonc5E26tEILpnWGu8yLfTcFbNkr9dGbbsrLlVn9ZVJS6hHOitYN5f_4qKoZLDN9odNG5uhVwnfxBorVrAYhoSmi-DJOujxt3GqpTGiB1C0mZx2CDl_4r8pQ4cL_ndFnkUuHOWxjRJ4oubLaiDB7vINF-8UcyPhpkG6qaHfQ6gQZaBSnU35kDUSTsCc-ajYJMhvDkSE5Te8LY_-H3siuCfTGfkTWYNAgz7NSfydxwEpFzitzK4fT24eYpmgZGXU3LtAL5PkCpkPRyQAOHto-Hb5KFx-blEbLqKi_8RdFAPf56xfjqQFb-Yu_n2Ms_-aNgPcDShLgbzY3SZBtoAsYXUS_y1e3BQcEz74Lto6lvWTEOM5xymdEO3wjx-IprlmmO56be-Lxr71HTcKTM75UpWANC6ePbGMPV2boNNAxgTcoT92zgwEH0NO69p8EZJgdQuoGKW3c8GcAo81oBP5BORWHOBqnEeDIhzOCCMTCwXyBgA2EaHW2EdHwRfr5BaZxnppACVJOm7aHx9IQJJA1ypFMQsV2xrs5mhRVrX8_q9MzKCCCjL4XCGc1qmtMobTNeU1VdGDyIl6DSC6DdJyfw9bIjwQcqZx8xAJ6_wIV0P0fXCUgo1BajqgjQrJ4aToF0ZsE4VvMek3cb8BjUkr80GAv06-reqIJH14oaARcWE5OcBXOkNNWeeUt5GKi1lUE_QCPt8rJoJ_0YN8t-ei75W32gd63fGS4o6XfeSnk8IFBPNx0fyf1PG2MGGZc25cDUu7-nmUQlcdx9SW5kH1JAWRsld6d8N_vymeLV5t5uehiwDoPfesgClw3xWpmqfIqCq44yTqg3JHPqHVc-hcqtoZj0NHl0iQF-Kv4vAL59ziWt5M3mz-mjU3SIV8-kZuowvBT3cLffu1eAQwES21--tCU9_RkEKBN7y7DWVrOf4Ga2no7zy0BF0hAQQ4dqYN93tOasmhyf1Ksc9CLg0a_w18LVPTfUJoItX4FbMNEsNjynIb5BuWYyI4xQ-qJGs4lmQFMXzP_m7Gn2ljnrVFeuNQf2d_eVmTLW7OpuBgCSFdcoN2Zojr_zqAUWeW2gQ60yyMoh_zLENn1745OtPRrd_7oi_bJxjfDeNp1jWEuYGd32BOQMgjfc66aNFEXrKI89ZIcUzL6cG_sUno3kot1ybARI0jfzC0nFbYICnKJeg6Wp4OVrMBkwBMeb-UkZ4oAI0Xu-Gv3p_NMj45cvPA3FgbcbBVu2qlPNOtAOQQjLZfK-EA7ieb1nEiFjlrrO2cKAn1JC3fWyqGQWIyVAd_iHRogaAlsfr62Xd6jIyjuTGOsE_B878bc852nalhKXie3iW4ZjM9RSaSlkETq6rHYTjsUj-1NNVBa1Kmw_xUb68QGKWIcNcixEw_3l74WvxtqwnMeBhZQ80VE4bL712EGj2lleKOtBroLQrKo1Vc_Tmc7xtSnTf2FrLAIjXauqKOkSua49TzmePFDwxeVxf55ZcjULTZC1_55tmNSl3QjgAkZidNcqt9oxUpxkE830aNYDGuPpmUnG_B__FY4ZrQTol0Oez61weVSLZ1l3uTwSqkBvOT7EtDOWUQwFS1YK5R7XDsjDFzmq3l-yZzfdl5IQY2EQhiOqwJmuKP2h9bAokuLvCdAwLrUvi7obClU8K5wy8JcKq9PkwOsE9zyvnCHWrLMoDw_zDRLRu_PVaqvwuspIckx5vMSI6t1F0vRmyxaIhbiwwp-a0vaXqj_2kGXfVxGA2AVJEJCo3YiyMH5yehTmG6GaR0b0r4ItT69dqg3QGz_YqHbaZXcSjwUEW5R1iSMKJ-QtEW1WBmEEmV_bKu1BluK7hpyXDM7ZksSuaPPL2XxtX5983Zl5m8VeoDaMjegY4_wmSjMsl3zoP1G67WgdVm2n9zkQAnr54cFgg47lvAXFI-LU0hm_7XjA1jbpELa8ESE-ewfUEx0dXd8PkoovB0K5q70_SR6WqkQSCALOlkiIZ38ZE4JodXuspR6FS3QBj44rUZvnyUPdPqP_e4xYcjV97ZQqRGRcWkt274h9afLX_gj64qrXmxZM4h197ryumETK8md_RjLpDor56txCydatGQ6w33FniGuxypgd65tMHGFyfooWQ6IDRWM3Q4hBsdu1_x9wSGBVtlhS8MUwysvNWQulf--8LU3djVDosfpgQSTZpsaWUQNPPWEtnznictf_S9P8L5RCVH_E99RgEnHRL23Dxdu_lRTI8kVkxBb2YfsGOelqh_zVD7opzhP-RyppBfnezdf-H52FdbtU0q3zNtTg_aQv-PETfaVtrf56BqnBUyY1cb_sbMB2FrVxUEJbw5BkYIffd7P_Nqhn0_6JUT_nZsbJyr2X8eV0lBX8c&pr=13%3AZURpoQAAAAALIUufkosqh_yqzXWs_AHdy0-jkw&cid=CAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ds=l&xdt=0&iif=1&cor=12689829192710860000&adk=4027077851&idt=89&cac=0&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 14:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
566027
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 14:17:59 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B4AE 		2 KB
830 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cca611b1c389d58946836ca0bb7fa9a0d0268ebd1f80f9c00406c7646a845a5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82018bd52e862397-ZRH
content-encoding
br
content-type
text/html
date
Fri, 03 Nov 2023 03:31:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pUGFlFx2WTb0osvwmPwgpM%2BdbcREVDj51dXNjRh%2BbMx0cCj8t2YD3rBM5xRDgnkeig2aZw0iFTpog%2B3tT3ipkCAvhZ5TR%2BfcNkh9HPld6GALlzy63azPysV%2BpuZcH1l6rnWSlhSGARiQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 38ED 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1224526
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
82018bd52c443b51-GVA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:46 GMT
expires
Tue, 17 Oct 2023 13:36:06 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XNz9BhcXZl0RpcTltF808P4G96JbxeqoASFLo1Dkv6NhPhoJ7xfwWtCVvzRXopxbbfkPCDHcrffTSzSyuZ4Ce2VUD4SfZS7gvBq1VRRqFIf621Q0YbKQ3Z6xnKv0NDJuUL956s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 212C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AffKayShXI4AlaYcc6sGx1n0OeF_ZReyR70PUSBCSgTuxfWaRailHoI9nIXZFZghPvbqHDSnR_7OljtQieZYyMb8n66w7LZifzWNftSeKWJ3kNB2240A3BhgNDOlwa2aielxWlB3aCmqTiROmRWy0V79nyXHMnAcmB84cAnkhSPq53754&cry=1&dbm_d=AKAmf-BtmQIU6bspNcgeyPomhddHwljm6mfa1CUVrGB7VGjlN9ABJaYKS2FjHBG2hKrW_9AlIGyR6FBxJ7viniEff4O0gyXoLbiL9VZEk6oaPf1P17tnLDsTHrWt_1kRJpIO8sI-7S5Az-fBgiPOa8dKa3ZTr_8DXhedEnetsxuKUN8D2vFv0YlMi6oJJ8FnREmUywXa6ESc3I5E9sxFNeLZBhLHFHnmeBggwaEswE1DmVihnkTAKy8lYu9cxCnueCSgPl_JrUn9h9AKfbJ4dWm-ZPHrjwWVUXi_FToZ_4SYocmHxMNaUeqiJS7Jw6IZzclGH_yCtaqfyo9liTly7Nql5LmeTqSY9jbvCowyceJUKQ6GocPajr7kEfCKS21r0C9Ajm3FEU5VxcTbXIY323zVbld82WTzsdLR6uF_kKUhUKLgYbvgcy8DsC7LxVGs4kBGpAqLe7x28LjrMeEda8OeL30zj_WMTqISpX5KT0H4Z8UFJf1IgY43Zl8RnG7beCtzhZbNX4DFzSqwNhfxjs_45CwO8W4dTSHHOsnNPyQh8d5mhGbyunqraHsrjLE1oz72d5B7L5m6EiTX1AWrwMGkqXASulJVKcnSOS6D3ZBCxLNVtwoPyRgJy_kAK_QVHwyXBP8CYZ2WA_ZzUBbd0hB6yvBv0Q6ErBxjNZDZq8yFkP5a4scFlxMKcPBC_ric30O887-Yvsj4o_zfWzak6MaDIx8nAmAgXjhUcHPeM2j1Hla1dM2bkc_iQBc3bYPwDqkdsK5mXLpQYrTbK-zYLQmN02Homwv4xGyqcUlK1uZtz9I0dpb06ULub1TJTYvfXDfXs91Hq6Fle1qkys15P8j618VsvWzXXKOCV71STpJmEUtdpcHnZ0MIQTPMEy8YNdZB8cbRbwTgWIGxpo6bs_cB1PYoSO4PaDHznlZnjicMeOLpyQVkTTNjEay1ISL_vADMYvqR9jZGBITQ0-lQw-IfBOt2ANNqxuM8Vbz2KUesWELHWWX0EAdNshaPlwYxeNrfQV7uUcjOeXYklRsXYAq7L5-xXjoD1lupkhsn1zr8TLQApTzSeYQlibIzRC5kZ5MuDJIePI93bgWjw47cWzfCAY45QYa3wJMosZzXzr24X5cX7xv0LrHCmr2AjkPU6YNVo5exke7sRmHqYjhdWJ2T6CA0UROjNRUA40eF90EXYT7ebvf9RlvrNp9dm-j1uXkmmafGT_bNBRs_A5jkhVBY_jhPaDCL42T0GULKZFrEViqYcynb_8-72Nnxjrka9WuF-mSLOCoX9dlKvYbO31jDzFNj-tZldg8WcenKZ53NUcHeD_BpvPBqMxQJQQS5ovrIyGTp-Hc5JL55oKdpCFKlGPiRQ33f6iNNdqPUrzM2JC21CBF7PN4Tij76N6O5LEEbmd5ETHFGBmrRUwHAbT9lEFDj1vs_RaKUcWr7V4GfoG5-nAcNT6_997yu8RawAC7lW9EqRNUeaJUCLHIvIcz_Q0TpC_s-n7JvrV39N1OCTGU8aelweT0OoWD3j6ch_vKUkB1ke58hj2DO1GEI1IC8oOA-nimoQdMQl3AY-y2yrjhO9QaRTJPNjGlQL0-rYigRZfhd0TiPRK9kPMziyaDLaez6rDmMn0BkPLg-Q1Sin_dOs6fsK2Nrb5kZomigS1eWOGfpR31sS2OrlL1QXr9wnzzT_z2-hVsUS9e9xaJcoshwoQ0dHlvoea_PkgOgKBB8G-wuvwbLjK20JbMlG_cK42tPzgvFV8EMYTv5BEQL2ca4rFqUDtY9FCUCbCTW-Be-pVsW3CaGg9u2pTxjcnHqz7yzGFmXcU9qtLaPcDAetvdSePoXEik4syyQXjWWTBqE_6gJ-ZoOh0SwABmIXJ2zqDAbvhzUavbvucDKkkbrDXI9FiEAZzj26aiOactKSpam94J5AGeYxk94oBmm1A59j-D2CWlzkkL8KepfV8tJK8Eha5hc1teWhf5UlqYUeLmOUyEyIGtXEeo9zD-A-h7aAjgvuM5MlfoRvE4HoR2GGPYCIbxmDiZ6XqLcc19v-YFbvPo_9K4WfvF5UyICOxginAl2e-dd6Z9OcTIWCVmU6v0NwmuffmLE-IZxFyghbN7bS2POkBSK3TyT5SVDoPTSajfqzQlfI1ypZDFl7c7RNz-z--UfCUIfsI92XM1BNTwQPaz7wQ-6EiCk57EdoWXYNZxdl4f8KF8LFhu3pUUgIaqxF5whmiG-Amo9_SjJ3mpit1gMSF0z52Ise42ltD44ZYEIv2Ugx4fYxOFuHjrzbTMkInEKrI_vmo1WfhjQ9Z1g5aB32Z6PS1sUDnoE3WL9Vv6BPY9Aul0WswAJcKsnuMOEVSJCG6QhSg8HP8MMwbLdzXG8R9V5i69Y_Mszt0hMZ843EcwdgqFs3iJhFlFyT41e1NkfmAv4CPdGFpe80CijLIW-6sQn07WJUDhM9sVRGCgqLMErfCxybCyIRvaksdJtclo1N-tqnB46zwM-kH7BO9_rivcRNNga3Isty_Z2DVggwN4-rxdbP8n6ySV4XkYS245sQOwTl8xi-jSYf-hOdKiMDX9mdZ2mTHu9NZNkV4gQlA7azTBR23yh6Yad9n83jxf7DCG_7SjXr4LVLz1KBl0eCOIIhzrhFIPEKv2xvWTfOKat5CRD_bXuFqeOXx3IftZASSMY7Luc6Cby3gXGr3GRN_tLorlQuuMt6be7WvaZDcIygi0PZ-OnGEinW0SlEhFy7HmQIq2b3BVNhtNYkfD4-jppvvH4V0AGBsn91NFn8o14O0IFCM2SFUnQxEu4qhFHiZCX8BB2X3fyJJt-gYbjKso_xetOAL_YDFlYdTo_6q05k3MZHRJSSTo6pfaf-nWvXbvkxm4AGFV7mp1KZ8jK8n6Zlxubxq2pQs7EwXkmWhxfBnaM-g_b8-PcDZofRjenkIW1PuAgsGeUgKvwpLdUSBWgie2qmQrJCmrymhSWEC9fR9bk0gWryMyTraDaTFxRWsV1isMQuf1xZ5wvi-lZ7tlEYt3tVkgzd6K1Kl1_scbG2lK2Gkcm1i8VPh3wpGobSe9olGAAnL1NY02nR1edlNCLFkuPmYwUMQaXBsWUCU23hXSUP8wX8RdiLN1oubv8asxMr4WKXOsNCQjDLpTSa-IUcfmMp2UYlJBazI9HSjsQ-rJJgr87VNWCUPJvBHv9U4vqNon7FejnTqkSlopmuqKY_jjIHcyRIJSFkOaXwmLWSpplRR9xNWOhW2E2aXSSmwiaW6SSCEmq12QvRurCthnaBfSFknrcD5IFCFEly4mjNVYHbEUiBYJLsLaM42fhBjhCBOJeOM8Ns-lqlhAAeC9C95gmxjpOzHcyB8a2GtNQwmT6eHV_ZVL1va4G52-oYFXs2-nauyeD8TsuwXYiUTZRKK5Sn0DwI4cVNou5RxijHdQahuyEGEXEvRT_dXzikUxyrcrNUJ0sfmU0XMLMa8XSeG0gWIcVMLNn0MNZDhem9gOWtODx7hhyqi9w2YR4E9Aghj6KiKP4Nj5vth-Y3hlUaiGs_MF_84mc6w9UGDXeB8PiwejqpuC6BPoKmiVTRn9bFWc2L80jASs2oaIhpB02tW_nbzZ2wmzql16dxxhoWQ6upI9DaHV9kkeFtldKkVHcjxZ8plZwltozwqHpkxDJhWP4MIZr-2tPLqa1Rj3w-1ko_4bBOTL9UxincyxTATheaoVW7EooHLQ6H2teOCSAqXWk6N6KDvo5P9BJ_IJk5nvBhLbDua2qfs7XP9wUcG2TPj7pjP20l49kT7j7WBkwiFBM1prAT_jtQSJBXysUaFh0fIYf_FMlKIUKxmD4yxA8yKLTPogYhWRUggYeixYzgnW_3nFd5xCQG87EBLQKZZzMS7Qp7s5icx3ouW7tlLOmn4MSgmmhAfWeCZzT6RhvJO7Yq2Tz8OIZEIDyBJ9Bq2JMM_Jvc8KS3oEu8ViP7LofM4AkmV21M8XcG8h4eUlW3Pip9Fov5MbTVByh-HAG7v9yt-aeteocNofFyC8krbzcfS5OxynB8v8MreaY_wcrnU-z6WPcKAQo36bUKn99q_479W1ebW6k8LfJxBmGlcZL7XrgSsgP2VenJYN5KRClWR3Shp6MUKqVuHM7WadHKQ&cid=CAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=10474873840945220000&adk=2857193498&idt=66&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 14:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
566027
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 14:17:59 GMT
29okurnprew3
hal9000.redintelligence.net/zone/ Frame 212C 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/29okurnprew3?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDvkQoWlEZcOrGejDjuwP9_a-sAeRwdCbaZvog5LcD_AuEAEguoTAM2D1BcgBCakCJ_iGPNvisT6oAwHIA5sEqgSZAk_Q9qf_YkxHHW7JUgTqt_e0KC6Gug7VeL7PRPobbEsH20hVm413kRM7928YTX60g65iuhx9Gav_3Y6snhXSKuOqqaXJgt0z5NSbxpvA5xjzq7aZIQBcIlEKeGviJOgoyHBXlAN0lX5B5-78bQ_QlVx8ZlVDCBRpuT3QGfKKx5IKI6CihEINmGNKYCi0VRY3TedgSfHIMGJb-HOxsOxTp94mvzAjjpAinroqLYA1JzXRROxdUD4w990mTAEAuyIYoji_wn6xhBzN27IFabsN-jmVcHCX3It97uB8negTr0ad4hOjxq6AibyDitMvlhUZX4dLeEnryqQ16uX685o3WLR6MvaBlXOkW1_dpTmDQbJfE0UsY6Mp10FtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCL3Dq6bypoIDFeihgwcdd7sPdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64_1ctCK5purfB7llltbtYCNh3bx7sQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Au6hy_8ZsD64PfbteSAWTt1IL0nF5e9xvrkTSjfn7lTq4R2Ar0nMe_YLXbYK1kgAV6YusyshNWebPoV3q1FNyp_mZvGytRkoRXxY_HvCea-i5gJm8PjxHQrbQ8D-JXMZ366oaNIpx0wTaFa5JXh-4-dshb2qrmW4hcZhUre5sQiaPYw-c%26cry%3D1%26dbm_d%3DAKAmf-AEK8ZZEBV3iZf9mtsvlUTwvwCpmOd2oP6HtL_B50YwcjwYa-zxX3xClby4Bd3p1fd1WOMsCXDPwjhK6Ipw6SKNQoPS_o1GozQ-fHvKKi0-kaJhT8zz3vLnG9HQtoa1h4PUShjx5MjtpsPzKovlXRBlnXBYUJXPpDZ9spHHFk28KsPmzdmwr7ilb9_UULLB34pp56HiAXkJdFH4OHiFqaEIHmXS2v8VQryyw8cEdAb5OJDT6XQI5KaAuZRO0AZlkPKeMl7tk0CawIsi4xr5BzrsCO9Gb9oXgXQHqp0vwdqvONyqZVOXeNEhYwOkSymrggE19LL_QpH-6zqV1TFt7WCAa-obL1uGnGYnDIgrZet5NhHKZa871GFKNMSonVY8m-YkZp5LJFyyThiR83FaLanoM2rBzuu2aXiqIUQanDlnaTChjP9JktEbTuECr1DKs3Qs-CuxWGEjhRzbMUE3jK5TfJ3wnnit9-rPQpCG-R21vlXLJi7m0vSHnre4djctOQ5ih7hcEyOjaKHPEY-7wCVMpwygH5sM0Bie2pIpF6dJMK7ZrX6cR8HMJJgM2NEiBVOEFuKi6WBCKKkLiSKDncFkuBMfVa6FpLzeCvYCWkQZC0gMBfRzRqjM0n2ti92rVqZQeF06nsPti0UTdlc4u19TK_va3cVoMnGpbflibxvH4MPfmhQ%26adurl%3D
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
853bf1acd1d9fc7331edc0a23faa78f97eb8024129e035d59a5508167acd94db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:46 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4303
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
js
ad2.adfarm1.adition.com/ Frame 57FC 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7297073440753322764&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=771191830&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
f4496f8f246742aae568bd46891841bdfe94e991b84a07854997c9eda7e49e5d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Fri, 03 Nov 2023 04:31:46 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9FA6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
566005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 14:18:21 GMT
expires
Sat, 26 Oct 2024 14:18:21 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 88AE 		210 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_fy2021.js?bust=31079328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b4af2a5de789f1351628e0970d30000303eab0079b80c055231d00c3e019541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C698 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_fy2021.js?bust=31079328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c6595efd61181675033f0c4cbab7e40415b75dc4aedfa9a1fe6cd5d695eb8ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13677
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
362358.gif
idsync.rlcdn.com/ Frame B4AE
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZURpotJ3N8GOWqBdq-1wawAA%263286&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZURpotJ3N8GOWqBdq-1wawAA%263286&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=aa6a0fa13ac54b24a2302d0946f5ff80
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=4a572172-9980-4e9a-87dd-fa94477b15ee%3A1698982306.9913738&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4a572172-9980-4e9a-87dd-fa94477...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730638919969&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4a572172-9980-4e9a-87...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=4a572172-9980-4e9a-87dd-fa94477b15ee%3A1698982306.9913738&_=1698982306.9944382
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc0YTU3MjE3Mi05OTgwLTRlOWEtODdkZC1mYTk0NDc3YjE1ZWU6MTY5ODk4MjMwNi45OTEzNzM4EAAaDQij05GqBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIBvWVso5LxptL-rhd8p0tU&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIBvWVso5LxptL-rhd8p0tU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEIBvWVso5LxptL-rhd8p0tU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B4AE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZURpotJ3N8GOWqBdq-1wawAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRDrliW7Rz6q9n%2Fy3GHsrLHFlf1a8k4fa0zAx76mjEkUvFlTbsQ0225Ek1U%2BvdLzWOY4UtBy7q%2BtFN%2FyQR9UB26pvHBROwBukCP5GX4KJCUwhQ%2BMYempfAd5X04SZbHNKdr4pKLPhnEjrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018bd63d1c23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFmb2AGi3UbK99evb3BaZM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B4AE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H3KTREAJ7B60P15YVWJE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9ZKG91YQXS8BXJRTFF4P
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B4AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMiWkdMHso2ldCEll9QLKjQ&google_cver=1
43 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMiWkdMHso2ldCEll9QLKjQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npg4MMqZnbznsJ9uf%2F7E0YWUJ6zUJC%2Fe8ziq%2BopcN7hvKSi3vZ90VuA32Neq%2FgXw9bETvQ%2B0avl5lGwXEiF6JqdjdEipOh8jVUNjqtKS17EzbMzWx60j1eRrQv84DGhFNRMYwUJ2YVttcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018bd63d1a23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMiWkdMHso2ldCEll9QLKjQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame B4AE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://x.bidswitch.net/ul_cb/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_cef4966e-f3e4-4da0-9b02-9e185be6d5ed&bsw_param=cb955613-9d69-4dd4-b968-162f8faff42d&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy=
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8BV6C%2BmsrsUum0XmNWCgQblDvzcXGWDtad5QNB30S4Lf9%2FoPpObKeMGN3GMqpG7fbMkiU%2BgtCDEKv6IiFw8v%2FuY0AzCbGORj%2Fn4isgBMPkmtBL5BdHDHLFL9B6IGn%2FLknspnRV7"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018bd838e52397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 03 Nov 2023 03:31:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum-sec.casalemedia.com/ Frame B4AE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3376543238220108584&expiration=1700191906
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3376543238220108584&expiration=1700191906
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIB%2Bc%2BLgs87L10P4IFt6zMrQ8GjcY41oZgo%2BI7ZWUlqnCfNhhlOZ1XGGlqV%2BAboNKsrqE2YNaC%2F6g4w0qpY3j5Sx8nqD49ESA5PexSHoxwQR6W3%2FYK2W4iHFAyGG5hIDGxfEgpPM%2FpB%2BtA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018bd75e2123c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3376543238220108584&expiration=1700191906
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B4AE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1dfc:1fae:3d75:f146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
casale
match.adsrvr.org/track/cmf/ Frame B4AE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B4AE 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZURpotJ3N8GOWqBdq-1wawAA%263286
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
415
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82018bd61aa823af-ZRH
content-length
43
expires
Fri, 03 Nov 2023 07:31:46 GMT
idsync
sync.aralego.com/ Frame 6BD5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOI274NW-5-C2CF
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOI274NW-5-C2CF
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOI274NW-5-C2CF
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
HTTP/1.1
Server
162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOI274NW-5-C2CF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7A04 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
566005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 14:18:21 GMT
expires
Sat, 26 Oct 2024 14:18:21 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame E69C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd68525cb11f60d8d7b537b314b24df440c3fbfdaf31e03d901d418f32e517ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12198
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B8CC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
566005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 14:18:21 GMT
expires
Sat, 26 Oct 2024 14:18:21 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 9FA6 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:33:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
115081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:33:45 GMT
banner
ad2.adfarm1.adition.com/ Frame 57FC 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4389193&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7297073436466217318&kid=5609187&kw=PACS%5F4787111%5F17068013&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7297073440753322764&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
6a95d4851a5a62a11b45ae1cf35084a8de588490142485963952ae68a61ed290

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 04:31:46 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
request.php
hal90004.redintelligence.net/ Frame 212C
Redirect Chain
  • https://hal90004.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=21c52f0e91&subid=&uid=6f3bbddf32c036c2&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90004.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=21c52f0e91&subid=&uid=6f3bbddf32c036c2&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
610 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=21c52f0e91&subid=&uid=6f3bbddf32c036c2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDvkQoWlEZcOrGejDjuwP9_a-sAeRwdCbaZvog5LcD_AuEAEguoTAM2D1BcgBCakCJ_iGPNvisT6oAwHIA5sEqgSZAk_Q9qf_YkxHHW7JUgTqt_e0KC6Gug7VeL7PRPobbEsH20hVm413kRM7928YTX60g65iuhx9Gav_3Y6snhXSKuOqqaXJgt0z5NSbxpvA5xjzq7aZIQBcIlEKeGviJOgoyHBXlAN0lX5B5-78bQ_QlVx8ZlVDCBRpuT3QGfKKx5IKI6CihEINmGNKYCi0VRY3TedgSfHIMGJb-HOxsOxTp94mvzAjjpAinroqLYA1JzXRROxdUD4w990mTAEAuyIYoji_wn6xhBzN27IFabsN-jmVcHCX3It97uB8negTr0ad4hOjxq6AibyDitMvlhUZX4dLeEnryqQ16uX685o3WLR6MvaBlXOkW1_dpTmDQbJfE0UsY6Mp10FtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCL3Dq6bypoIDFeihgwcdd7sPdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64_1ctCK5purfB7llltbtYCNh3bx7sQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Au6hy_8ZsD64PfbteSAWTt1IL0nF5e9xvrkTSjfn7lTq4R2Ar0nMe_YLXbYK1kgAV6YusyshNWebPoV3q1FNyp_mZvGytRkoRXxY_HvCea-i5gJm8PjxHQrbQ8D-JXMZ366oaNIpx0wTaFa5JXh-4-dshb2qrmW4hcZhUre5sQiaPYw-c%26cry%3D1%26dbm_d%3DAKAmf-AEK8ZZEBV3iZf9mtsvlUTwvwCpmOd2oP6HtL_B50YwcjwYa-zxX3xClby4Bd3p1fd1WOMsCXDPwjhK6Ipw6SKNQoPS_o1GozQ-fHvKKi0-kaJhT8zz3vLnG9HQtoa1h4PUShjx5MjtpsPzKovlXRBlnXBYUJXPpDZ9spHHFk28KsPmzdmwr7ilb9_UULLB34pp56HiAXkJdFH4OHiFqaEIHmXS2v8VQryyw8cEdAb5OJDT6XQI5KaAuZRO0AZlkPKeMl7tk0CawIsi4xr5BzrsCO9Gb9oXgXQHqp0vwdqvONyqZVOXeNEhYwOkSymrggE19LL_QpH-6zqV1TFt7WCAa-obL1uGnGYnDIgrZet5NhHKZa871GFKNMSonVY8m-YkZp5LJFyyThiR83FaLanoM2rBzuu2aXiqIUQanDlnaTChjP9JktEbTuECr1DKs3Qs-CuxWGEjhRzbMUE3jK5TfJ3wnnit9-rPQpCG-R21vlXLJi7m0vSHnre4djctOQ5ih7hcEyOjaKHPEY-7wCVMpwygH5sM0Bie2pIpF6dJMK7ZrX6cR8HMJJgM2NEiBVOEFuKi6WBCKKkLiSKDncFkuBMfVa6FpLzeCvYCWkQZC0gMBfRzRqjM0n2ti92rVqZQeF06nsPti0UTdlc4u19TK_va3cVoMnGpbflibxvH4MPfmhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=5191824914452&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
fc6e61951944cbabab5dec684167694291dce60fb81aa4c79cdb46b270764ea4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:46 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
42819400009565104438466012497004
Connection
close
Content-Length
330
Expires
Fri, 03 Nov 2023 03:31:46 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:46 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=21c52f0e91&subid=&uid=6f3bbddf32c036c2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDvkQoWlEZcOrGejDjuwP9_a-sAeRwdCbaZvog5LcD_AuEAEguoTAM2D1BcgBCakCJ_iGPNvisT6oAwHIA5sEqgSZAk_Q9qf_YkxHHW7JUgTqt_e0KC6Gug7VeL7PRPobbEsH20hVm413kRM7928YTX60g65iuhx9Gav_3Y6snhXSKuOqqaXJgt0z5NSbxpvA5xjzq7aZIQBcIlEKeGviJOgoyHBXlAN0lX5B5-78bQ_QlVx8ZlVDCBRpuT3QGfKKx5IKI6CihEINmGNKYCi0VRY3TedgSfHIMGJb-HOxsOxTp94mvzAjjpAinroqLYA1JzXRROxdUD4w990mTAEAuyIYoji_wn6xhBzN27IFabsN-jmVcHCX3It97uB8negTr0ad4hOjxq6AibyDitMvlhUZX4dLeEnryqQ16uX685o3WLR6MvaBlXOkW1_dpTmDQbJfE0UsY6Mp10FtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCL3Dq6bypoIDFeihgwcdd7sPdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64_1ctCK5purfB7llltbtYCNh3bx7sQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Au6hy_8ZsD64PfbteSAWTt1IL0nF5e9xvrkTSjfn7lTq4R2Ar0nMe_YLXbYK1kgAV6YusyshNWebPoV3q1FNyp_mZvGytRkoRXxY_HvCea-i5gJm8PjxHQrbQ8D-JXMZ366oaNIpx0wTaFa5JXh-4-dshb2qrmW4hcZhUre5sQiaPYw-c%26cry%3D1%26dbm_d%3DAKAmf-AEK8ZZEBV3iZf9mtsvlUTwvwCpmOd2oP6HtL_B50YwcjwYa-zxX3xClby4Bd3p1fd1WOMsCXDPwjhK6Ipw6SKNQoPS_o1GozQ-fHvKKi0-kaJhT8zz3vLnG9HQtoa1h4PUShjx5MjtpsPzKovlXRBlnXBYUJXPpDZ9spHHFk28KsPmzdmwr7ilb9_UULLB34pp56HiAXkJdFH4OHiFqaEIHmXS2v8VQryyw8cEdAb5OJDT6XQI5KaAuZRO0AZlkPKeMl7tk0CawIsi4xr5BzrsCO9Gb9oXgXQHqp0vwdqvONyqZVOXeNEhYwOkSymrggE19LL_QpH-6zqV1TFt7WCAa-obL1uGnGYnDIgrZet5NhHKZa871GFKNMSonVY8m-YkZp5LJFyyThiR83FaLanoM2rBzuu2aXiqIUQanDlnaTChjP9JktEbTuECr1DKs3Qs-CuxWGEjhRzbMUE3jK5TfJ3wnnit9-rPQpCG-R21vlXLJi7m0vSHnre4djctOQ5ih7hcEyOjaKHPEY-7wCVMpwygH5sM0Bie2pIpF6dJMK7ZrX6cR8HMJJgM2NEiBVOEFuKi6WBCKKkLiSKDncFkuBMfVa6FpLzeCvYCWkQZC0gMBfRzRqjM0n2ti92rVqZQeF06nsPti0UTdlc4u19TK_va3cVoMnGpbflibxvH4MPfmhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=5191824914452&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 03 Nov 2023 03:31:46 +0100
/
pro.ip-api.com/json/ 		122 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
e8c14d322b8a2275cbd6c9a20feaff839a0d6464825eea56553d30784b457339

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 03 Nov 2023 03:31:46 GMT
Content-Length
122
Content-Type
application/json; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 6BD5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJiYTc5YTRjMTJjOGVjNDk4YTk5OTMyZTNhNDYzN2NiMTQ1NzhiYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJiYTc5YTRjMTJjOGVjNDk4YTk5OTMyZTNhNDYzN2NiMTQ1NzhiYg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJiYTc5YTRjMTJjOGVjNDk4YTk5OTMyZTNhNDYzN2NiMTQ1NzhiYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6BD5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJqrMhU4UhL9nVzHt0muPpU&google_cver=1
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJqrMhU4UhL9nVzHt0muPpU&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJqrMhU4UhL9nVzHt0muPpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6BD5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9Gq6yp3Fzfvh3L3ObjzURw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6at0B_RE2oKxxRJSlKDfmk_EZS7oAHZFHiKFoQ--~A
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6at0B_RE2oKxxRJSlKDfmk_EZS7oAHZFHiKFoQ--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 03 Nov 2023 03:31:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-6at0B_RE2oKxxRJSlKDfmk_EZS7oAHZFHiKFoQ--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6BD5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HJucXcQQTyOZD13ybV8N4w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HJucXcQQTyOZD13ybV8N4w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HJucXcQQTyOZD13ybV8N4w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
HTTP/1.1
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WP5FNJSBFSEE6XBYVWCJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HJucXcQQTyOZD13ybV8N4w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 6BD5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6BD5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9JMjc0TlctNS1DMkNG
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL-DYCorIkpuOkazqUmh07c&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9JMjc0TlctNS1DMkNG&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9JMjc0TlctNS1DMkNG&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9JMjc0TlctNS1DMkNG&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 6BD5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5vgWeEpSQCWLWdJWy-B4kA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5vgWeEpSQCWLWdJWy-B4kA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5vgWeEpSQCWLWdJWy-B4kA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R3YPZCVJ2S6RHYYVMFNH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5vgWeEpSQCWLWdJWy-B4kA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 6BD5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOI274NW-5-C2CF
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOI274NW-5-C2CF
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4436F9F2986A4C1286B006F056EAE70A Ref B: ZRHEDGE1420 Ref C: 2023-11-03T03:31:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJNyTcuKgNrzweeCUW9Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOI274NW-5-C2CF
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6BD5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFHl07KiNMAABhuIJw3Pw&expires=30
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFHl07KiNMAABhuIJw3Pw&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFHl07KiNMAABhuIJw3Pw&expires=30
Date
Fri, 03 Nov 2023 03:31:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
liveCS.php
live.primis.tech/live/ Frame 6BD5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOI274NW-5-C2CF
0
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOI274NW-5-C2CF
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
2600:9000:2251:cc00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:45 GMT
content-encoding
gzip
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
qT1NBPNx5d6rxzPQor4EQpF3DhM1b_K8aLAVl9RF17Z9H5NUiGfkLQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOI274NW-5-C2CF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
cksync
hb.yahoo.net/ Frame 6BD5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOI274NW-5-C2CF&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOI274NW-5-C2CF&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS02d2VxeldKRTJ1RkF2LmlYdEwuaUN3OUxwbG1UekJnS35B&ovsid=LOI274NW-5-C2CF&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS02d2VxeldKRTJ1RkF2LmlYdEwuaUN3OUxwbG1UekJnS35B&ovsid=LOI274NW-5-C2CF&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
88.221.110.96 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-110-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 03 Nov 2023 03:31:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Fri, 03 Nov 2023 03:31:46 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS02d2VxeldKRTJ1RkF2LmlYdEwuaUN3OUxwbG1UekJnS35B&ovsid=LOI274NW-5-C2CF&dpid=58160
date
Fri, 03 Nov 2023 03:31:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
capi.connatix.com/us/ Frame 6BD5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LOI274NW-5-C2CF&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LOI274NW-5-C2CF&pId=11&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://capi.connatix.com/us/pixel?puid=LOI274NW-5-C2CF&pId=11&gdpr=&gdpr_consent=&us_privacy=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 6BD5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LOI274NW-5-C2CF
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOI274NW-5-C2CF
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOI274NW-5-C2CF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
v1
match.sharethrough.com/sync/ Frame 6BD5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOI274NW-5-C2CF
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOI274NW-5-C2CF
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
35.157.200.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-200-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOI274NW-5-C2CF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 6BD5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOI274NW-5-C2CF
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOI274NW-5-C2CF
95 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOI274NW-5-C2CF
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 03 Nov 2023 03:31:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOI274NW-5-C2CF
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 6BD5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0ee9ee90-b1ab-4fc4-9aea-b85761667e55&expires=30
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0ee9ee90-b1ab-4fc4-9aea-b85761667e55&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0ee9ee90-b1ab-4fc4-9aea-b85761667e55&expires=30
Date
Fri, 03 Nov 2023 03:31:47 GMT
Connection
keep-alive
X-CI-RTID
8d27cbb6-3aa1-4b04-8b45-98314cc118c4
Content-Length
144
Content-Type
text/html; charset=utf-8
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 03 Nov 2023 03:31:46 GMT
via
1.1 varnish
x-amz-request-id
DM4PFN0WZV5ZS5NS
age
14629
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QYSQ4/qAqV4Hb4K6M+GoojBK1e8pnhtotO1/yTxdJpopul6YDUPXKzR3ArITbOLUVAA12TmhKuQ=
x-served-by
cache-mxp6938-MXP
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1698982306.329658,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
94
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
571
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e015dd321227206b8c1493e33e09227b3bfee6d9612ac1ab49470f0ed81a2375
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91807
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 03:31:46 GMT
rs
ad4m.at/ Frame 5457 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6aeabdce7243d4ade8d7b6507b117108fac1442ec26c73c15a07b2e9b0fa43

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FeVMgZM%2Fb1VeJa19W2Vl556TwQ%2BQh8DK7sVFfcU%2BYyZiI7sF4BrQ1boX3FxjYl68LbHAbQfjiNKDEU5gu0h4L9sk34FgwqW1QvS5grNBckeiVHBp5%2B0vcm1Upb9Fa6zwtnmKb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cf-ray
82018bd77cd86aa0-GVA
x-backend-server
aa-reachservice-group-europe-west1-tb3b
alt-svc
h3=":443"; ma=86400
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 7A04 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:33:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
115081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:33:45 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.bg3.co
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82018bd6fcc16aa0-GVA
content-length
24
content-type
text/plain
date
Fri, 03 Nov 2023 03:31:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hP2nQ%2F8pipDJUxOkb%2BXIrw7dIli35Deiwhx%2F2ckS5Qaf%2F2d3m%2Fwv0vW7dWNVDd%2BxF4n7qQiXbLdUgzrWtNzbkurEauAlW206%2Btwk%2FUMtT9rT5gAhL%2F8DuMId2U%2B0tNu7lUabArc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-70g4
Mueller_Multimedia_300x250_x_221212_ms.html
imagesrv.adition.com/banners/268/01/09/15/92/ Frame 6823 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073440754764809%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17372562%2526c%253D59403%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
1f8e7b593e3734119dba2dc2e1c9ead191d3dedbb87c6eb4e1d652ceb088f30b

Request headers

Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
1086
content-type
text/html
date
Fri, 03 Nov 2023 03:31:46 GMT
etag
"3353726956-br"
last-modified
Thu, 01 Jun 2023 08:54:51 GMT
vary
Accept-Encoding
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame 57FC 		2 KB
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7297073440753322764&btr=true&pos=top-right&cid=558342&aid=558342
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
284ebd9fef1a9f687a60c653c45b096df580ee4629c94ee642dbb2c0ae1d7f49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
content-length
610
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C26F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
40189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 03 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 57FC 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ec56a59720aa3fd5e33aa1605a8ad4b937c395b5b937c0ad42774f1be652e9b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame B8CC 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:33:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
115081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:33:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E69C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:31:46 GMT
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame 6823 		753 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073440754764809%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17372562%2526c%253D59403%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073440754764809%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17372562%2526c%253D59403%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 14:03:40 GMT
etag
"1134380014-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
createjs.min.js
code.createjs.com/1.0.0/ Frame 6823 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073440754764809%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17372562%2526c%253D59403%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100::213:c699 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:46:46 GMT
Mueller_Multimedia_300x250_x_221212_ms.js
imagesrv.adition.com/banners/268/01/09/15/92/ Frame 6823 		55 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.js?1673453172992
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073440754764809%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17372562%2526c%253D59403%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
8a597c061d02e5cc11d9fd527bcef7053ac283c02739cde759fabd42fec9dc98

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073440754764809%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17372562%2526c%253D59403%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
last-modified
Wed, 01 Feb 2023 15:25:02 GMT
etag
"2000982409-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
9131
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b11v886690812&_p=1698982304191&gcd=11l1l1l1l1&cid=65000381.1698982304&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698982306&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dt=%E6%B7%B1%E8%AC%80%E9%81%A0%E6%85%AE%E8%AE%93%E4%B8%8D%E7%95%B6%E9%BB%A8%E7%94%A2%E9%81%8E%E5%88%9D%E5%AF%A9%E3%80%80%E7%B6%B2%E8%B4%8A%E9%99%B3%E5%85%B6%E9%82%81%EF%BC%9A%E5%8F%88%E5%85%B6%E9%82%81%E5%8F%88%E5%8F%AF%E6%84%9B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=4639
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 4EF9 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa76dabfb80391bbef3320798c5982c564ef0928a5edcecfe2f3127332f27b2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82018bd89cf13b51-GVA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:46 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
bg3.co_1695642730139.js
cdn.unibotscdn.com/clientdata/js/ 		667 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-662
cdn-cachedat
09/26/2023 10:16:02
cdn-pullzone
873945
last-modified
Tue, 26 Sep 2023 10:14:53 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6512af1d-29b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
REVALIDATED
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
c82954f1be52c3963279b367ec849e78
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-662
cdn-cachedat
10/31/2023 18:50:59
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
1ae488ba5f8cd862ff8b8e323a62af40
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-167
cdn-cachedat
10/31/2023 19:01:06
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
00fc9a49cc61956a5ca75ab066274afc
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-679
cdn-cachedat
10/31/2023 18:48:13
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
bc0c4a42606413112f87b34a1d77ab04
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.co_1695642730139.css
cdn.unibotscdn.com/clientdata/css/ 		440 B
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/bg3.co_1695642730139.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
67db2b0c3deefc3f84f7ceaad4268e56b2220f2486c54c7b5ef34dab9f6f15b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-storagebalancer
DE-168
date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
SG-561
cdn-cachedat
10/27/2023 10:13:55
cdn-pullzone
873945
last-modified
Fri, 27 Oct 2023 10:11:21 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
702
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"653b8cc9-1b8"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
2e0590343da4a8abb115d9a919f55287
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
cdn-edgestorageid
1078
cdn-storageserver
DE-165
cdn-cachedat
10/31/2023 18:59:43
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 05:21:29 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e83a59-1333"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
8b2e2959f4be56f04a993f190566e832
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		363 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127582
x-xss-protection
0
expires
Fri, 03 Nov 2023 03:31:46 GMT
pixel
cm.g.doubleclick.net/ Frame C26F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEwKAhq-Nl-YGR8nWDqv0Ww&google_cver=1&google_push=AXcoOmTJgy87yKqSI99_2EFApyViNZG4r-aFb592w5Xzo3r5LI9G_xUUGEgdyTF5b5PsFG_NlvmmdMoNTPrQCVl2EB9FXZm6vQeH
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A62F7EF8261B48ABA7DBE4F1B653282E&google_push=AXcoOmTJgy87yKqSI99_2EFApyViNZG4r-aFb592w5Xzo3r5LI9G_xUUGEgdyTF5b5PsFG_NlvmmdMoNTPrQCVl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A62F7EF8261B48ABA7DBE4F1B653282E&google_push=AXcoOmTJgy87yKqSI99_2EFApyViNZG4r-aFb592w5Xzo3r5LI9G_xUUGEgdyTF5b5PsFG_NlvmmdMoNTPrQCVl2EB9FXZm6vQeH
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Nov 2023 03:31:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A62F7EF8261B48ABA7DBE4F1B653282E&google_push=AXcoOmTJgy87yKqSI99_2EFApyViNZG4r-aFb592w5Xzo3r5LI9G_xUUGEgdyTF5b5PsFG_NlvmmdMoNTPrQCVl2EB9FXZm6vQeH
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 02 Nov 2023 03:31:46 GMT
getuid
ads.avct.cloud/ Frame C26F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEINx5oYWTp9a4s9EZICrB2Q&google_cver=1&google_push=AXcoOmSzL0mLRU2TBGeY8GVY6jW0tLeyPPxBgmhiF9pHjR5TvtC_ApBOZ3xo6UcvAQz8Nx-nFo-_myHp5Y3tnFVPXSz4...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
0
0
pixel
cm.g.doubleclick.net/ Frame C26F
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOtfjHJqz6KR8HCEag_D3FI&google_cver=1&google_push=AXcoOmQE3G9CYuS7y-6c-neKraks3x23aluizL8pb37sFcaOmWFwUM-h9YoHIDfgsIQQBiV92ZGvW7CzPy74z4V3Ktmw47RwjGaO
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQE3G9CYuS7y-6c-neKraks3x23aluizL8pb37sFcaOmWFwUM-h9YoHIDfgsIQQBiV92ZGvW7CzPy74z4V3Ktmw47RwjGaO&google_hm=gc-HsuhHwrMd_yOTF4a5gQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQE3G9CYuS7y-6c-neKraks3x23aluizL8pb37sFcaOmWFwUM-h9YoHIDfgsIQQBiV92ZGvW7CzPy74z4V3Ktmw47RwjGaO&google_hm=gc-HsuhHwrMd_yOTF4a5gQ==
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQE3G9CYuS7y-6c-neKraks3x23aluizL8pb37sFcaOmWFwUM-h9YoHIDfgsIQQBiV92ZGvW7CzPy74z4V3Ktmw47RwjGaO&google_hm=gc-HsuhHwrMd_yOTF4a5gQ==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
pixel
cm.g.doubleclick.net/ Frame C26F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKXFWezpC_Xu3g3TuiffibM&google_cver=1&google_push=AXcoOmTgYBkdcOTWlw3iY2x_aUfBm09CTa2Yd2IfqVfsRff2fTjJzwioDgJScg0dXG9oQOk37Z8KzjGO1KH7p...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKXFWezpC_Xu3g3TuiffibM&google_push=AXcoOmTgYBkdcOTWlw3iY2x_aUfBm09CTa2Yd2IfqVfsRff2fTjJzwioDgJScg0dXG9oQOk37Z8KzjGO1KH7p...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTgYBkdcOTWlw3iY2x_aUfBm09CTa2Yd2IfqVfsRff2fTjJzwioDgJScg0dXG9oQOk37Z8KzjGO1KH7pUMH6QbNRVXttGho&google_hm=c1FjMThsdk1ULVB1Qlhz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTgYBkdcOTWlw3iY2x_aUfBm09CTa2Yd2IfqVfsRff2fTjJzwioDgJScg0dXG9oQOk37Z8KzjGO1KH7pUMH6QbNRVXttGho&google_hm=c1FjMThsdk1ULVB1QlhzaFRpcHY=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:47 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTgYBkdcOTWlw3iY2x_aUfBm09CTa2Yd2IfqVfsRff2fTjJzwioDgJScg0dXG9oQOk37Z8KzjGO1KH7pUMH6QbNRVXttGho&google_hm=c1FjMThsdk1ULVB1QlhzaFRpcHY=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C26F
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEC4n2LvZRWqhS1plEghOb2I&google_cver=1&google_push=AXcoOmQOGaafgCYDhDuSXnFNFzIqhyPoik0yYqNIHFs6PsLT7a03TJe3hZOEn4Hy_BBPiy3c5A7drtGFYwLor-becYd3MuknzOsz
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQOGaafgCYDhDuSXnFNFzIqhyPoik0yYqNIHFs6PsLT7a03TJe3hZOEn4Hy_BBPiy3c5A7drtGFYwLor-becYd3MuknzOsz&google_hm=M0ZxXzdjY1FRWWNPb0FC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQOGaafgCYDhDuSXnFNFzIqhyPoik0yYqNIHFs6PsLT7a03TJe3hZOEn4Hy_BBPiy3c5A7drtGFYwLor-becYd3MuknzOsz&google_hm=M0ZxXzdjY1FRWWNPb0FCNEpBS0U=
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQOGaafgCYDhDuSXnFNFzIqhyPoik0yYqNIHFs6PsLT7a03TJe3hZOEn4Hy_BBPiy3c5A7drtGFYwLor-becYd3MuknzOsz&google_hm=M0ZxXzdjY1FRWWNPb0FCNEpBS0U=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame C26F
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEP_s8BI-yjRaKvv0FZRQVyk&google_cver=1&google_push=AXcoOmQ3hl5ydPtfbBBgduGI21I6KkNzy9XU_K2YuyWmIx7oYKvyWAY3RV59gsJv6ose09zkLjC19Z0xUVH1gVng-Rrj1ruBl...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ3hl5ydPtfbBBgduGI21I6KkNzy9XU_K2YuyWmIx7oYKvyWAY3RV59gsJv6ose09zkLjC19Z0xUVH1gVng-Rrj1ruBl6H01g&google_hm=f34e9699801e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ3hl5ydPtfbBBgduGI21I6KkNzy9XU_K2YuyWmIx7oYKvyWAY3RV59gsJv6ose09zkLjC19Z0xUVH1gVng-Rrj1ruBl6H01g&google_hm=f34e9699801e8e7814vfyt00loi2765e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ3hl5ydPtfbBBgduGI21I6KkNzy9XU_K2YuyWmIx7oYKvyWAY3RV59gsJv6ose09zkLjC19Z0xUVH1gVng-Rrj1ruBl6H01g&google_hm=f34e9699801e8e7814vfyt00loi2765e
date
Fri, 03 Nov 2023 03:31:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame C26F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEK96pktV3HQrLKOczSLiAy8&google_cver=1&google_push=AXcoOmTtIRfnfW7Ij...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4NzQyMTUzMTI3MTE3MTMzOQ%3D%3D&google_gid=CAESEK96pktV3HQrLKOczSLiAy8&google_cver=1&google_push=AXcoOmTtIRfnfW7IjiMzjicEBqUoNl5_qg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4NzQyMTUzMTI3MTE3MTMzOQ%3D%3D&google_gid=CAESEK96pktV3HQrLKOczSLiAy8&google_cver=1&google_push=AXcoOmTtIRfnfW7IjiMzjicEBqUoNl5_qglqPCUlppjHt1Ny1-GXyXbeh9ZrXD9f1LAAH1FSBkwSftrW3zp1UX2_pvEnnQ_GD2A4EA
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
an-x-request-uuid
58f25658-efd6-4c36-819c-2dc7c3ec0377
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4NzQyMTUzMTI3MTE3MTMzOQ%3D%3D&google_gid=CAESEK96pktV3HQrLKOczSLiAy8&google_cver=1&google_push=AXcoOmTtIRfnfW7IjiMzjicEBqUoNl5_qglqPCUlppjHt1Ny1-GXyXbeh9ZrXD9f1LAAH1FSBkwSftrW3zp1UX2_pvEnnQ_GD2A4EA
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C26F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6E4-jbhJOl3i7Q9NJC8HDKZRDwufX3-fsEaSAic4P0whtiw3dMRPUXxMJ6LXIUKrobcMPky0
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adplayer_privacy.sjs
imagesrv.adition.com/js/adplayer/ Frame 57FC 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7297073440753322764&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7297073440753322764&btr=true&pos=top-right&cid=558342&aid=558342
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
927dceade4bbf1aed6f20722a47bc6d45f976d560ea646948f3eeada6ea1a039

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
content-length
6041
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3419 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
27108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 19:59:58 GMT
expires
Fri, 01 Nov 2024 19:59:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6056 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8bb8639edd91a776a5e10e695e0dd8eec12184d1628da243fc0ac866c705b0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YS-ddJPS5mK8Z6t30GxxPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YS-ddJPS5mK8Z6t30GxxPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:46 GMT
expires
Fri, 03 Nov 2023 03:31:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bg_300.png
imagesrv.adition.com/banners/268/01/09/15/92/images/ Frame 6823 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/15/92/images/bg_300.png?1673453172984
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
7c3d25759c8eb6dfc3edba338c12d57d166f86ea569aca2891f6fd690b8c4978

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073440754764809%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17372562%2526c%253D59403%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:46 GMT
last-modified
Wed, 01 Feb 2023 15:25:02 GMT
accept-ranges
bytes
etag
"2779010683"
content-length
22618
content-type
image/png
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4EF9 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57848
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvCMqc1VRGsqNbqTUh%2F2koXPcDze0WN4IhNXcEl%2BkuClwXlTW38hRJ551KSPkb2lc2zPa2ZYcXZD49J6jZt%2FE%2F%2FBv9ZX5rhuuWMKr1DvkjTn1GuoSqgg9SvRFT1RXBJwpDzu7IUA05I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82018bd94c963b52-GVA
expires
Sat, 04 Nov 2023 03:31:46 GMT
D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
assets.ad4m.at/logo/ Frame 4EF9 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110545
cf-polished
origFmt=png, origSize=14365
alt-svc
h3=":443"; ma=86400
content-length
10826
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:36:32 GMT
server
cloudflare
etag
"405368a2037ee53412eae93c3ecf0526"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC3r6BCvJq372M%2BqwMXsukagwCH9dn%2BROH1roWmXL2eZssowkStXKydNqaWJhYB1jxi4AS4UVrNCd4OHfcYDrHMOCnyFrmLRKR1iB2hDYv2RVP2R2PSLQd0d6dHjmzFI25repnY6hmUoFRvp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82018bd96d253b51-GVA
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame 4EF9 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111678
cf-polished
origFmt=png, origSize=17719
alt-svc
h3=":443"; ma=86400
content-length
14118
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 14:16:19 GMT
server
cloudflare
etag
"27a67b486c4e661d3a1c0664a26b354c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjAm9AvSWaRbHwq1d64h0GQHX9dAmHZ1v0NFQdre41F2EigIpfE8E1Uw%2FdcOlsih%2Fi3f10USYJJAKOb2gxO8F40QVkUgAuZgte4cfqkxWol5TxYBkICVUsbZvr70Psr3UNIrbYhXBso%2FVNs9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82018bd96d243b51-GVA
ztpv.php
www.conrad.ch/ Frame 4EF9
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?insert=AW
0
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.ch/ztpv.php?insert=AW
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:bae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
82018bdb2dc60221-ZRH
content-length
0
expires
-1

Redirect headers

Date
Fri, 03 Nov 2023 03:31:46 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?insert=AW
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
assets.ad4m.at/logo/ Frame 4EF9 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111693
cf-polished
origFmt=png, origSize=57632
alt-svc
h3=":443"; ma=86400
content-length
30756
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:39:06 GMT
server
cloudflare
etag
"de40c3e9eed9e7f2fbbae8f194b696fe"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfFOpgkk1e747LGLv64E3%2FixZ7GwFhHKCjuQxDSdBezeyCvpP3Yy7TSJ2Q4THPQUU%2B7QstobTvoCbm8p1M67Qwga5STmQ2v%2FpVfCMXBapfW5OkFXP6mgIQXesvd8wFMpHt6zjm7vZav8LoiE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82018bd99d2d3b51-GVA
FA7CABCA2D4D07822605A291722D3FFF5108F1CA7C84CCB709D17A5E59895CBEBEEC9A4AB2584248347AF01725515E810B6ACC3B799E1F508BC7DC86AC2E46BE
assets.ad4m.at/ Frame 4EF9 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/FA7CABCA2D4D07822605A291722D3FFF5108F1CA7C84CCB709D17A5E59895CBEBEEC9A4AB2584248347AF01725515E810B6ACC3B799E1F508BC7DC86AC2E46BE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb0ddd1c7207dd09e38de1312cfc2aedb825999d5acc2389f1828ea4c9ec7b79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111245
cf-polished
qual=85, origFmt=jpeg, origSize=85478
alt-svc
h3=":443"; ma=86400
content-length
33996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 13:41:34 GMT
server
cloudflare
etag
"d46b39735257ca175bb425d9547b0e48"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BKAm89UZMWUJTgTWZlf8bWUqb0LSLRlk%2Bf0TSvc2ztJLxyuvNwu0ZRJug%2FerpehD4gyTOjPEeWxWNnmpYUeKVCJAMNMQvo8wukvnjHYQ%2F1gRPZCOlJskm9rYxg6tIkGYzMFk5LTiatTJ4KT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82018bd99d2f3b51-GVA
449f5b35d42da36136c4a7bb695acef1
mediaintelligence.de/trck/ehtml/ Frame 4EF9 		361 B
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mediaintelligence.de/trck/ehtml/449f5b35d42da36136c4a7bb695acef1?tp=onetag
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.61.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3184552.ip-51-195-61.eu
Software
nginx /
Resource Hash
1d8b5ed751d2424749a4258b5bebbfd102f17eb5963753273992c9da45b1efa1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
attribution-reporting-register-source
{"source_event_id":"2500500030418380","destination":"https://mediaintelligence.de/","expiry":5184000,"filter_data":{}}
server
nginx
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
x-min-lb
n1, n2
content-length
361
5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
assets.ad4m.at/logo/ Frame 4EF9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
108445
cf-polished
origFmt=png, origSize=10671
alt-svc
h3=":443"; ma=86400
content-length
2788
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:47:11 GMT
server
cloudflare
etag
"9acf9d00a48a7f6dbfd2227b1e5270f4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y01EbHy0iUGOJPqmwgwvKFcngh%2BXMRjWldp9ZY3MFtm0cq7E4jfmzl35VOL7n9Wy7KDEH65pvfIN1oSHR8GnWu6Z3E%2BXm8sbmIvdd4i%2BWMZvUYsGMawfu9CPQu%2Bc2Igayz89KYVqSDrCzbVb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82018bd99d303b51-GVA
83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
assets.ad4m.at/ Frame 4EF9 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109101
cf-polished
origFmt=png, origSize=161182
alt-svc
h3=":443"; ma=86400
content-length
97668
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 14:13:58 GMT
server
cloudflare
etag
"51d64cff249103fb8a1f53706965d58f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WlLekB9G0ocpFUn%2BAmNorY7Hp5HWVzIB6%2FtXVAIkAavIEosNYWwEQcr%2FSbCvb%2FMk0ge3kbQNGWqfSJ1jqn4IuOq93zXX9S1ciOUevAdS2h%2BhVAwuV%2B06t2WDiX%2BJFwD3Z9%2F%2BxpjnhflpfNP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82018bd99d313b51-GVA
cshow.php
www.awin1.com/ Frame 4EF9 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C335355%2C517453&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2Ck53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=9d50a56092b3df26a855949c7364ad99%2F2734957934083778137&i=17833%2C113349%2C196936&j=16%2C22%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1698982306502&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCkRNXoWlEZd2ACfOT9fgPuNq1oA7E_sLSaM_GzaaJC_suEAEgt-WEIWD1nbmBjATIAQmpAif4hjzb4rE-qAMByAObBKoEiwJP0E5F-rK6DJyyV-TiJuquFkb-zVbb97s0s3q-Fk406xSpzwPo-xhp2EGFKlHv5x_It7X6NU6cPaKsO-lrZ-4YfboQxPHWoIDUoZ_jwocjwIQrz9eVMsorujsOxnMo55MQcFaRIFZm4vluYNrqmLZ9CVQOGwNLMOKhNrQgpilLbWsGnMKLgGgrQmgBrsnQHJjhygHg6ixiG7XXtqFVxOW54vECvCKqF8F3ynuniiPT6U2oIm9QaeUQhZqt8nAHITbQThyN_OxHe0rVb1qdOfuvw2aqT1zOeqTcFYmfAMXCPj0c_RGI7t5dbc6jS1TAYCCzIXPjkk0gbh5xjfih5K-GqTSHsPTeya-tyBvABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgDICaaN0MW4u15F18LiyWpmfaYZbxjiCqV-XrqKWkj-b5gyOapB4RR7byjUrCdqZRj2GAE%2526sig%253DAOD64_2ojKwNLtTAUkTUiahnOzU0Q3m76w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Bn6LI8-XgbiIzGGjJDx-YhvC7lqL6vQgcsJ-KtU_fY-2-zQe_iLBV7FdW2VItdaqvVJAjLvyzU1M9Vs5FhjImWmeU8o2fppCbfXNBca8cKeQuPBgzpcfaskhjVX-GIM42NeVgxIiu5SOZ7VQ9YE1SOM_YtqQ%2526cry%253D1%2526dbm_d%253DAKAmf-DaC6p5AMVQrkpmWeG4VRj0vIXcbxlQsepLqD7S1fJVzTy_H145RfbGa5oWEie8jZ6YHSOGwY-GUohuYJ3HyoTFutzA5kvQNdmlOpH2g-lv4ygFR5M5WZdtM3adajQJCPF9EYbUiTw6Np3YLnNHfXW2s2onmLeVIdJVaNnr-AMZbZJdaUNKoQWzfvSEfBRZFjGZADMg5Dpe4jvrcFh03oeGXxfWSZ06Xuf6neKsezTn5LqxmgsEgFVn_7G9VbJYWgaNqocWhTfpgpMEC0TcgsTvRf0ziSpiNImeQkV7J7iZeIHHkq8SIcS2ZddljeHX_C0nFFBxlNi5sJWbppEICELZCMxxgDoBCEb6v4Edn3oeDS121aS_ueXZH2QLv7JmdFG5B0Acx6_BI3H-VDhDtv7nxiYa4u7XJyiOJwmiYsNeqgG4YPHXye1h2nQCBF76gqJ1Ge8RjBCpo7kg_1Ywlo3HFdV6wP7Z5HAzATzd21rXQPyiB2-ARZqP8NUwsIl7hk4VeeNXcuBO_d3vlSlJFw37_lEjC5HvARnTBHI01WsqJ0AFIhYLd-OeyzeRL7_1rFRm_U9rDXW-0BYb8yVRcZpW2UaX6CXhGYcxUxJFk8SmmHGL1fsgTZRDOt8Bm73iFdUw5edOUoJo-UdGpu2zxmKkyyTRww%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:46 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 92C3 		441 B
197 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNW4-Kq_9xlPexasR1cusKPyzA7nbTg3fTrOQAcsX6CaUJt7s4CWdgRtPCDxzuKOc6SOllbVBH0oBcq4JYlEzDUmS_GKxw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 999A 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:46 GMT
adition.js
imagesrv.adition.com/js/ Frame 999A 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 999A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CEm3SomlEZYDEEMrFkwPmo6CACMmB__pz0f6cspgSl8-ivcABEAEg0syBGmD1BaAB-JPauQLIAQmpAif4hjzb4rE-qAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2_ENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE_0g7pOnnNddv6_XGtU1HiLN1TFoi7xdGVCcvYlf47jk-I6RlMT8oC-Iv_4oDUfRKd6g8tqLEyxqsV9_eMBGK1zhiBhM-blMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55_1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI_B66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq-4x3t9Nccc8bxK0-VksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE&sig=AOD64_2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw&client=ca-pub-4485239425924787&dbm_c=AKAmf-AExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv_ik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3_Mz98eX7n0uEHQifQGZf-Q&cry=1&dbm_d=AKAmf-DD23m_Y66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa_bogzOA2qzY__pPJlOUj2imafsEwJWf6CUvWgk_sokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp-_JYlDE5gGwc-99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV-1WiXGSKNeMuaeyt_5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj_QlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn_ivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG__2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM-HE3_iEDJoMM6EwDxcw1Y3Ndmq_TT3-wjAoIIP6qvA1FvUdG3bxM7wEF5Kg&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
1e8afb5d5667af5e320122e0e058a49f069094824cee38ce65f21f39b8268ac4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Fri, 03 Nov 2023 04:31:46 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 999A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29458
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 999A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
29458
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:48 GMT
l
www.google.com/ads/measurement/ Frame 999A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrSoL8cxmPlw5zUtdoMJsbgSsZxEeXL8Mgr040fLGDQ_Eb8z7H4xPrk_ThS2NPGw2tSIsqVVsLx42BR79uwTS1bvUKCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 999A 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 999A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DI2YuZIxOwJoCVTmz5r2Wt5wI_PaBzOTYR6DlVfqIlRr8FcKt8CeRQkelihKVeuw7ZmzNV0FFHFeC1RwFGM7LEdlL38L2TyQ00ENbwX0qxUAPgCUk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 999A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1029451216087367750&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg_300_over.png
imagesrv.adition.com/banners/268/01/09/15/92/images/ Frame 6823 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/15/92/images/bg_300_over.png?1673453172984
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
ed99cc78308db86bc3710306a5cb4bfa9578fd25a87601001d19333adf4c50cc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/15/92/Mueller_Multimedia_300x250_x_221212_ms.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU3s%2DoWlEZcKrGejDjuwP9%5Fa%2DsAfJgf%5F6c9H%2DnLKYEpfPor3AARABILqEwDNg9QWgAfiT2rkCyAEJqQIn%2DIY82%2DKxPqgDAcgDmwSqBJ0CT9BEzjhTllscU2WOEp8QrXAVX5ZLgALcBdcfMMEWkHiW8Pqp%5FyuHAHYenXPSH8TEMH%2D58oZRfVRMD2p8TNpNRkzesfIyBNwmOtbNOuBSi3D76p0hdE%5Foz0DopQ%5FKA24ZsUZsR0UuYbBsHQ9lEZGd6gQSHCQDM6PSFDNCclCHVGL4joO2t5GFzw7Ry%5FdzCyRuKp665oR3hmrbOHEBdHuM2%5FunLpc7x5scOoM0da4sms2SiM%2DPbzghfrs85ZI2LWNdy72eHx%2DkCLb8MROtEZt%5FtCamOGSIVAn58TEXekZWSKwVkB5h8T9wBQwgYM3vTwQE5w8ImB3dxOvgkyUnad0yiTTcwTZ0iZuwAUFTqbyKzaaSRvT4Q6qQUYgGx8nxwATLxqePwwTgBAOIBZ6NgINNkAYBoAZNgAfw66XGAagH2baxAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB%5F%2DesQKoB9%2DfsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCLzDq6bypoIDFeihgwcdd7sPdrATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz%2D4bMdNSmUbElg7iFVB2KUlE0z%5FGFrn0Of%5F82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64%5F3d5P%5Fi%2DfplZNn6D9vHmSCOdq8Rkg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDTdKofHDsmSMuj5P5JvXDuyFyBMik7C3KmObD0JEmPjDIPNN4%2DZor8JVwIDxFwBNVr1Z9YMfieXXlOLEoWoqy2HfCtgpJBJBSxWfUOarXxnPayGNzF8G1r1lgvb3QK%2DtiSB7KWpCsY9qRNgf6cDYaUEIzMtqalpfDLYHdIuH4PP9H%5FwYQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBisMI1y0mK7rwKn0fIrdyMjnhjGfotnbXpbPNO0jmQzTFr7Hl2o2nYJZZf1BufNodzIRV705Uz%2DPsuCmvP7OEjlQPuE7IB2Fb0rKL2HlrKFdJ0%2Dg693QZs1rvDEYzkfMfm8R%2DyMRCAnWIRJNpwCZcjkUEnfYtrnd%2DUTbmBc9kER8x5zMsLWZDvaA0N4UYkLZTmme5HqYdR6tuLicv5uXdq4IQXAu5sPnfBopB7LyUGmvCU%2D2Z8x5ZmCAKxf5Jf2NlNDQ%2D0KC7xVDWlgPMc%5F9hgxGaB2tELautLKSqRHy2ReqBOvw%2DPrhVNQGKJnIO83S3s2GdUmJ%2DzcwCT3o%2DItOAW8Il%5Fdwxh%5FXIn9yhkcAGPsFdnxrzRXn1emlFO9Cc7ZeFnU2kGKAtXHxAI3gEHkcpjN%2D%2DroTlBCNWEgcAuKIQGagmMIwNbR0Vt9TuheiuBEmrkVyOCDKjMEa0TRK4paZ%5Fb6ygKtCg%2DKrZk%5FpkoilT1vjELe31LPl0HESyY0GFwRrpmP4MKGfwK45aTdxccfOc%5FT17pu60F7tuBmHVce8e%2D8Fp9YF7oo19WpXzUDHDWTlIfJcrGjiM%2DmECVKZcKI3KmWqVSx6APFgtwGjVcYjJBdKXEM1ReMVJTWz8VY983cUjEKgARGpINjcGuZE8IxRqNv5cpCXmOhCH%2DodRSIBNJ88GwGfk%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073440753322764%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D53823%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073440754764809%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17372562%2526c%253D59403%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:46 GMT
last-modified
Wed, 01 Feb 2023 15:25:02 GMT
accept-ranges
bytes
etag
"3903886328"
content-length
11195
content-type
image/png
request_content.php
hal90004.redintelligence.net/ Frame 75C0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request_content.php?s=42819400009565104438466012497004&a=7b219b1e
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=21c52f0e91&subid=&uid=6f3bbddf32c036c2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDvkQoWlEZcOrGejDjuwP9_a-sAeRwdCbaZvog5LcD_AuEAEguoTAM2D1BcgBCakCJ_iGPNvisT6oAwHIA5sEqgSZAk_Q9qf_YkxHHW7JUgTqt_e0KC6Gug7VeL7PRPobbEsH20hVm413kRM7928YTX60g65iuhx9Gav_3Y6snhXSKuOqqaXJgt0z5NSbxpvA5xjzq7aZIQBcIlEKeGviJOgoyHBXlAN0lX5B5-78bQ_QlVx8ZlVDCBRpuT3QGfKKx5IKI6CihEINmGNKYCi0VRY3TedgSfHIMGJb-HOxsOxTp94mvzAjjpAinroqLYA1JzXRROxdUD4w990mTAEAuyIYoji_wn6xhBzN27IFabsN-jmVcHCX3It97uB8negTr0ad4hOjxq6AibyDitMvlhUZX4dLeEnryqQ16uX685o3WLR6MvaBlXOkW1_dpTmDQbJfE0UsY6Mp10FtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNI4g0TCL3Dq6bypoIDFeihgwcdd7sPdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE%26sig%3DAOD64_1ctCK5purfB7llltbtYCNh3bx7sQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Au6hy_8ZsD64PfbteSAWTt1IL0nF5e9xvrkTSjfn7lTq4R2Ar0nMe_YLXbYK1kgAV6YusyshNWebPoV3q1FNyp_mZvGytRkoRXxY_HvCea-i5gJm8PjxHQrbQ8D-JXMZ366oaNIpx0wTaFa5JXh-4-dshb2qrmW4hcZhUre5sQiaPYw-c%26cry%3D1%26dbm_d%3DAKAmf-AEK8ZZEBV3iZf9mtsvlUTwvwCpmOd2oP6HtL_B50YwcjwYa-zxX3xClby4Bd3p1fd1WOMsCXDPwjhK6Ipw6SKNQoPS_o1GozQ-fHvKKi0-kaJhT8zz3vLnG9HQtoa1h4PUShjx5MjtpsPzKovlXRBlnXBYUJXPpDZ9spHHFk28KsPmzdmwr7ilb9_UULLB34pp56HiAXkJdFH4OHiFqaEIHmXS2v8VQryyw8cEdAb5OJDT6XQI5KaAuZRO0AZlkPKeMl7tk0CawIsi4xr5BzrsCO9Gb9oXgXQHqp0vwdqvONyqZVOXeNEhYwOkSymrggE19LL_QpH-6zqV1TFt7WCAa-obL1uGnGYnDIgrZet5NhHKZa871GFKNMSonVY8m-YkZp5LJFyyThiR83FaLanoM2rBzuu2aXiqIUQanDlnaTChjP9JktEbTuECr1DKs3Qs-CuxWGEjhRzbMUE3jK5TfJ3wnnit9-rPQpCG-R21vlXLJi7m0vSHnre4djctOQ5ih7hcEyOjaKHPEY-7wCVMpwygH5sM0Bie2pIpF6dJMK7ZrX6cR8HMJJgM2NEiBVOEFuKi6WBCKKkLiSKDncFkuBMfVa6FpLzeCvYCWkQZC0gMBfRzRqjM0n2ti92rVqZQeF06nsPti0UTdlc4u19TK_va3cVoMnGpbflibxvH4MPfmhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=5191824914452&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1e5df99d3e015062a7058dfd74a6b9bf3b31355e95a05c8d3899d192fb8721f3

Request headers

Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1503
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Nov 2023 03:31:46 GMT
Expires
Fri, 03 Nov 2023 03:31:46 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame 57FC 		3 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7297073440753322764&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:46 GMT
content-encoding
br
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
etag
"524465627-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
918
um
sync.teads.tv/ Frame 92C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBHzrSOssc0J09HnfmYXYpw&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBHzrSOssc0J09HnfmYXYpw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNW4-Kq_9xlPexasR1cusKPyzA7nbTg3fTrOQAcsX6CaUJt7s4CWdgRtPCDxzuKOc6SOllbVBH0oBcq4JYlEzDUmS_GKxw
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 03 Nov 2023 03:31:47 GMT
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEBHzrSOssc0J09HnfmYXYpw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92C3
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTFkNTM2MGUtM2VmZS00YTMyLThlNGEtNTljNGI4MjdlNDYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTFkNTM2MGUtM2VmZS00YTMyLThlNGEtNTljNGI4MjdlNDYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNW4-Kq_9xlPexasR1cusKPyzA7nbTg3fTrOQAcsX6CaUJt7s4CWdgRtPCDxzuKOc6SOllbVBH0oBcq4JYlEzDUmS_GKxw
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTFkNTM2MGUtM2VmZS00YTMyLThlNGEtNTljNGI4MjdlNDYw
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 03 Nov 2023 03:31:47 GMT
sync
partners.tremorhub.com/ Frame 92C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEIMjPCGCxVP1g49uDWv4iGo&google_cver=1
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEIMjPCGCxVP1g49uDWv4iGo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNW4-Kq_9xlPexasR1cusKPyzA7nbTg3fTrOQAcsX6CaUJt7s4CWdgRtPCDxzuKOc6SOllbVBH0oBcq4JYlEzDUmS_GKxw
Protocol
H2
Server
2600:1f18:612b:4280:43c0:214f:6eb7:4a47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 03 Nov 2023 03:31:47 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEIMjPCGCxVP1g49uDWv4iGo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E38A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
40189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 03 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 212C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90b2e9eb7c4839e777c5a1fecd25d7253ac89a7be79a8281b280346b2871d0a1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 6056 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=3523048316238567&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 999A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1407925079066&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 999A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1407925079066&version=m202309260101&ct=77&x=1&cor=1029451216087367800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 999A 		30 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amt56Rfj6pRei-hfmUmlccYHxqZ-qFzWfRdY3NeLzu7kD_kwsdhZTnFXEspseGU0GWRoOtJw_fZ5Epi4hpGCsELtEMs5qJBK3WQAooWT9K4pBbIkGzueQbyUAiYwf4FVCnzFHu_9xqA6Ln0zpM5DAR04rNWzlLprl5a0z0Cp2WkCQPppk&cry=1&dbm_d=AKAmf-Ayaj1_YRwnrT-A_4PlakddCPgtgJaqeqf8nq3ogCgwQOjEPfYJZHY6eLWtQX-9lJIFeVEU8fwkWxer2gnBN_Ay8vy1ia1wxjdUo5kNiiqT2S612F9Pbdk51ezPq5e_fMrvyU2GKCuco97dm66GenNOaYOhujuba8zxyqvdmdTel-wAbB-ErcZceOlwwfsE0DE-Y7V92SiCOxtjE5-ezRiEgoDqGegXtBo2PEK2Eaeo2f5kUcT0QvKjpJZhzm13BAlw1bzQnQW24bGCHGSSjWGLYGUzvpp9hGLVxf0c7aiF4QBTLLMY7KMgqH5flUKv6Gw8pl7PDtCtYPNI6sB6wLDyZ1QVXV9SNQ7Ugm1sqTtU3Hc3pZ8sgbUKZV4Ef2NADyfRxt5pmuDPBsS8AodwQzPIssjTz0EC2lKYl3sVuHRWAyEK_4h71kh3rt0cQZV592V06BC2oxFnW_NkW_HLTpdpyeNeM6F7BTpnaKolmWV1XV9uY247Mq_WyRfXl4Le-f-xcR-byddOjkuGZ70K6Wyto06w4cQKgr4vD8ZXgbsqjFVwDRBTnQfZjqdxtk2gcD3BEvgCvKNCjp8skTz3tgMl2VKc0R1te9El3i8onfQ0x3dYRhT4qwP82fjUQsWHUTj-kQWFAszpACrRraNA5W2zt1_Ozm_ZfaM76xDpwJvr0Bq24bSFDDZdgze6iTf78NywNGWww80R5PnWoKoPZrCi7Ppd_I5serlR25sCAGujmbH4_pu0dq4PKeWF20fQ7yBrJu9jfDKQetty-nnJJzrb3ZxfuwGRkt_Gvc4y0IATpFzb1SMnAmz2Uz2KY59pDAlF3lXE_V4OqykCxGiGJPuqwS-ghJImE3Nq1weX09GHa8oDWx_boqSSysBly378JRyh6UCtTm7-wJxVAe7yrwEqUfJGnHjLOHC5Ub2-XYUXXOdwzQzz0ZWF6h3RWU7f4EJNbVFBSOOMMOhriLYPDcSeFjWwIF96rPNF-bWCuH_fwzhgVpdsgQOT6gBmYcPkv869WNTtBewIzE0HLICouNwH_SmeacLeDaVTBTcG1OJ4VRKb4lzjR960sKVdOWWTA16bTHXNgPp1qJgegIQ34s8auS4nhsUH2xCTYy2vCPAAc2L5tY32WILN-48TgyND9_z20o4j3cFu7mY4j8sXZkakU2k_sg1DX4DgS1oXC2XYKbcuKj5ctPebcarcwP6GWbShEgax8m3t0AWA5-j5TNcs_Zj3IsLzQIp6TGYKzYI2OYlAJEbymqAcsXsu0xTnWsFGT_O2PM8f8ig_xghBt7NGyiqlJ2KSzLdhXlEF0FM-ljrZAhUQJFNcS0CKYPmjlS5QnitSAYYNA8nsrgCI5_p5ZDf5eYBk42WsuNc0-WublZTUaBP8STL4yVveSAzSlFAuC4XNPDGrJKoYCY6NIqhHF4q6abcENZQcgVZ7bXYGful0_zzfNqVQUpulx3uwMO_l7VijG_ZeeTtXDTQRzpbGQquYXixlYeZtfzeRztBSVSQ8bN4JYr-tYi4ygv-dPNaIvC6YRhMoke64gbws_0S8lM0FwTm8eqblqi4IL-ObFRiCrCn9Rc9fc8iJRsY89t6NyqpzGSGSm_tCgpdSuoK88FVVfUKS9St_Ubd0MAVprYvydolQplgusEvAFdVePgRwvQL2kl1Sd36DvkZTf7o4YfqA0oqaKHhdrk7rhEzK2h_OBfdGWDysJoXN9AUnGiNlJMHzsg5pqHTGcoi4SJyQL83zhJwaih3Y-KkJ4wtmOW73Jhw2Ewdt0bT6wIkihjLMK3iUXA6OZq5i9aGzhdzAO1UK319Q35POr0xTpe7-6xAUVDTYdPu3iuXLtQjTdG95V5XVbt7NL0acmXIPIIsweuS0pGIimqc-kpdwVLlrXCH6WyKrGPl5B9IIx6tHV_pxtnfjcZ-yJAK55BlJTLem2wz1ipqFvluhlQB6nGCyk01Kt9her5YfA604kGMxiWG6hMZmMCru4YySL7SerSWcXO9nBVH0AZaPRzOnNC2B_sC3HCkB5zjKjSEGS7SL-ppZ8TDssgpyGhAMXHbnD-SKfPmFEZtNABoanR68VrfkgnnY3cBpR2w_B035czOeGOFU1Vd1WUglSiN4PaAEjJbNwKwKhTh2nJ-oVloFLeMjYTSQCQDQv5iBRcFXEoYVAmbP1fVIisQvcHVW0DXeU4YexsyYVbOGpmgvawd7vkk6sPXsZECqgxiCO_muq7vZp5RyC0eHg1wUW-HS3SJvEV-sbJT99Qtff6iVNE-ak-CpTiYVRiMDwF1FtkN_IDr5qYsaKnC-NN-uXlfAgP4ohGIKPOzyNbP_QNbSmzdAGMF_vT97TpX7kN_s6AMouHSgTFhj4nLuCcf2V1Ka2d_heAHz_pLYAXM1qHzmOO6mlhyUmb_hCmk0Olg0YraWCP8vz09PkDFxZ-JiI_gxHjBGDjL7_gNwF5fGFCnlGkuoZC0Q4-H23EXAi4dKQN0x9s0VNfPd0WOqmSSj0Z3JAYAB8DEEFAPEtVE_tNdUuGywImbKmgOd5GI0eaFhKjUA23PCJwNiscrFKZzNugLPmqdHsvSUBJaE2x2XoRM0PMlFbWlxKzCj7Soti-WUTVQNaA4uFTHkhHA3vTdfNDRnRrnHyH-CWOfWZoxu6SqalgOR3aVK1A9JexH-6lcp9mIfG7hq12OinXUgQbTH1-0nwuvVEMrETVEixvJGVaXf20fca7WstpvFzd8KR5rSTMMWT0_xpLlGNrRzMAQoGB21qGKwSjGycMfOX1mSvxPf7Xz-Sakl9Tu0BoCYNbrLcnVpJJP2rqGOhGBUiNMqTXgEfPslcLnqUXbH5hnG0i_Ta8LwyG-4IrJSurp4iRecK63uJ8FtH8Zvxmb8upc60uMXCfaOYJmTXPEX-xDE50W1lzrbRxIvoRipcNd7GrXhiJ76Bu15lFZsMwjlqkPmWZftBDosPQts0BkapOUFylYDfWygIhgZ7l0xqH3qtRkik9qIPH5r05QUfbF4jvv4pThVCqttuYeI_0ypnKsXa8bSbsLNOrCh4F_dYS8VoJTDhyhcI9Y9naFDrsiEamRFM2Icw8sR7l9vF7bcx1eTC2koKwjTotVlC4W5kK_y6EzWIcQ2VWPITRn8LW8mPHTAgP5_t8PM6A7P8wuY6zW6qvw_ABrvcyCXuAF7hQEpNT9VVVZ9FAXTA31zszrY-a_gD7n_7jmC0tx-w5y_JlnoWhpGdcObFLca_8byEZINDLbi_IFy6yrNFfuVldpjmTpo3UAr7gXCV0LhA7uzh4RZv1zYh_GKM7WNn_V1cr7DZfMtiGf-nOK0Hy8SzUpUkW3UfI97e1bItwFJjWgezPH-4ZeUFSrDVwoc3vY-0HZh-KDvaQc-osDwW1FI-1xm8J3sFgjdBt3tkQmQU0dvpLVgFKeV1eORw7jYoNpktEhOrk_K3KIoEFXJ9bxLPI_9jwRD83D5fpgy-TQP-r7c-2NmzL04q9fULWC6KOha8_qM3mwdCu0ZaUSvdvzZjl5RPyVqYvyaE9rNeEoV3LUaghSTrQKAOd_kzEq9LcF_WPJcjyute_9jm_hn_Q8B__rmq0qcDILVWqMzcgOtuErYgKp0SlrmJKrAIwX3rQVq-RvsTGphdWL80ezi2lr2Hnem1D-IJ7pxzz37SJWlipRMKXwrPoBla9AIfsVaZAKWFbM3viBUPEE44H1MKTtmvmt398m82Iw6rq-RAsL6rQtVlVUzr0evbxyZ_iteYkf7WTGJJMy8WDmAvM64y3NAZPII9ZOIOXXj1Cdn5dqNqHHOtQRXjKOFq5GzBZ8ahkw4wvM73Cpc56eeYxkrk62kowJ2xicGfvbgxg4L75aokl3B7EPFONM-5RHqyzenwzA_7pnKDV8_H2UdkvkRVp3_b7QOOgrVz_KDLbKBnspDBruIa5N1GCyJXBgQ17YeGaK4wWnx_5H8piPCdQit3X_IPNctNreCY125lhTGxTcR9rjTjEKccF_mg9IknaigVxbT5VY&cid=CAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=1029451216087367800&adk=2924174872&idt=52&cac=0&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8925b8da4673e60fab13ebe62382175d88c34f60cdc217e93b816fa4e020e15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18392
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame 57FC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:47 GMT
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges
bytes
etag
"502461915"
content-length
3262
content-type
image/png
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:47 GMT
x-amz-request-id
HHY0NQ91R65HT3D9
age
1510
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
1aLLj3wTF6Hb4QpDejMBZ+IhqWdnyRRAZC3aa69irK3RgvzcwGvLjH/ZFc60e1UY4gUBo215H64=
x-served-by
cache-mxp6938-MXP
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1698982307.040330,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
22
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
574
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Nov 2023 03:31:47 GMT
x-amz-request-id
A6XD77SS1CMDSM72
age
14580
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
FSxV+8Hpz/6WkleYz3xquIzHKjbgxOmYAfNkOGLdUSjKradKSM07FyoFtz+tnbwAd2b/26VZ5MQ=
x-served-by
cache-mxp6938-MXP
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1698982307.040467,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
20
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
587
video.min.js
vjs.zencdn.net/7.11.4/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.11.4/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6967-MXP
date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 16:37:54 GMT
etag
"dca7de69f28da40d65353c2e9323442b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
148475
x-cache-hits
27
S-970x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 75C0 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-970x90.gif
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=42819400009565104438466012497004&a=7b219b1e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.69.99.88.clients.your-server.de
Software
nginx /
Resource Hash
fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:47 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:53 GMT
Server
nginx
ETag
"5b55f219-5fce"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
24526
449f5b35d42da36136c4a7bb695acef1.htm
mediaintelligence.de/trck/ehtmlcontent/ Frame 2F02 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1698982306
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/449f5b35d42da36136c4a7bb695acef1?tp=onetag
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.61.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3184552.ip-51-195-61.eu
Software
nginx /
Resource Hash
244934ae3983ba2a85c97ad273c72cf25cca404bb1e57ec3b9fe52106a95b59d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
content-length
5808
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:47 GMT
server
nginx
vary
Origin
x-min-lb
n1 n2
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 3419 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:33:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
115082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:33:45 GMT
viewability
hal90004.redintelligence.net/ Frame 75C0 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=42819400009565104438466012497004&a=7c678ad1&vb=m
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=42819400009565104438466012497004&a=7b219b1e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90004.redintelligence.net/request_content.php?s=42819400009565104438466012497004&a=7b219b1e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:47 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 75C0 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E38A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOP5M5xsn3WiebJt6j5dTD4&google_cver=1&google_push=AXcoOmTWw7LUlbw7TTfHlvdIVCwqFYvXrqYtO9vTgBmpyr5gYGRTfyG2Uh0IxJSChJtScCXzrJSeGlTsdCpe2YuIQdVu15fQekgL
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1ODI1MTIzNTAxMzQ4MjEwNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOP5M5xsn3WiebJt6j5dTD4&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOP5M5xsn3WiebJt6j5dTD4&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOP5M5xsn3WiebJt6j5dTD4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E38A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEINx5oYWTp9a4s9EZICrB2Q&google_cver=1&google_push=AXcoOmSTMmgTHyQKkbPDFvOgXKJBs386gAk-bPtVUjEOuRCauSXqb9UomeP-BQnKSrkQUINwdlKfWvUY71Yi7iqX2XE3...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSTMmgTHyQKkbPDFvOgXKJBs386gAk-bPtVUjEOuRCauSXqb9UomeP-BQnKSrkQUINwdlKfWvUY71Yi7iqX2XE3dIBcdUY&google_hm=y5VWE51pTdS5aBYvj6_0LQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSTMmgTHyQKkbPDFvOgXKJBs386gAk-bPtVUjEOuRCauSXqb9UomeP-BQnKSrkQUINwdlKfWvUY71Yi7iqX2XE3dIBcdUY&google_hm=y5VWE51pTdS5aBYvj6_0LQ==
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSTMmgTHyQKkbPDFvOgXKJBs386gAk-bPtVUjEOuRCauSXqb9UomeP-BQnKSrkQUINwdlKfWvUY71Yi7iqX2XE3dIBcdUY&google_hm=y5VWE51pTdS5aBYvj6_0LQ==
date
Fri, 03 Nov 2023 03:31:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame E38A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRcO7DHbjHywzf5FRBqLF_EkKk2zw3BKR36jjstRAgYZIWqgxRMuRranoSFM5-zs0peez15wqJgGcHajSkf5r7y5hBgoFpi
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRcO7DHbjHywzf5FRBqLF_EkKk2zw3BKR36jjstRAgYZIWqgxRMuRranoSFM5-zs0peez15wqJgGcHajSkf5r7y5hBgoFpi
date
Fri, 03 Nov 2023 03:31:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E38A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHNx4254o-Imql95HH4FJw0&google_cver=1&google_push=AXcoOmTsokq-38vgvs2WNrNxDyJQSX9ckS9D8xyTp3JMve7sa3oqP_RA7Obz7e3IbQxoesENRA0y9UTwjKl_Xzz...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_npTEel5WHNtX_XPbHsnNLnDR9w&google_push=AXcoOmTsokq-38vgvs2WNrNxDyJQSX9ckS9D8xyTp3JMve7sa3oqP_RA7Obz7e3IbQxoesENRA0y9UTwjKl_Xz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_npTEel5WHNtX_XPbHsnNLnDR9w&google_push=AXcoOmTsokq-38vgvs2WNrNxDyJQSX9ckS9D8xyTp3JMve7sa3oqP_RA7Obz7e3IbQxoesENRA0y9UTwjKl_XzzTPKe8BUohPlEe
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=_npTEel5WHNtX_XPbHsnNLnDR9w&google_push=AXcoOmTsokq-38vgvs2WNrNxDyJQSX9ckS9D8xyTp3JMve7sa3oqP_RA7Obz7e3IbQxoesENRA0y9UTwjKl_XzzTPKe8BUohPlEe
Date
Fri, 03 Nov 2023 03:31:47 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame E38A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIjLNhfb1sd2gdJtMXCylkg&google_cver=1&google_push=AXcoOmQHt5fRYgZhtALjUeRYQk-v7AeuiIkHEgpmSVmPAhKgKFyFqay2lQ0AxwibeMIbJ2J__5behfUH9KYISOpuAhMF46zbBR-Y
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQHt5fRYgZhtALjUeRYQk-v7AeuiIkHEgpmSVmPAhKgKFyFqay2lQ0AxwibeMIbJ2J__5behfUH9KYISOpuAhMF46zbBR-...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgzMTQ4MDA5NjA4MjEzODc0MDcwMA%3D%3D&google_push=AXcoOmQHt5fRYgZhtALjUeRYQk-v7AeuiIkHEgpmSVmPAhKgKFyFqay2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgzMTQ4MDA5NjA4MjEzODc0MDcwMA%3D%3D&google_push=AXcoOmQHt5fRYgZhtALjUeRYQk-v7AeuiIkHEgpmSVmPAhKgKFyFqay2lQ0AxwibeMIbJ2J__5behfUH9KYISOpuAhMF46zbBR-Y
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgzMTQ4MDA5NjA4MjEzODc0MDcwMA%3D%3D&google_push=AXcoOmQHt5fRYgZhtALjUeRYQk-v7AeuiIkHEgpmSVmPAhKgKFyFqay2lQ0AxwibeMIbJ2J__5behfUH9KYISOpuAhMF46zbBR-Y
date
Fri, 03 Nov 2023 03:31:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
cc.adingo.jp/adx/push/ Frame E38A 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESED-YyZTyZlXyHb8D7M8-BYY&google_cver=1&google_push=AXcoOmSog0u75-q4Z9IKhYwjCCMUrT6Ef1iHMJkm0L387Nv-x8hVbHY7Zjh4k8_DVqn85FSLmmI2QnJET-lh-xvvA9hLdy2V16_T
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.249.13 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-249-13.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
server
awselb/2.0
spacer.gif
an.yandex.ru/resource/ Frame E38A
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEIhMmFRSHofD3Ei9eXA_wwk?ext-param=AXcoOmTLk_NirVjzC4olvIwL4nVeSW_L9Rf-0FJRfGK8zlTX939VOXohufZMvehlP3qP6PKLgwxGeD3djuneFN_JrpI597dVMyGV7g&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEIhMmFRSHofD3Ei9eXA_wwk?redir-setuniq=1&ext-param=AXcoOmTLk_NirVjzC4olvIwL4nVeSW_L9Rf-0FJRfGK8zlTX939VOXohufZMvehlP3qP6PKLgwxGeD3djuneFN_JrpI597dVMyGV7g&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIhMmFRSHofD3Ei9eXA_wwk&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 18 Oct 2024 03:31:47 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E38A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLJIFMYxZ4ekbRKShpcVS1CR2TlAPqnE_9i5ufXUivHAvWqr-S647hKRs4yQbxdC52AZYXnw
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FA6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9maEoWlEZa7EPL6I9u8P7rqY8AUAAAAAOAHgBAI&bg=!XV6lXhHNAAb4oU7C2KE7ADQBe5WfOI9ZGbcalmLc3UaCEG5yWFOEw09fEYYojhaN8UOxoTmmqd673V4ogt3c2NAQcNhxAgAAAqNSAAAACGgBBwoACyzM2cYss8kZRBSlmQMRLLZJmXJfEcwRLlZYDmCMgcPOBkv_5K07X_bAiowJKk51GjaM4s9Y-TpMKDt14_i1LlaW6XREypMBhM54PUrHLNNcKtUbddXtuSgCAFRdZy3blfKGNXUnYPc1LuTwEOV0_l0qV7jpd-5RmKq0dTQa5TtClUETXd1Eg49VclusPqXMeNVEmKy2cOKlI3EGEX84z8heYjdSUI3yGsabwjA92_ojsv9gz0JN1TPhJCsIAZvvOlueBJZyihtz8XBeux2_ftnQ6IoeebT2WWoxMX6yJbfFyMxoEw7VF4154pkBU5CZKwxR1Tyoge27SnSWs7XRWTvT6CZKoDPncs5M8i1HxBcc4QLRGe1kkPnCOmkrCZ2vq-IJRUCJ0eT5eyvf8oB8ZZ3wd9S_PL2G4nei22A5iEvAdlMZqBPAzp2pKjGdoIqolRK8HPFDjBpl72yFFG9laIvYyFYt-gs4hKZ3u1SYPZepsMuXtVok5AE-_7jxN70d90xd9WhQ3B7bJp2-en4BfP39doeNTTVeZuZWsxmguGlwOgWdAUvGFrV6Pl1L1yu6Wxgz3DkawFOHNiGPYETrwvMF53vAau6C-fsm7T7ngdF3qw5Hs2Ki08--tZNFFEv9G0ODp_Ks1xotlgtrfMAQmNNa9Y1g8slWd8xSrYFCnRx3T4zNS9KN4P_fsC_37hYXYuEdWQh5bF8z3EDQrl7DvlGtsxR3jgBKY37jz45x8anJPYwsmMYEGaVqlBaMSP5hA3QHie0JJS7g9lV32Yrr9_o6CI2dfBvuqCkW2XtefZknwwKZCTIYzxBUHvWzNnaTModZDUwCUorQiF1y6ckAcAcQrSmnhkDjVOSwwJ4i0j3Bc4HZq079uzQXv8NTTrJoKl0oFfO6KY4ISvXDQU3kCio9TgilkNmoa_FK-EGzWIakymPHzmU4kM6YHCTctC_gIgMk4bhlSaWMYAhoMYxKPFytVjBGvFyDK3HWE_3-XM6Yr4WX6I-0_Rf1kC3A6QYgN8uA3yhoDmKCkZOoJOYjjlVVig6kU7IC1Udkm_yfbl4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 999A 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amt56Rfj6pRei-hfmUmlccYHxqZ-qFzWfRdY3NeLzu7kD_kwsdhZTnFXEspseGU0GWRoOtJw_fZ5Epi4hpGCsELtEMs5qJBK3WQAooWT9K4pBbIkGzueQbyUAiYwf4FVCnzFHu_9xqA6Ln0zpM5DAR04rNWzlLprl5a0z0Cp2WkCQPppk&cry=1&dbm_d=AKAmf-Ayaj1_YRwnrT-A_4PlakddCPgtgJaqeqf8nq3ogCgwQOjEPfYJZHY6eLWtQX-9lJIFeVEU8fwkWxer2gnBN_Ay8vy1ia1wxjdUo5kNiiqT2S612F9Pbdk51ezPq5e_fMrvyU2GKCuco97dm66GenNOaYOhujuba8zxyqvdmdTel-wAbB-ErcZceOlwwfsE0DE-Y7V92SiCOxtjE5-ezRiEgoDqGegXtBo2PEK2Eaeo2f5kUcT0QvKjpJZhzm13BAlw1bzQnQW24bGCHGSSjWGLYGUzvpp9hGLVxf0c7aiF4QBTLLMY7KMgqH5flUKv6Gw8pl7PDtCtYPNI6sB6wLDyZ1QVXV9SNQ7Ugm1sqTtU3Hc3pZ8sgbUKZV4Ef2NADyfRxt5pmuDPBsS8AodwQzPIssjTz0EC2lKYl3sVuHRWAyEK_4h71kh3rt0cQZV592V06BC2oxFnW_NkW_HLTpdpyeNeM6F7BTpnaKolmWV1XV9uY247Mq_WyRfXl4Le-f-xcR-byddOjkuGZ70K6Wyto06w4cQKgr4vD8ZXgbsqjFVwDRBTnQfZjqdxtk2gcD3BEvgCvKNCjp8skTz3tgMl2VKc0R1te9El3i8onfQ0x3dYRhT4qwP82fjUQsWHUTj-kQWFAszpACrRraNA5W2zt1_Ozm_ZfaM76xDpwJvr0Bq24bSFDDZdgze6iTf78NywNGWww80R5PnWoKoPZrCi7Ppd_I5serlR25sCAGujmbH4_pu0dq4PKeWF20fQ7yBrJu9jfDKQetty-nnJJzrb3ZxfuwGRkt_Gvc4y0IATpFzb1SMnAmz2Uz2KY59pDAlF3lXE_V4OqykCxGiGJPuqwS-ghJImE3Nq1weX09GHa8oDWx_boqSSysBly378JRyh6UCtTm7-wJxVAe7yrwEqUfJGnHjLOHC5Ub2-XYUXXOdwzQzz0ZWF6h3RWU7f4EJNbVFBSOOMMOhriLYPDcSeFjWwIF96rPNF-bWCuH_fwzhgVpdsgQOT6gBmYcPkv869WNTtBewIzE0HLICouNwH_SmeacLeDaVTBTcG1OJ4VRKb4lzjR960sKVdOWWTA16bTHXNgPp1qJgegIQ34s8auS4nhsUH2xCTYy2vCPAAc2L5tY32WILN-48TgyND9_z20o4j3cFu7mY4j8sXZkakU2k_sg1DX4DgS1oXC2XYKbcuKj5ctPebcarcwP6GWbShEgax8m3t0AWA5-j5TNcs_Zj3IsLzQIp6TGYKzYI2OYlAJEbymqAcsXsu0xTnWsFGT_O2PM8f8ig_xghBt7NGyiqlJ2KSzLdhXlEF0FM-ljrZAhUQJFNcS0CKYPmjlS5QnitSAYYNA8nsrgCI5_p5ZDf5eYBk42WsuNc0-WublZTUaBP8STL4yVveSAzSlFAuC4XNPDGrJKoYCY6NIqhHF4q6abcENZQcgVZ7bXYGful0_zzfNqVQUpulx3uwMO_l7VijG_ZeeTtXDTQRzpbGQquYXixlYeZtfzeRztBSVSQ8bN4JYr-tYi4ygv-dPNaIvC6YRhMoke64gbws_0S8lM0FwTm8eqblqi4IL-ObFRiCrCn9Rc9fc8iJRsY89t6NyqpzGSGSm_tCgpdSuoK88FVVfUKS9St_Ubd0MAVprYvydolQplgusEvAFdVePgRwvQL2kl1Sd36DvkZTf7o4YfqA0oqaKHhdrk7rhEzK2h_OBfdGWDysJoXN9AUnGiNlJMHzsg5pqHTGcoi4SJyQL83zhJwaih3Y-KkJ4wtmOW73Jhw2Ewdt0bT6wIkihjLMK3iUXA6OZq5i9aGzhdzAO1UK319Q35POr0xTpe7-6xAUVDTYdPu3iuXLtQjTdG95V5XVbt7NL0acmXIPIIsweuS0pGIimqc-kpdwVLlrXCH6WyKrGPl5B9IIx6tHV_pxtnfjcZ-yJAK55BlJTLem2wz1ipqFvluhlQB6nGCyk01Kt9her5YfA604kGMxiWG6hMZmMCru4YySL7SerSWcXO9nBVH0AZaPRzOnNC2B_sC3HCkB5zjKjSEGS7SL-ppZ8TDssgpyGhAMXHbnD-SKfPmFEZtNABoanR68VrfkgnnY3cBpR2w_B035czOeGOFU1Vd1WUglSiN4PaAEjJbNwKwKhTh2nJ-oVloFLeMjYTSQCQDQv5iBRcFXEoYVAmbP1fVIisQvcHVW0DXeU4YexsyYVbOGpmgvawd7vkk6sPXsZECqgxiCO_muq7vZp5RyC0eHg1wUW-HS3SJvEV-sbJT99Qtff6iVNE-ak-CpTiYVRiMDwF1FtkN_IDr5qYsaKnC-NN-uXlfAgP4ohGIKPOzyNbP_QNbSmzdAGMF_vT97TpX7kN_s6AMouHSgTFhj4nLuCcf2V1Ka2d_heAHz_pLYAXM1qHzmOO6mlhyUmb_hCmk0Olg0YraWCP8vz09PkDFxZ-JiI_gxHjBGDjL7_gNwF5fGFCnlGkuoZC0Q4-H23EXAi4dKQN0x9s0VNfPd0WOqmSSj0Z3JAYAB8DEEFAPEtVE_tNdUuGywImbKmgOd5GI0eaFhKjUA23PCJwNiscrFKZzNugLPmqdHsvSUBJaE2x2XoRM0PMlFbWlxKzCj7Soti-WUTVQNaA4uFTHkhHA3vTdfNDRnRrnHyH-CWOfWZoxu6SqalgOR3aVK1A9JexH-6lcp9mIfG7hq12OinXUgQbTH1-0nwuvVEMrETVEixvJGVaXf20fca7WstpvFzd8KR5rSTMMWT0_xpLlGNrRzMAQoGB21qGKwSjGycMfOX1mSvxPf7Xz-Sakl9Tu0BoCYNbrLcnVpJJP2rqGOhGBUiNMqTXgEfPslcLnqUXbH5hnG0i_Ta8LwyG-4IrJSurp4iRecK63uJ8FtH8Zvxmb8upc60uMXCfaOYJmTXPEX-xDE50W1lzrbRxIvoRipcNd7GrXhiJ76Bu15lFZsMwjlqkPmWZftBDosPQts0BkapOUFylYDfWygIhgZ7l0xqH3qtRkik9qIPH5r05QUfbF4jvv4pThVCqttuYeI_0ypnKsXa8bSbsLNOrCh4F_dYS8VoJTDhyhcI9Y9naFDrsiEamRFM2Icw8sR7l9vF7bcx1eTC2koKwjTotVlC4W5kK_y6EzWIcQ2VWPITRn8LW8mPHTAgP5_t8PM6A7P8wuY6zW6qvw_ABrvcyCXuAF7hQEpNT9VVVZ9FAXTA31zszrY-a_gD7n_7jmC0tx-w5y_JlnoWhpGdcObFLca_8byEZINDLbi_IFy6yrNFfuVldpjmTpo3UAr7gXCV0LhA7uzh4RZv1zYh_GKM7WNn_V1cr7DZfMtiGf-nOK0Hy8SzUpUkW3UfI97e1bItwFJjWgezPH-4ZeUFSrDVwoc3vY-0HZh-KDvaQc-osDwW1FI-1xm8J3sFgjdBt3tkQmQU0dvpLVgFKeV1eORw7jYoNpktEhOrk_K3KIoEFXJ9bxLPI_9jwRD83D5fpgy-TQP-r7c-2NmzL04q9fULWC6KOha8_qM3mwdCu0ZaUSvdvzZjl5RPyVqYvyaE9rNeEoV3LUaghSTrQKAOd_kzEq9LcF_WPJcjyute_9jm_hn_Q8B__rmq0qcDILVWqMzcgOtuErYgKp0SlrmJKrAIwX3rQVq-RvsTGphdWL80ezi2lr2Hnem1D-IJ7pxzz37SJWlipRMKXwrPoBla9AIfsVaZAKWFbM3viBUPEE44H1MKTtmvmt398m82Iw6rq-RAsL6rQtVlVUzr0evbxyZ_iteYkf7WTGJJMy8WDmAvM64y3NAZPII9ZOIOXXj1Cdn5dqNqHHOtQRXjKOFq5GzBZ8ahkw4wvM73Cpc56eeYxkrk62kowJ2xicGfvbgxg4L75aokl3B7EPFONM-5RHqyzenwzA_7pnKDV8_H2UdkvkRVp3_b7QOOgrVz_KDLbKBnspDBruIa5N1GCyJXBgQ17YeGaK4wWnx_5H8piPCdQit3X_IPNctNreCY125lhTGxTcR9rjTjEKccF_mg9IknaigVxbT5VY&cid=CAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=1029451216087367800&adk=2924174872&idt=52&cac=0&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:21:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
server
cafe
etag
17132697034905592634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:21:54 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 999A 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amt56Rfj6pRei-hfmUmlccYHxqZ-qFzWfRdY3NeLzu7kD_kwsdhZTnFXEspseGU0GWRoOtJw_fZ5Epi4hpGCsELtEMs5qJBK3WQAooWT9K4pBbIkGzueQbyUAiYwf4FVCnzFHu_9xqA6Ln0zpM5DAR04rNWzlLprl5a0z0Cp2WkCQPppk&cry=1&dbm_d=AKAmf-Ayaj1_YRwnrT-A_4PlakddCPgtgJaqeqf8nq3ogCgwQOjEPfYJZHY6eLWtQX-9lJIFeVEU8fwkWxer2gnBN_Ay8vy1ia1wxjdUo5kNiiqT2S612F9Pbdk51ezPq5e_fMrvyU2GKCuco97dm66GenNOaYOhujuba8zxyqvdmdTel-wAbB-ErcZceOlwwfsE0DE-Y7V92SiCOxtjE5-ezRiEgoDqGegXtBo2PEK2Eaeo2f5kUcT0QvKjpJZhzm13BAlw1bzQnQW24bGCHGSSjWGLYGUzvpp9hGLVxf0c7aiF4QBTLLMY7KMgqH5flUKv6Gw8pl7PDtCtYPNI6sB6wLDyZ1QVXV9SNQ7Ugm1sqTtU3Hc3pZ8sgbUKZV4Ef2NADyfRxt5pmuDPBsS8AodwQzPIssjTz0EC2lKYl3sVuHRWAyEK_4h71kh3rt0cQZV592V06BC2oxFnW_NkW_HLTpdpyeNeM6F7BTpnaKolmWV1XV9uY247Mq_WyRfXl4Le-f-xcR-byddOjkuGZ70K6Wyto06w4cQKgr4vD8ZXgbsqjFVwDRBTnQfZjqdxtk2gcD3BEvgCvKNCjp8skTz3tgMl2VKc0R1te9El3i8onfQ0x3dYRhT4qwP82fjUQsWHUTj-kQWFAszpACrRraNA5W2zt1_Ozm_ZfaM76xDpwJvr0Bq24bSFDDZdgze6iTf78NywNGWww80R5PnWoKoPZrCi7Ppd_I5serlR25sCAGujmbH4_pu0dq4PKeWF20fQ7yBrJu9jfDKQetty-nnJJzrb3ZxfuwGRkt_Gvc4y0IATpFzb1SMnAmz2Uz2KY59pDAlF3lXE_V4OqykCxGiGJPuqwS-ghJImE3Nq1weX09GHa8oDWx_boqSSysBly378JRyh6UCtTm7-wJxVAe7yrwEqUfJGnHjLOHC5Ub2-XYUXXOdwzQzz0ZWF6h3RWU7f4EJNbVFBSOOMMOhriLYPDcSeFjWwIF96rPNF-bWCuH_fwzhgVpdsgQOT6gBmYcPkv869WNTtBewIzE0HLICouNwH_SmeacLeDaVTBTcG1OJ4VRKb4lzjR960sKVdOWWTA16bTHXNgPp1qJgegIQ34s8auS4nhsUH2xCTYy2vCPAAc2L5tY32WILN-48TgyND9_z20o4j3cFu7mY4j8sXZkakU2k_sg1DX4DgS1oXC2XYKbcuKj5ctPebcarcwP6GWbShEgax8m3t0AWA5-j5TNcs_Zj3IsLzQIp6TGYKzYI2OYlAJEbymqAcsXsu0xTnWsFGT_O2PM8f8ig_xghBt7NGyiqlJ2KSzLdhXlEF0FM-ljrZAhUQJFNcS0CKYPmjlS5QnitSAYYNA8nsrgCI5_p5ZDf5eYBk42WsuNc0-WublZTUaBP8STL4yVveSAzSlFAuC4XNPDGrJKoYCY6NIqhHF4q6abcENZQcgVZ7bXYGful0_zzfNqVQUpulx3uwMO_l7VijG_ZeeTtXDTQRzpbGQquYXixlYeZtfzeRztBSVSQ8bN4JYr-tYi4ygv-dPNaIvC6YRhMoke64gbws_0S8lM0FwTm8eqblqi4IL-ObFRiCrCn9Rc9fc8iJRsY89t6NyqpzGSGSm_tCgpdSuoK88FVVfUKS9St_Ubd0MAVprYvydolQplgusEvAFdVePgRwvQL2kl1Sd36DvkZTf7o4YfqA0oqaKHhdrk7rhEzK2h_OBfdGWDysJoXN9AUnGiNlJMHzsg5pqHTGcoi4SJyQL83zhJwaih3Y-KkJ4wtmOW73Jhw2Ewdt0bT6wIkihjLMK3iUXA6OZq5i9aGzhdzAO1UK319Q35POr0xTpe7-6xAUVDTYdPu3iuXLtQjTdG95V5XVbt7NL0acmXIPIIsweuS0pGIimqc-kpdwVLlrXCH6WyKrGPl5B9IIx6tHV_pxtnfjcZ-yJAK55BlJTLem2wz1ipqFvluhlQB6nGCyk01Kt9her5YfA604kGMxiWG6hMZmMCru4YySL7SerSWcXO9nBVH0AZaPRzOnNC2B_sC3HCkB5zjKjSEGS7SL-ppZ8TDssgpyGhAMXHbnD-SKfPmFEZtNABoanR68VrfkgnnY3cBpR2w_B035czOeGOFU1Vd1WUglSiN4PaAEjJbNwKwKhTh2nJ-oVloFLeMjYTSQCQDQv5iBRcFXEoYVAmbP1fVIisQvcHVW0DXeU4YexsyYVbOGpmgvawd7vkk6sPXsZECqgxiCO_muq7vZp5RyC0eHg1wUW-HS3SJvEV-sbJT99Qtff6iVNE-ak-CpTiYVRiMDwF1FtkN_IDr5qYsaKnC-NN-uXlfAgP4ohGIKPOzyNbP_QNbSmzdAGMF_vT97TpX7kN_s6AMouHSgTFhj4nLuCcf2V1Ka2d_heAHz_pLYAXM1qHzmOO6mlhyUmb_hCmk0Olg0YraWCP8vz09PkDFxZ-JiI_gxHjBGDjL7_gNwF5fGFCnlGkuoZC0Q4-H23EXAi4dKQN0x9s0VNfPd0WOqmSSj0Z3JAYAB8DEEFAPEtVE_tNdUuGywImbKmgOd5GI0eaFhKjUA23PCJwNiscrFKZzNugLPmqdHsvSUBJaE2x2XoRM0PMlFbWlxKzCj7Soti-WUTVQNaA4uFTHkhHA3vTdfNDRnRrnHyH-CWOfWZoxu6SqalgOR3aVK1A9JexH-6lcp9mIfG7hq12OinXUgQbTH1-0nwuvVEMrETVEixvJGVaXf20fca7WstpvFzd8KR5rSTMMWT0_xpLlGNrRzMAQoGB21qGKwSjGycMfOX1mSvxPf7Xz-Sakl9Tu0BoCYNbrLcnVpJJP2rqGOhGBUiNMqTXgEfPslcLnqUXbH5hnG0i_Ta8LwyG-4IrJSurp4iRecK63uJ8FtH8Zvxmb8upc60uMXCfaOYJmTXPEX-xDE50W1lzrbRxIvoRipcNd7GrXhiJ76Bu15lFZsMwjlqkPmWZftBDosPQts0BkapOUFylYDfWygIhgZ7l0xqH3qtRkik9qIPH5r05QUfbF4jvv4pThVCqttuYeI_0ypnKsXa8bSbsLNOrCh4F_dYS8VoJTDhyhcI9Y9naFDrsiEamRFM2Icw8sR7l9vF7bcx1eTC2koKwjTotVlC4W5kK_y6EzWIcQ2VWPITRn8LW8mPHTAgP5_t8PM6A7P8wuY6zW6qvw_ABrvcyCXuAF7hQEpNT9VVVZ9FAXTA31zszrY-a_gD7n_7jmC0tx-w5y_JlnoWhpGdcObFLca_8byEZINDLbi_IFy6yrNFfuVldpjmTpo3UAr7gXCV0LhA7uzh4RZv1zYh_GKM7WNn_V1cr7DZfMtiGf-nOK0Hy8SzUpUkW3UfI97e1bItwFJjWgezPH-4ZeUFSrDVwoc3vY-0HZh-KDvaQc-osDwW1FI-1xm8J3sFgjdBt3tkQmQU0dvpLVgFKeV1eORw7jYoNpktEhOrk_K3KIoEFXJ9bxLPI_9jwRD83D5fpgy-TQP-r7c-2NmzL04q9fULWC6KOha8_qM3mwdCu0ZaUSvdvzZjl5RPyVqYvyaE9rNeEoV3LUaghSTrQKAOd_kzEq9LcF_WPJcjyute_9jm_hn_Q8B__rmq0qcDILVWqMzcgOtuErYgKp0SlrmJKrAIwX3rQVq-RvsTGphdWL80ezi2lr2Hnem1D-IJ7pxzz37SJWlipRMKXwrPoBla9AIfsVaZAKWFbM3viBUPEE44H1MKTtmvmt398m82Iw6rq-RAsL6rQtVlVUzr0evbxyZ_iteYkf7WTGJJMy8WDmAvM64y3NAZPII9ZOIOXXj1Cdn5dqNqHHOtQRXjKOFq5GzBZ8ahkw4wvM73Cpc56eeYxkrk62kowJ2xicGfvbgxg4L75aokl3B7EPFONM-5RHqyzenwzA_7pnKDV8_H2UdkvkRVp3_b7QOOgrVz_KDLbKBnspDBruIa5N1GCyJXBgQ17YeGaK4wWnx_5H8piPCdQit3X_IPNctNreCY125lhTGxTcR9rjTjEKccF_mg9IknaigVxbT5VY&cid=CAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=1029451216087367800&adk=2924174872&idt=52&cac=0&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 14:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
566028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 14:17:59 GMT
banner
ad4.adfarm1.adition.com/ Frame 999A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301109%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1698982306%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698982305873%26bpp%3D109%26bdt%3D626%26idt%3D281%26shv%3Dr20231101%26mjsv%3Dm202310300101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D307be2235f26f96e%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA%26gpic%3DUID%253D00000cb365667b13%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ%26correlator%3D1015684392095%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D65000381.1698982304%26ga_sid%3D1698982306%26ga_hid%3D754037170%26ga_fc%3D1%26nhd%3D1%26u_tz%3D60%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D2909%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1328499802%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31078019%252C44805934%252C44807047%252C44807462%252C31078297%252C31079328%252C44803791%252C31079423%26oid%3D2%26pvsid%3D399751795879316%26tmod%3D1607923168%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.l7uv2uwh1lbv%26btvi%3D1%26fsb%3D1%26dtd%3D297&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301109%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1698982306%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698982305873%26bpp%3D109%26bdt%3D626%26idt%3D281%26shv%3Dr20231101%26mjsv%3Dm202310300101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D307be2235f26f96e%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA%26gpic%3DUID%253D00000cb365667b13%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ%26correlator%3D1015684392095%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D65000381.1698982304%26ga_sid%3D1698982306%26ga_hid%3D754037170%26ga_fc%3D1%26nhd%3D1%26u_tz%3D60%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D2909%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1328499802%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31078019%252C44805934%252C44807047%252C44807462%252C31078297%252C31079328%252C44803791%252C31079423%26oid%3D2%26pvsid%3D399751795879316%26tmod%3D1607923168%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.l7uv2uwh1lbv%26btvi%3D1%26fsb%3D1%26dtd%3D297&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7297073436466217318&wi=1985829617&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CEm3SomlEZYDEEMrFkwPmo6CACMmB__pz0f6cspgSl8-ivcABEAEg0syBGmD1BaAB-JPauQLIAQmpAif4hjzb4rE-qAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2_ENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE_0g7pOnnNddv6_XGtU1HiLN1TFoi7xdGVCcvYlf47jk-I6RlMT8oC-Iv_4oDUfRKd6g8tqLEyxqsV9_eMBGK1zhiBhM-blMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55_1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI_B66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq-4x3t9Nccc8bxK0-VksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE&sig=AOD64_2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw&client=ca-pub-4485239425924787&dbm_c=AKAmf-AExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv_ik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3_Mz98eX7n0uEHQifQGZf-Q&cry=1&dbm_d=AKAmf-DD23m_Y66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa_bogzOA2qzY__pPJlOUj2imafsEwJWf6CUvWgk_sokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp-_JYlDE5gGwc-99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV-1WiXGSKNeMuaeyt_5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj_QlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn_ivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG__2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM-HE3_iEDJoMM6EwDxcw1Y3Ndmq_TT3-wjAoIIP6qvA1FvUdG3bxM7wEF5Kg&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
a57c8746058a6883bf5ffd626a95bb8bb82957287e54eb3b6e75480c7bdb654f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 04:31:47 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A04 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bez9toWlEZbS9PM_ZgAfKu4ngDQAAAAA4AeAEAg&bg=!8_Cl8L_NAAb4oU7C2KE7ADQBe5WfOJk60DBSO_Wg9GKGeXfjkYcE040-h8YeL6Fvd25o0VTSxioGOL4WbquULnsPFhJTAgAAAjVSAAAABmgBB5kC0I1GOECTfP5VEukyAvtdnGEgh595Vhad0v5ikU3OZZCWycCO1x4W7AY2nPRImZZq-Oi-uvI5d3FfhdDWUgTfcau79meY0Rdc9GpmH6QMf4PRJcfFhxdDTJtYQEiBEfF_K45glgtRsiPa0zAINgwOB98h-fVYpEyB7xfvDNgp3eSkHNOSl_v4hSd8M7_E0m0RODSc50FQOpVBVcopMhCb2f5FbbIRM2oK4nOjET1dzvHJdKyqoQJG2UXS7a_mDfLQqkjuDb2Q1Y9ANFjLIeEKqBDMHFJLGHLsFRAFtUYP9mTG84gHXyA9f9WExr8vygA20sqJfMpUV7BCYNxWs8LDkiCtepj2hHC6KXYM3ojOgOfmkkKrF2nUvZpkMGMiJ13VnLKsNhcC6ge2xqK5RHFBCgWU2rC0MKug9VKCGZn7KrTqfJa7d4hgX5s98UXkcdqAwz33VP8X_cQoqSLFO5VZkvfg0H7cU4woyxfq8mwdhGBQrZIl3PCPpC64bOE-90co9TWbrqFoB4VzWtmFXoQmJngAQibcjoGKpu-1dZDSvb4ylXVMU5b4NxrJtZlZJHfCLPSMMkPvNwdv3JKM0klzmFODa08-2W_2kQ-ZBUg5GsTMwX7tIv3D9kJ8LG9sWPzFvBkQB3CNwRzdzrBsqdSUTQHQuNiqgxtYX5n7rku47aA9VI52x0jNleyrcqZe8J-6mUtn1Kuqj_surv--inhT7GILRs9kkLqqD9_gk46nqF-mpppEQQiZ2y8WozZSzrWqEF5ZfFOpTh9UAsEl-a0E_UQIlbakDeDQzfLB_cBKQ0XiPXoBhk5UdHSSkWR4I46wLzfMmiobrA394fz0QW-A7APFcXTEmf6a2FETe8g92Rdl2I-6lhvNa-0GdvzA7Iy2QWWUafsrTkB0VVIjIMQQ78bCHqOFGP8mBGCN8PlllFO-fvwysTtdduHyznmYxZOwEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		64 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b20645d9889636b28396af7bb164384f9e4aae959d3c374465179f302079acdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6968-MXP
date
Fri, 03 Nov 2023 03:31:47 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
a.gsitrix.com/view/ Frame 2F02 		58 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418380&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1698982306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash
0320b8bc1125b63bd06db4e0d7864bd29f6dad6096cc9432cec0522e2ae49997

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
access-control-allow-methods
*
p3p
CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sat, 13 Jun 1992 00:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 2F02 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=23723680&cmp=25&sid=50003&plc=418380&adsrv=0&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1698982306
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d71f15e40a332b01a051d53e8b0bbb334f02456038d71e42ca042a109f85089e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 16:20:00 GMT
Server
UploadServer
ETag
"a79c3d2317a69a2d393fe775760ee349"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3640
Expires
Fri, 03 Nov 2023 03:46:47 GMT
index.html
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/ Frame A875 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da36136c4a7bb695acef1.htm?tp=onetag&contentonly=true&cachebuster=1698982306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f8383a5be6d1a813f66622bf5428d3d3abe09cedb1141e6c69c48c9fadc8f381

Request headers

Referer
https://mediaintelligence.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Range
access-control-allow-origin
*
access-control-expose-headers
Content-Length
access-control-max-age
3600
content-encoding
br
content-length
5245
content-type
text/html
date
Fri, 03 Nov 2023 03:15:49 GMT
etag
W/"653a0907-4d29"
last-modified
Thu, 26 Oct 2023 06:36:55 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
x-cdn-pop-ip
137.74.120.0/27
x-grace
full
x-request-id
345639032
js
ad2.adfarm1.adition.com/ Frame 999A 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7297073445048748812&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301109%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1698982306%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698982305873%26bpp%3D109%26bdt%3D626%26idt%3D281%26shv%3Dr20231101%26mjsv%3Dm202310300101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D307be2235f26f96e%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA%26gpic%3DUID%253D00000cb365667b13%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ%26correlator%3D1015684392095%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D65000381.1698982304%26ga_sid%3D1698982306%26ga_hid%3D754037170%26ga_fc%3D1%26nhd%3D1%26u_tz%3D60%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D2909%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1328499802%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31078019%252C44805934%252C44807047%252C44807462%252C31078297%252C31079328%252C44803791%252C31079423%26oid%3D2%26pvsid%3D399751795879316%26tmod%3D1607923168%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.l7uv2uwh1lbv%26btvi%3D1%26fsb%3D1%26dtd%3D297&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301109%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1698982306%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698982305873%26bpp%3D109%26bdt%3D626%26idt%3D281%26shv%3Dr20231101%26mjsv%3Dm202310300101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D307be2235f26f96e%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA%26gpic%3DUID%253D00000cb365667b13%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ%26correlator%3D1015684392095%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D65000381.1698982304%26ga_sid%3D1698982306%26ga_hid%3D754037170%26ga_fc%3D1%26nhd%3D1%26u_tz%3D60%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D2909%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1328499802%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31078019%252C44805934%252C44807047%252C44807462%252C31078297%252C31079328%252C44803791%252C31079423%26oid%3D2%26pvsid%3D399751795879316%26tmod%3D1607923168%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.l7uv2uwh1lbv%26btvi%3D1%26fsb%3D1%26dtd%3D297&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7297073436466217318&wi=1985829617&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
4b5e31d5374b27ceebc38e40109e2e69aead432b5ff8764167464fe727a748f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Fri, 03 Nov 2023 04:31:47 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5BFA 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
566006
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 14:18:21 GMT
expires
Sat, 26 Oct 2024 14:18:21 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B8CC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJrSaomlEZY9YmIHfA4-aiogPAAAAADgB4AQC&bg=!bW6lbiHNAAb4oU7C2KE7ADQBe5WfOHCz_dNAy0QWm7e1eP6ofZ_tDzV7ELIR19c72nS2SJb_6NsVXjsc9i5mUiq9zSwTAgAAAe1SAAAACWgBBwoAhakHXJd3W6dHMvsL82G93AUdKtnBUPE9jhnxCcccWJTlZbx5a9-5NkXEQ7z6Pp_HqifRAg046YvgsrWJrUFSaa8O3ZPcF4u6N7BEZ1EQtzGu7ExUZWsOuHPsDu1l99AbhG_yPOL5VA3LCImgpxtlDQsfG7YIApLsPjLKnsdx60thUtUFU6iZAwNYbXxjR9D6eXYNb3zeMSqARNg5SK5dGnvMj4JD7czG1VOIu34tE34xb95VEB8Vn4RpWJeIQdnooaXUhAbvIvWAlrzK6T8Qf8uRNyA7FGIP1RogYNSjK_Gnx23LbizaIBsWOBCK6pFWn-Cyu2YrWhasToqK6zvPhUibRKEG5BsWMf-A5EZ5FDTgOMnrdNtZOBXyRyVpbphnRvIHin-DiA2jEuQlo-Xd5TTlb61-eFnNQaIiuihMJeYR5oydsDViHXZX0IlgenW37-ljj29jLINcYtgavRg-HZJUHuOxTLVxxGQbK6mtk9G7b-xbNXaHWxDn9I_lg62Jp83oSt8MDsqVK3di8XRLmnI-NmziJpZT0S09JiZRvayF64bG0G9Cl5BYDke8mUrtaVGChv6oByzQwvsHDPxXSg2CF1ZNzn-wXVH6iKTBB6NMD-y4v1CYcAekSE0MCSoZjE4maaItu5kuxCbNPxVlIz5jedqskSTILaw5ZpjUc9d5HHB1rGu4ainNrdJeRToZG4Cww5b3dSWM5Ba7UdlTFXY0_7xRJoUKzjX-UVS8D3oI4FwByen02T2GawfEKk0xcSZJAO2eMX9AJhjbR3QKjRX4vz1axbQhAwX5f8xcGRiPiKaD_F_0GBKeNApMQ4jQ0XqenVNBP2IeB2Xw1n5-VkmfirKWX_z5sH8Z3gvv_GYInqsVCIS-qDtdbip5MBGbWTJ1D_fAmiff2rQXUyW3US7So9StGypZH-rKK12oI13NEn92fJFD2UtEEOJRK_3VBBQgRxp0nDP5JoazJITf9Kcjy7W7rYw_7HLy0NvL-94pMBqRUZ3AsrkJ-WScfdb2uOCj1FciKEUK0sMN-dhDSzFWjvHv9MfGh3FanNa4j7vmkPj52lPC7UZB0cL4PKXikq14T3d4FngfEGFtVtO8stgMwWqxQMio7NybMVn0HUz-GX0xaOdkPYeCun1nCEnLNTVK9vFwK5ZPWKuYR1T8CAFn0aQ9WQiEyjPBXgtnljbL5MaQ2q1cXeZzInA
Requested by
Host: bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
URL: https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-164
cdn-cachedat
10/31/2023 18:59:58
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
2b5ecf63be1f3602be3eb06dffb6e420
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-679
cdn-cachedat
10/31/2023 18:59:35
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
ee8804b985f4373c6fa57d34313a0d20
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 18:50:43
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
c46bbcc4ce20dddb440e8649869333a5
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-168
cdn-cachedat
10/31/2023 18:50:51
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
b7edae7a2548386c775911f2a2d3b112
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20&uad=23486e247f92e4c471a1257c9b60a2cbed3cd92d61b8b42145a118d0efddbdb8&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:47 GMT
cache-control
no-store
server
nginx
65482087-6fe0-4f67-9a1f-9676f3607128
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/65482087-6fe0-4f67-9a1f-9676f3607128
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
banner
ad2.adfarm1.adition.com/ Frame 999A 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4389193&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301109%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1698982306%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698982305873%26bpp%3D109%26bdt%3D626%26idt%3D281%26shv%3Dr20231101%26mjsv%3Dm202310300101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D307be2235f26f96e%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA%26gpic%3DUID%253D00000cb365667b13%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ%26correlator%3D1015684392095%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D65000381.1698982304%26ga_sid%3D1698982306%26ga_hid%3D754037170%26ga_fc%3D1%26nhd%3D1%26u_tz%3D60%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D2909%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1328499802%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31078019%252C44805934%252C44807047%252C44807462%252C31078297%252C31079328%252C44803791%252C31079423%26oid%3D2%26pvsid%3D399751795879316%26tmod%3D1607923168%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.l7uv2uwh1lbv%26btvi%3D1%26fsb%3D1%26dtd%3D297&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301109%26pi%3Dt.ma%7Eas.3006%252F14893_2023%26w%3D336%26lmt%3D1698982306%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698982305873%26bpp%3D109%26bdt%3D626%26idt%3D281%26shv%3Dr20231101%26mjsv%3Dm202310300101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D307be2235f26f96e%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA%26gpic%3DUID%253D00000cb365667b13%253AT%253D1698982304%253ART%253D1698982304%253AS%253DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ%26correlator%3D1015684392095%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D65000381.1698982304%26ga_sid%3D1698982306%26ga_hid%3D754037170%26ga_fc%3D1%26nhd%3D1%26u_tz%3D60%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D2909%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D1328499802%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31078019%252C44805934%252C44807047%252C44807462%252C31078297%252C31079328%252C44803791%252C31079423%26oid%3D2%26pvsid%3D399751795879316%26tmod%3D1607923168%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.l7uv2uwh1lbv%26btvi%3D1%26fsb%3D1%26dtd%3D297&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7297073436466217318&kid=5609187&kw=PACS%5F4787111%5F17068013&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7297073445048748812&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
95e86399378b9e467acfe34931dea9f14faa138de134958575d14432830be4d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 04:31:47 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 5BFA 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:33:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
115082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:33:45 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00902e76286f07982a371a753d9f0ab4970bdeb263f00b361f1c7dd8126594b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92948
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 03:31:47 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b4876cc5ecad6b8f19dfbae30f9117e73ccf6623f73ce2983dd983e4e4f270a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93037
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 03:31:47 GMT
generate_204
tpc.googlesyndication.com/ Frame 3419 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8i3YWg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1fc4e847-81fc-4328-9911-f693c00cd860
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/1fc4e847-81fc-4328-9911-f693c00cd860
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
749644b4-13cf-4fd1-8f82-a4e6ae72fdcb
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/749644b4-13cf-4fd1-8f82-a4e6ae72fdcb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html
imagesrv.adition.com/banners/268/01/03/c1/23/ Frame 2DA9 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
ab9a2aa06c9954233dfa03111f9ba193dd70a6c2e889b317023b3be6e81ad572

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
1088
content-type
text/html
date
Fri, 03 Nov 2023 03:31:47 GMT
etag
"1930707213-br"
last-modified
Thu, 01 Jun 2023 08:54:58 GMT
vary
Accept-Encoding
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame 999A 		2 KB
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7297073445048748812&btr=true&pos=top-right&cid=558342&aid=558342
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
a8bb3b3f53002f26ddac2b30db0bd1851ba307fa7255b82c3ca423e03a87553f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
content-length
608
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 32D3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
40190
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 03 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 999A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5b2ced7185c7b94a61a5853c4ce29456b8df4ec575ecc1e8d1df31a11db7110

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame 2DA9 		753 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 14:03:40 GMT
etag
"1134380014-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
createjs.min.js
code.createjs.com/1.0.0/ Frame 2DA9 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100::213:c699 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:46:47 GMT
Mueller_Multimedia_Emotional_300x250_x_220105_vdj.js
imagesrv.adition.com/banners/268/01/03/c1/23/ Frame 2DA9 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.js?1656412763783
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
efc473dcdcf62e562f384ba4112558f559de7b8c98646d74b8392bba18d8a1c8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
last-modified
Fri, 22 Jul 2022 09:12:52 GMT
etag
"420280442-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
7986
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 18:58:34
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
ecf4295b3e55766f9b84aa7f995d0773
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
bg.jpg
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/bg.jpg
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2849822cf4e301f243ffaa9d75ef79c1d11ff1dd58c3929c7f6c9a8b9d6c88b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:44:38 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1571
x-request-id
153912754
last-modified
Wed, 25 Oct 2023 12:15:37 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653906e9-623"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Fri, 24 Nov 2023 16:44:38 GMT
title1.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/title1.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
063c5ad5f7a9841baa04c6d1be02e2dc899de5d9cfc244160870bdced679e637

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
2351
x-request-id
161191844
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-92f"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
title2.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/title2.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
78165422bbfab7eb8f4fc7f811e5ab9a6f7fed8ce67a867c495db3ac4ee92fce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
3156
x-request-id
161191845
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-c54"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
title3.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/title3.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cf78f595b41917c38d6753af680fe5e46850a184686a4e635e31a1921915aa7a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:44:39 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1267
x-request-id
153912762
last-modified
Wed, 25 Oct 2023 12:15:38 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653906ea-4f3"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Fri, 24 Nov 2023 16:44:39 GMT
terea.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/terea.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a4e4719ed51405a4c87ab0ddb8d69620d9afaff97faa3a1040046fa2c272c988

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
11353
x-request-id
161191847
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-2c59"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
device1.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/device1.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
251f042187fdf6088f397ad7858a36859dfd7ab8fc1350cd1ff8ce84e5ffea7a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
15324
x-request-id
161191848
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-3bdc"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
text1.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text1.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bd28563e5697baaad4af9ad150f0fbc91df7c7337d9ce5b2c1a4f42c38852f38

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
2418
x-request-id
161191849
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-972"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
device2.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/device2.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
8cc039b3eb06f163b57045dca66e2d6143369dde0bb2d4615a4407a37e8e0b67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
19003
x-request-id
161191850
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-4a3b"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
text2.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text2.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
17ec579fcc54760dc311b0a6b284495059ee0067cabf38b8f623fbc563b80d33

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
2811
x-request-id
161191851
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-afb"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
text3.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text3.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9970cd25be69eacc0338425d98f1ad6064c54fe4d51d5232108cb2d1e594abe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:44:40 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1126
x-request-id
153912800
last-modified
Wed, 25 Oct 2023 12:15:38 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653906ea-466"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Fri, 24 Nov 2023 16:44:40 GMT
text4.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text4.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d825171ee049738384d39c60a6f320f7c0a8705d6e182ef85ce5aa6c408fb4d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1305
x-request-id
161191853
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-519"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
text5.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text5.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
66168fa5f89845f41a2b9a483a19d5c8602bc732b19f8554f83c55494a0722fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1476
x-request-id
161191854
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-5c4"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
legal.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/legal.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ae8e897ab5cdad4df9514d0978ccdca9a75220a2099fcab931dfbcdcd2d7b893

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
6543
x-request-id
161191855
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-198f"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
device3.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/device3.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cee99bbb02727f60a13953bb2e143d789811fd300be17e2b2625a7def94d8fd2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
16612
x-request-id
161191856
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-40e4"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
text6.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/text6.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bd572090883bcc5dac1ee41b72ad36a3bda60eabcf3a8f4912d3860636640326

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
4010
x-request-id
161191857
last-modified
Thu, 26 Oct 2023 06:37:01 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090d-faa"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
conditions.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/conditions.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
44a53e09ad6266849dbf0bf81d670e933c4072f6bca2961bfb97e7ec2570a4f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
4382
x-request-id
161191858
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-111e"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
dti.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/dti.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
309a1ec040b90186e8bd76ea73eda64f7aff0eaf326d0c28546699993d0bd3dd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
4068
x-request-id
161191859
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-fe4"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
cta.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/cta.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7ed524681c8f26b8f77c73f83b736ffd170c3417ead94f4fad38f78c746fa98f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:44:41 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1445
x-request-id
153912836
last-modified
Wed, 25 Oct 2023 12:15:37 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653906e9-5a5"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Fri, 24 Nov 2023 16:44:41 GMT
hw.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/hw.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
06eca77911c52c8c51c81166043013d81d67efa2dba421d5d5a0db7f9b9da880

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
3935
x-request-id
161191861
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-f5f"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
logo.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/ Frame A875 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/assets/logo.png
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d53061b329e42c194f8f1920384802008342fa76b98b474070594fd1d152d837

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:00:50 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
1903
x-request-id
161191862
last-modified
Thu, 26 Oct 2023 06:37:00 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"653a090c-76f"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Wed, 29 Nov 2023 23:00:50 GMT
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 18:58:25
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:52 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
135
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
75708447d1e1f2f5ac884209add376a0
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 03:31:47 GMT
bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame 1D1F 		754 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:12:43 GMT
expires
Sat, 02 Nov 2024 03:12:43 GMT
last-modified
Mon, 30 Oct 2023 17:07:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:31:47 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D7E2 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 03 Nov 2023 04:28:09 GMT
playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 		171 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
NY-267
cdn-cachedat
04/11/2023 16:02:55
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
54479ff7ea931664a438b70100ba57b7
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
activeview
pagead2.googlesyndication.com/pcs/ Frame 57FC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxf31VYF28iKC9o6JTDUjB1kFdGU5EqYsX639xcG9LeZ8JGJinZ7X9w42iw2cpFFbQneN3xic0CFIGDlJEK0ixfo-uMN8frVl50ku9-UNovP5Lbxg4KZpDyGwCsM0TKZ7FhTIGpJ1wXA&sai=AMfl-YRa_z4VuWVmMzY47xFIo_TtEArJobeR3pGEL4050tOplBTJcfSmPzC8-aBOi-g0fxyN3d5LivB8bAROaJe4F7HebUttG1t2sA8ivY7HZcw8oCTFmHeZGaBt-a4&sig=Cg0ArKJSzEOcGNoFf3wUEAE&cid=CAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE&id=lidar2&mcvt=1101&p=60,295,310,595&mtos=1101,1101,1101,1101,1101&tos=1101,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698982305782&rpt=652&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame A875 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=0.6579109146240971
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/30NOW_November/IPROSPECT_IQOS30_300x250_de/index.html?clicktag=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2F449f5b35d42da36136c4a7bb695acef1&=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:19 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx0000015bdd5c9ed468257-0063765d71-32940f80-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
dv-measurements4866.js
cdn.doubleverify.com/ Frame ED19 		421 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4866.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0a1e8eedc94c0cedc3c62afbd806bbc36b5863094f2fb961d4855cd53a7ec407

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 09:58:47 GMT
Server
UploadServer
ETag
"710a3afbd65b017c09a3291207341050"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101293
Expires
Sat, 02 Nov 2024 03:31:47 GMT
dpixel
cms.quantserve.com/ Frame 32D3 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDurtF_WZxU0nUsi7h1ijzg&google_cver=1&google_push=AXcoOmQ-uV55VJCTrLX6DSgIsXRFDdTi9v82dtZHgQeKIh3Gp8yZI8pnZTqGgAaFsI7NwlsFjrfikPMAmXUg3oHhttWovKdghZi9RNzrm3ISqHXwKCflAi4C4TIEEjAuXTaeg8Q77MFESR8qEc_Kdec74my2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 32D3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEINx5oYWTp9a4s9EZICrB2Q&google_cver=1&google_push=AXcoOmR0geJoOFO2ntPw2i7bNamXE3xtACAuaBThSp8s_rCDJL4E1PUKT0pywsr-_k51jurpbi3RO1N6N_HFNagG1Gcw...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559730638919969&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR0geJoOFO2ntPw2i7bNamXE3xtACAuaBThSp8s_rCDJL4E1PUKT0pywsr-_k51jurpbi3RO1N6N_HFNagG1GcwODItSmQUtuHlBcTvdpi5MM8DrRTDPjYvI6cXJt167s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR0geJoOFO2ntPw2i7bNamXE3xtACAuaBThSp8s_rCDJL4E1PUKT0pywsr-_k51jurpbi3RO1N6N_HFNagG1GcwODItSmQUtuHlBcTvdpi5MM8DrRTDPjYvI6cXJt167sV9Qh9eHugZWCIcT-_rTNTz&google_hm=y5VWE51pTdS5aBYvj6_0LQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR0geJoOFO2ntPw2i7bNamXE3xtACAuaBThSp8s_rCDJL4E1PUKT0pywsr-_k51jurpbi3RO1N6N_HFNagG1GcwODItSmQUtuHlBcTvdpi5MM8DrRTDPjYvI6cXJt167sV9Qh9eHugZWCIcT-_rTNTz&google_hm=y5VWE51pTdS5aBYvj6_0LQ==
date
Fri, 03 Nov 2023 03:31:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 32D3 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRhBKxwGNsfH8lU2f8a7kSSmiXR7lXNt906NnuaVq3hpiyIyTIClpyya7iFpTQxn2kkvp-CGC9myMSI1qZaylZx1M_LWhLEqhTNGij5_nIv41yJMuccr6PejBbzBwGPoVUliCPQ8C7M7JaLMSZYpbJm&google_gid=CAESECwUENL7sEO0VTqb7WEJIbk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:46 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
243648
expires
Fri, 03 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 32D3
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTTKLFxuwbyKQam49mePhq-aTAFCpC86ILVcGDoMEQ9GOiONpDU1w_16MAtkxt8Yv71Ac8ZCefcJjJZwfFpmhbjX6rXPTo8pdIp1DLJry3mD4jaLtUyfhZWy0P-3l4pLmU3bGX05rE6Bzu0NEaI8vnw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTTKLFxuwbyKQam49mePhq-aTAFCpC86ILVcGDoMEQ9GOiONpDU1w_16MAtkxt8Yv71Ac8ZCefcJjJZwfFpmhbjX6rXPTo8pdIp1DLJry3mD4jaLtUyfhZWy0P-3l4pLmU3bGX05rE6Bzu0NEaI8vnw
date
Fri, 03 Nov 2023 03:31:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 32D3
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENW0L98UfoFqAMbY-ZYn4II&google_cver=1&google_push=AXcoOmTco1NF41gwUwg2Pb9dt7yIZoBFbIS3mDpLXvA6-zJOFURJJumi88nUiw7NZ5gnURs5OW_u19oj1Vh_LYO_3...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENW0L98UfoFqAMbY-ZYn4II&google_cver=1&google_push=AXcoOmTco1NF41gwUwg2Pb9dt7yIZoBFbIS3mDpLXvA6-zJOFURJJumi88nUiw7NZ5gnURs5OW_u19oj1Vh_LYO_3...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTco1NF41gwUwg2Pb9dt7yIZoBFbIS3mDpLXvA6-zJOFURJJumi88nUiw7NZ5gnURs5OW_u19oj1Vh_LYO_3YzDCCg_Q45rJRsVzyDP8QjvF6zNnX-LtpjLUNWWULzhR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTco1NF41gwUwg2Pb9dt7yIZoBFbIS3mDpLXvA6-zJOFURJJumi88nUiw7NZ5gnURs5OW_u19oj1Vh_LYO_3YzDCCg_Q45rJRsVzyDP8QjvF6zNnX-LtpjLUNWWULzhRlEZdlWXol7H4pmh4orurJAR&google_hm=Hl6TJGZHJ0yzGRhuS46cxQ5i
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 03 Nov 2023 03:31:48 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTco1NF41gwUwg2Pb9dt7yIZoBFbIS3mDpLXvA6-zJOFURJJumi88nUiw7NZ5gnURs5OW_u19oj1Vh_LYO_3YzDCCg_Q45rJRsVzyDP8QjvF6zNnX-LtpjLUNWWULzhRlEZdlWXol7H4pmh4orurJAR&google_hm=Hl6TJGZHJ0yzGRhuS46cxQ5i
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 32D3
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEFj0DFGXk20xlyNDGFG3peI&google_cver=1&google_push=AXcoOmRkmBlhTiM9HatRQmCRDQ0qQwNCrbCe5kiF5tgvuiEdNfiXwEGtmwFFqzGc3YfOWBY54W4LV1XnfIgm_s9VTZKsLC...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFj0DFGXk20xlyNDGFG3peI&google_cver=1&google_push=AXcoOmRkmBlhTiM9HatRQmCRDQ0qQwNCrbCe5kiF5tgvuiEdNfiXwEGtmwFFqzGc3YfOWBY54W4LV1XnfIgm_s9V...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kWm0efzeTRSWf_L5boDd_A&google_push=AXcoOmRkmBlhTiM9HatRQmCRDQ0qQwNCrbCe5kiF5tgvuiEdNfiXwEGtmwFFqzGc3YfOWBY54W4LV1XnfIgm_s9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kWm0efzeTRSWf_L5boDd_A&google_push=AXcoOmRkmBlhTiM9HatRQmCRDQ0qQwNCrbCe5kiF5tgvuiEdNfiXwEGtmwFFqzGc3YfOWBY54W4LV1XnfIgm_s9VTZKsLCmK29ZwHq3DbiJosidjaFFVGuz2WMA_EIcGvWK5xGHTSao4Fy1vWIAz0qHbxog
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kWm0efzeTRSWf_L5boDd_A&google_push=AXcoOmRkmBlhTiM9HatRQmCRDQ0qQwNCrbCe5kiF5tgvuiEdNfiXwEGtmwFFqzGc3YfOWBY54W4LV1XnfIgm_s9VTZKsLCmK29ZwHq3DbiJosidjaFFVGuz2WMA_EIcGvWK5xGHTSao4Fy1vWIAz0qHbxog
access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:47 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 32D3
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECmai7VSf079k1HJyPyJv6w&google_cver=1&google_push=AXcoOmTSZxjaB2FtNegvStBIbYMHyZwrnWx1V_IQ6R1yPiKXDhRzBerpg-inLxq3U4Foz1KqgLFU3mjI-VuSUjJMqFttnNBOM...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxOTgzOTA3ODI4NzY3NTAwMFYxMA%3d%3d&mn_hm=MzQxOTgzOTA3ODI4NzY3NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTSZxjaB2FtNegvStBIbYMHyZw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxOTgzOTA3ODI4NzY3NTAwMFYxMA%3d%3d&mn_hm=MzQxOTgzOTA3ODI4NzY3NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTSZxjaB2FtNegvStBIbYMHyZwrnWx1V_IQ6R1yPiKXDhRzBerpg-inLxq3U4Foz1KqgLFU3mjI-VuSUjJMqFttnNBOMPJosN-OeqVQn1M5deskxSZ03tARKIhmLwrUk3wQWWkKhbIfw6joV3rx5Kk&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:47 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxOTgzOTA3ODI4NzY3NTAwMFYxMA%3d%3d&mn_hm=MzQxOTgzOTA3ODI4NzY3NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTSZxjaB2FtNegvStBIbYMHyZwrnWx1V_IQ6R1yPiKXDhRzBerpg-inLxq3U4Foz1KqgLFU3mjI-VuSUjJMqFttnNBOMPJosN-OeqVQn1M5deskxSZ03tARKIhmLwrUk3wQWWkKhbIfw6joV3rx5Kk&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 03 Nov 2023 03:31:47 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 32D3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEI0HqaYv6-TS7eR_iRIWr6tzh1NrFXDa7qhNBXYvz8qakfpoFYopthOn8-L8b8-JNfkdh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je3b11v9134755342&_p=1698982304191&gcd=11l1l1l1l1&cid=65000381.1698982304&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698982307&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dt=%E6%B7%B1%E8%AC%80%E9%81%A0%E6%85%AE%E8%AE%93%E4%B8%8D%E7%95%B6%E9%BB%A8%E7%94%A2%E9%81%8E%E5%88%9D%E5%AF%A9%E3%80%80%E7%B6%B2%E8%B4%8A%E9%99%B3%E5%85%B6%E9%82%81%EF%BC%9A%E5%8F%88%E5%85%B6%E9%82%81%E5%8F%88%E5%8F%AF%E6%84%9B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5704
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0cb7eb71-8710-4963-9b8d-17943856b357
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/0cb7eb71-8710-4963-9b8d-17943856b357
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
7bd8afb4-941b-4bff-8723-786e72302616
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/7bd8afb4-941b-4bff-8723-786e72302616
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
e5d489b3-dbca-40c3-9c8e-e51a124bd791
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/e5d489b3-dbca-40c3-9c8e-e51a124bd791
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
adplayer_privacy.sjs
imagesrv.adition.com/js/adplayer/ Frame 999A 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7297073445048748812&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7297073445048748812&btr=true&pos=top-right&cid=558342&aid=558342
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
ef8dca515116a544cf53d6c82059863082b91c5f1e4faad65fcee9330f4305a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
br
content-length
6039
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
bg_1_120.jpg
imagesrv.adition.com/banners/268/01/03/c1/23/images/ Frame 2DA9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/03/c1/23/images/bg_1_120.jpg?1656412763772
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
19442eeceb09ba614ca6ee07b22598363b9c03109682cb01f27aec8a54f8730b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:47 GMT
last-modified
Fri, 14 Jan 2022 07:49:19 GMT
accept-ranges
bytes
etag
"3547394822"
content-length
15385
content-type
image/jpeg
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
cdn-edgestorageid
864
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 19:01:47
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
301
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
e14b09fd352507c86cbeb72f1891b80e
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
visit.js
tps.doubleverify.com/ Frame ED19 		724 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=252&ttfrms=29&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3E65%3A2%3A%3FE6%3D%3D%3A86%3F46%5D56TauEC4%3CTau69E%3E%3D4%40%3FE6%3FETaucch7d3bd5ca52be%60be4c2f33ehd2467%60%5D9E%3ETbuEATbs%40%3F6E28Tae4%40%3FE6%3FE%40%3F%3DJTbsECF6Tae424963FDE6CTbs%60ehghgab_eU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau2D%5D25c%3E%5D2ETar9EEADTbpTauTau%3E65%3A2%3A%3FE6%3D%3D%3A86%3F46%5D56U2%26C%3Dl9EEADTbpTauTau%3E65%3A2%3A%3FE6%3D%3D%3A86%3F46%5D56TauEC4%3CTau69E%3E%3D4%40%3FE6%3FETaucch7d3bd5ca52be%60be4c2f33ehd2467%60%5D9E%3ETbuEATbs%40%3F6E28Tae4%40%3FE6%3FE%40%3F%3DJTbsECF6Tae424963FDE6CTbs%60ehghgab_e&srcurlD=3&aUrlD=3&ssl=https:&dfs=81&ddur=135&uid=1698982307853617&jsCallback=dvCallback_1698982307853710&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4866&tgjsver=4866&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Fehtmlcontent%2F449f5b35d42da36136c4a7bb695acef1.htm%3Ftp%3Donetag%26contentonly%3Dtrue%26cachebuster%3D1698982306&fcifrms=10&brh=3&dvp_epl=612&noc=4&nav_pltfrm=Win32&ctx=23723680&cmp=25&sid=50003&plc=418380&adsrv=0&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=483017716.9616478&ee_dp_sukv=483017716.9616478&dvp_tukv=2964954.1771704224&ee_dp_tukv=2964954.1771704224&dvp_tuid=1211382914341&jurtd=1500502348
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4866.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
57a78e81c705bafd323bfdfd88e00fb2c448120e53af8bcd87bda687f6debb69

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:47 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
11/02/2023 03:31:47
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 03:31:47 GMT
bg_2_120.jpg
imagesrv.adition.com/banners/268/01/03/c1/23/images/ Frame 2DA9 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/03/c1/23/images/bg_2_120.jpg?1656412763773
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
02ba78c0231b2b63196b67715fad60c4e09d1e2f5074408b1ad856d59be305d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:48 GMT
last-modified
Fri, 14 Jan 2022 07:49:19 GMT
accept-ranges
bytes
etag
"3256217860"
content-length
18552
content-type
image/jpeg
adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame 999A 		3 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7297073445048748812&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-encoding
br
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
etag
"524465627-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
918
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-164
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
829957
content-length
345356
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
a16bce5cf6281cadfde099f528b6955a
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
activeview
pagead2.googlesyndication.com/pcs/ Frame 212C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstslUjXWE4-r11YA0toZFJKWkvt7Xg82Xc4INO3AVE0OhOYQCUWQw97QTtGAiUUkJB918Ld5IuaDYHtOvo9d_KV2TVcFca2fjOpCkuyp_sVeCzBZmVZuTRYU4myUnrE&sai=AMfl-YQaFqdWRLlzweu_HtV-Je_G5e7C0kfgKU-JcdInKP8aUApdgMDy1JAORVqekpcp7SD1M4KvNfAI1_-fxpWCYvNGzSfzq-UtocAR5Q8p541IWLgcG9lcxPaiW0I&sig=Cg0ArKJSzAJq0em6RTmbEAE&cid=CAQSOwDICaaNmyrz3Uys5UTcz-4bMdNSmUbElg7iFVB2KUlE0z_GFrn0Of_82h5O6sgNpmhYled4wyb7czy6GAE&id=lidar2&mcvt=1081&p=1110,315,1200,1285&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698982305807&rpt=1129&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E69C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=3523048316238567&bg=!enmleTbNAAb4oU7C2KE7ADQBe5WfOHeOGwlUHiO5U2hZkUcehHSNl_f05MeikA4bVBiQr3LaKnkf4U-1qwZpOeMlhOO9AgAAANFSAAAABGgBB5kC2UR_dhuGkx3PfWr6i7r1khcR2c_69_JobSTR_jZOyVyT95yCSlEEjlHDbd3XuQURSDTFAavesO0YhqaLqcAtLK546hECDVj5ml6sR17RBmL921U40zN9VPYThwRiCbmcDg2hiObaJpStfBpcTA-Lq1XIuPaCqEPxF-9PrxlNOAY8eVuKXFLC3ipswo4R67NFOGppBvJXAVl6werUpQkE61Re-sbjtxT-U8ANWywJdi-gRozUyeoyX3jFxgjN3Endt20_1HCYp7xH90_gK1pyFmSIXu5qiCa632ISOeq_5lvRhDCv0Ky9BdtcJ53W9p2P6sBTNxBFMAVJ9xBqsqsY_J1P3QAmzycgl46_oISTwTtFx7W1XI7ofvNsYanlu-d-gVII-OSQ52XQLAtQu16VcYWfkfaZ_16PlfLJRRaVn-MJc430TiVwRG_uJMEINJlDgK15EJbKW7HLQr_mKI4Zxhb2IvkUhgRj7xmnycdLfGucffwOEZWnoeEO0T8J9B3bi_9706Y3daqGn42dZaJsBFYtJNhaVQT4_Dv7iVOM_pOyh0-6i4RorPnPCDZavU31SDG2Aok7WyYVtD9G-juMebIfqtiRzsMxunvhaJeuI5FpVRq_uMx-nfLxdEE4zrA2N72pkKdfSmlI9DbaTYEayD4Wl5Wh9tprtSsPEAWbruN9_cJk7MAJfkL3il3UpWc88yMp1XyCDmpSTII68ZmfLYmC0RiJ8e8EhMI_Gu_66LSwOPmDR44z_zELkK4eQxwO0M98qX7j_AI6U22w51P7JuKpDnGu8Ko4LGNgf7kCqNotenf-nNUUAhOwXkfE-zhaFbg2epnk9ttJzxNhmYCJtVPglf1U_4zcPIDHyQ54lsissuxoi9W94bcBB7_khqd-a3OgxqWYmgVJVvfyGExNChJft9ZmSPOPNnym73F0yYHGxGtD4ihz0QPkRIM7nwZsDpAKbpm77wZbPw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bg_3_120.jpg
imagesrv.adition.com/banners/268/01/03/c1/23/images/ Frame 2DA9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/03/c1/23/images/bg_3_120.jpg?1656412763773
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698982306&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698982305873&bpp=109&bdt=626&idt=281&shv=r20231101&mjsv=m202310300101&ptt=5&saldr=sd&cookie=ID%3D307be2235f26f96e%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_Mb_RxKxWPqViw4y-eoP1beyP0u5fA&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=1015684392095&frm=23&ife=1&pv=2&ga_vid=65000381.1698982304&ga_sid=1698982306&ga_hid=754037170&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2909&biw=1600&bih=1200&isw=336&ish=280&ifk=1328499802&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C44805934%2C44807047%2C44807462%2C31078297%2C31079328%2C44803791%2C31079423&oid=2&pvsid=399751795879316&tmod=1607923168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.l7uv2uwh1lbv&btvi=1&fsb=1&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
9df8c7ef5f36a7b12cab996ba25c8ac2498558bb64bc69588e4aa20c30548aea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:48 GMT
last-modified
Fri, 14 Jan 2022 07:49:19 GMT
accept-ranges
bytes
etag
"1478145505"
content-length
13748
content-type
image/jpeg
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57FC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2986441337857&version=m202309260101&ct=77&x=1&cor=9903877684605800000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame 999A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:48 GMT
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges
bytes
etag
"502461915"
content-length
3262
content-type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 88AE 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_fy2021.js?bust=31079328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc60382f61ecc1fa0cf0f32bfc803a5cdefc6ea5f23c6a0744cd3ee0ccba08d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12222
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95d7c8acb16387c958294971ba667ee04057fe3fbe4293b6ea10a1d0e635ac4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12071
x-xss-protection
0
syncframe
gum.criteo.com/ Frame D39E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:47 GMT
server
Kestrel
server-processing-duration-in-ticks
298408
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
logo_img.png
imagesrv.adition.com/banners/268/01/03/c1/23/images/ Frame 2DA9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/03/c1/23/images/logo_img.png?1656412763773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
166c42a322eda48a1e0be2c9c71a28f66c325d3e4cb08e77bed5c89e14838b4e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEm3SomlEZYDEEMrFkwPmo6CACMmB%5F%5Fpz0f6cspgSl8%2DivcABEAEg0syBGmD1BaAB%2DJPauQLIAQmpAif4hjzb4rE%2DqAMByAObBKoElgJP0Jd4LRhrHqF9RpMeb4yr2%5FENaERDKwMzGbd1fKz8gsrbbAE1UMbhTNJshboOagE%5F0g7pOnnNddv6%5FXGtU1HiLN1TFoi7xdGVCcvYlf47jk%2DI6RlMT8oC%2DIv%5F4oDUfRKd6g8tqLEyxqsV9%5FeMBGK1zhiBhM%2DblMqKuKpnYMtzFPye6dudBFNRTtj5fdW3Fw7D7uTDBwhoRs0s5qp2LyxK9bNqBJpYjBaiIUFiGUrbD5Nl1wOaF8oSLs55%5F1RDvDt6fPBRN3lqafgaQmhytJJbhE8gOB9PI%5FB66sJ38D7GVjWJFxDc5EkhiUGhpoUYqLWd2AbadM3CDiLukRmVBEByVq%2D4x3t9Nccc8bxK0%2DVksaDpSBMJgMAEy8anj8ME4AQDiAWejYCDTZAGAaAGTYAH8OulxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATneiuFdATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN93vciQph5Ld0nXrcTK1uOTODYM9AWb1iWtQ5dp8pnLb0uh5wZqo09WbjUuqWu5Qp8SJHk6wKGAE%26sig%3DAOD64%5F2Jkk3BPkdEJYRcsD9Rd5RGZsBHGw%26client%3Dca%2Dpub%2D4485239425924787%26dbm%5Fc%3DAKAmf%2DAExTQ4ZcapZtCFgb4a13f49GzCSTAf3AcrCfR2YVBrdRGedV7XYG1fHzHBN8doApf1ZpUXtcif4I5lBxkaKZVIliD7M2UkkLJBLl8OTmFVP8I1WMSh1Mmv%5Fik4979JuvBhrla3SPy8kfZobiMFpq8q64Pu3%5FMz98eX7n0uEHQifQGZf%2DQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDD23m%5FY66bdWM62tXZabICLmLRNCto3jTu4dMWsQvQfwWRa%5FbogzOA2qzY%5F%5FpPJlOUj2imafsEwJWf6CUvWgk%5FsokYZEKZFkbiWs337IWfapYniHz3ijYxFYLhWGt3sb4wn1fZOp8eM3NvD6oB48OHxjp%2D%5FJYlDE5gGwc%2D99rwwyAr0ZH0JQCs93i0WqB8NPsSGaOrXplKAXQLUFlYqgBAkuvqZk8Wrn6OGGHulrAtRfRCeFHOfrqihRYrIJzP9jwzRUrUOEuZu9O6vHuq74AzNJGiQlm0TtElTZKEAaCvXL2xlAsknDRdKjlaLjLWmNfiIbtPYRavjV%2D1WiXGSKNeMuaeyt%5F5SsQf5Ae0lrd874B7f3vjjba9yEo2k6loY2V4fm9yVf6BTtTMQKDuXow85vj%5FQlW3ewyhePp8WoC88rGty9ITYbbG2dpuhuvRbqhTo3SBR0aUsuIIvlQtIRgY6y9273DEx7tNCE8iknwrFP0PlOOOVo0Kl3FqHUH346pLn%5FivuShdc00mohb8ZvP32xoSxhItFR1hMiMJl52lKuG%5F%5F2IyJi02psLNnI1evvxFGNIaSwgTcnn3Tp9ixMcAddnB85PSUWB3Nf924eNSy2LocAXZWYiM%2DHE3%5FiEDJoMM6EwDxcw1Y3Ndmq%5FTT3%2DwjAoIIP6qvA1FvUdG3bxM7wEF5Kg%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7297073445048748812%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D41352%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7297073445049404425%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7297073436466217318%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D32661%2526keyword%253DPACS%25255F4787111%25255F17068013%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:48 GMT
last-modified
Thu, 30 Sep 2021 12:59:23 GMT
accept-ranges
bytes
etag
"2878649034"
content-length
1858
content-type
image/png
viewability
hal90004.redintelligence.net/ Frame 75C0 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=42819400009565104438466012497004&a=7c678ad1&vb=v
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=42819400009565104438466012497004&a=7b219b1e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90004.redintelligence.net/request_content.php?s=42819400009565104438466012497004&a=7b219b1e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:48 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BFA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2Kjeo2lEZZjYAeSxlQfm1J_IBQAAAAA4AeAEAg&bg=!KSqlKmXNAAb4oU7C2KE7ADQBe5WfONh_trx0KA5LDAE6Hbi0AGv9u1KJXcdi5bioAyM0jvka5o7_q7gpSwCRrgFTgTM-AgAAAppSAAAABmgBBwoAHqfwJlkK06o4qzmSlThg7uv4UG8Q3sIwZWCMqk3G9ZkDDWfXfN6Bp34DMho_4FmOSsQqHbG0OW2RtrJEcPZvV6a9IqBhMsNlOuvedUABFi_GmJ3PWxWC7CearY4yX_K1l5eyI-2PGpjDMhPPaLBp5jRG8XiRRM9lZ3ye0KuC6_o3uD1qplh-6CW6Z0phsu1p6QujHXFmNb_QN3wgLvqCWll--lusfF4XexZ1fodBqzfb5jG68lh055taDVhUoRuZU9xNXcUdCYBCbctkr-ptMdUTL5x6vR9ELselMpJS5JJBiFLuO84e_1no7swjWM3u6uGeOl8QGphorTmXQyAJqkIy_K-WvscfYM0Q5eLZxUDz59TycEwe78EYF0xpbUzxQK9euSKCMVcEDqTpIYCG2aJbxNKXP600vqMLRXeHgNKPoQwNgem00dQG6qbdVHJjA1GFCYP1yp_5Dd0n34wHRIbKmu1witc8-oqojWxDet2kY_U-aa8z91kFcdHgtFMnW766HXLoVcouSK-I7tZRgM0yRTq45DO66ZCmfSSeXdIui9VbiyaWmLGMpqg4rMKpYI4NaFDfZ0U8p9CedftsrgkwD744RpIkaaMZaRDGo5Yb4hsNfxzKQFrLByXerjjSpSAKa6xG4VWJd5zOJNbPTq5RExAR2Q7S5i1LxlgZ8QM-g9ytm0ED5mULXcA8uNJF_ws5NFbxfH6G48HFwBjcXAYZVrdGWxZ6w5aabBd7WmMkFbYHqoIWts4OGTxLsr356zxIZhPDEqlWJVcV5tgsLS9U8Vyz3w8Y2poLQwvpnv83hbb00D6woyWhiFr3G2OZQM1wksKRQFNOsi49OnETMkUyDH5nnTw7IqgAhj-gXhlBLI4VLLLm0fJWjwSuywF1nc0kHxU87dlvjAVj9aTNTFd56A-sNG2aQffDJBgzEctTmabMqC4fZia2-nmy6tEcVqD5xuB8zzK1P2u3tVQpudRifEhkEPvva5hvGuFBCuqlB6OjmAJI8-QaprlkpDyxAYqWdNcsrFmOjI-X0whyyeZP-xFep30memAeXquTj4ylM4WkhrCTijeEQzkJxPs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame D39E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=BonBR3xZbENHOVEycXFhRlBmUWZSWVJreHlESWh3N3k5dngxTCtEMy9SZFZxcEZSeU9laTZQaDdxcUVkM1FadTZ1SmJKM21yMm85dnhRSWlhRjQwQnFZZVJOU0VDWnc2ZjJ0K3ZTeU1NdkNRbnBFbEtjQjdtOHNOeEl3bD...
433 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=BonBR3xZbENHOVEycXFhRlBmUWZSWVJreHlESWh3N3k5dngxTCtEMy9SZFZxcEZSeU9laTZQaDdxcUVkM1FadTZ1SmJKM21yMm85dnhRSWlhRjQwQnFZZVJOU0VDWnc2ZjJ0K3ZTeU1NdkNRbnBFbEtjQjdtOHNOeEl3bDNXRjNwN3ZQWlJZUWhhZlEvdVhLM0hDRUk0QUtBRXZ2U0UrMDBBYVNrZlFhdzlQaE5FNno3NmFKb01GRFZxWXpoRWtzMTUyUHBxQllnUFFtVU4xTlVqK2RLU3cybUhpSmZkV0pUNTFUa0lLbnBtMGsrRUZuRWovWVA4bTVoU1UxaGtkMUlnOGxueWY1MTgvQS8xNjZrQkVUUHhLN3o0Zz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
24f060023333a658168ef0d059edccac7f9bcf6390724e841147a1b50fa5ed96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1165472
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=BonBR3xZbENHOVEycXFhRlBmUWZSWVJreHlESWh3N3k5dngxTCtEMy9SZFZxcEZSeU9laTZQaDdxcUVkM1FadTZ1SmJKM21yMm85dnhRSWlhRjQwQnFZZVJOU0VDWnc2ZjJ0K3ZTeU1NdkNRbnBFbEtjQjdtOHNOeEl3bDNXRjNwN3ZQWlJZUWhhZlEvdVhLM0hDRUk0QUtBRXZ2U0UrMDBBYVNrZlFhdzlQaE5FNno3NmFKb01GRFZxWXpoRWtzMTUyUHBxQllnUFFtVU4xTlVqK2RLU3cybUhpSmZkV0pUNTFUa0lLbnBtMGsrRUZuRWovWVA4bTVoU1UxaGtkMUlnOGxueWY1MTgvQS8xNjZrQkVUUHhLN3o0Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
268033
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 88AE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_fy2021.js?bust=31079328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:31:48 GMT
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		318 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-51
cdn-cachedat
10/31/2023 18:48:10
cdn-pullzone
829957
content-length
325240
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
649
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
5638f3044928261614244ae595f24029
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:31:48 GMT
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		391 KB
392 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
08/02/2023 03:56:22
cdn-pullzone
829957
content-length
400064
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
86
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
2cda83dc92cb6c8b314dc4687fdd035c
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 03E7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
27110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 19:59:58 GMT
expires
Fri, 01 Nov 2024 19:59:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F436 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
63e5308ad4df69f4389142b81c35a933698ba191640b7bb50debf737b07c4ec0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J4nfAQVvPtTuXw_TryeKZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J4nfAQVvPtTuXw_TryeKZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Fri, 03 Nov 2023 03:31:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F782 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
27110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 19:59:58 GMT
expires
Fri, 01 Nov 2024 19:59:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 05D3 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e815f23b6a174d8f3c92d50e9f197863173672f667bff4a9bd5a12b8ece50dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x4GzC__ODu1-tvXxcpY5KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-x4GzC__ODu1-tvXxcpY5KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Fri, 03 Nov 2023 03:31:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame F436 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=399751795879316&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
200626
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
187711
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e9c19ed28bccaa4e32d36ec044a8b462e7cf210f304a7280940481491917adf4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 03 Dec 2023 03:31:48 GMT
usync.html
eus.rubiconproject.com/ Frame 4675 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Nov 2023 03:31:48 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 95FE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82018be348146aa0-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:48 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame F52B 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1698982305332
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 0D99 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 03 Nov 2023 03:31:47 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
checksync.php
contextual.media.net/ Frame 1918 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa4b5ef71883340d967b61fc5306164dd24a6ae92b3c3438834a39fea1b61b54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8515
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Sun, 05 Nov 2023 03:31:48 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame 895E 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 03 Nov 2023 03:31:48 GMT
pd
adpushup-d.openx.net/w/1.0/ Frame 2B75 		653 B
725 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f0c0bd4f8fd46f4328b4386edce4f6333299ce8132c24a863e2432b7c9183bbe

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
413
content-type
text/html
date
Fri, 03 Nov 2023 03:31:48 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame 7FB0 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
63122
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 02 Nov 2023 09:59:47 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-id
UwT6zGyz8iDQpgZEoKvDo5Jo2ueUU5HU-PSRkKPQoCqSuSehpfxV9Q==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0A89 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 03 Nov 2023 03:31:48 GMT
ETag
"623de86a-cf34"
Expires
Sat, 04 Nov 2023 03:31:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E02F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1080
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82018be34f5f23af-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Fri, 03 Nov 2023 07:31:48 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame 05D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310300101&jk=3389567392143493&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 03E7 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:33:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
115083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:33:45 GMT
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		320 KB
320 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-576
cdn-cachedat
07/16/2023 19:53:18
cdn-pullzone
829957
content-length
327308
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
276
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
9db8a6c446f6b4bc966d5454e366eb19
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame 212C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7210319540276&version=m202309260101&ct=77&x=1&cor=10474873840945220000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame F782 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:33:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
115083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:33:45 GMT
usync.js
eus.rubiconproject.com/ Frame 4675 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e85e099758968e12502438257864835ace171ce312c8bb951649b9ad8c95fc83

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 23:30:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71819
Connection
keep-alive
Content-Length
13281
Expires
Fri, 03 Nov 2023 23:28:47 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 22F1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84491922c43030c1587d93ab1a0a854b813be962993c1de1ab94d0559f9eaf6b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82018be3ab0523c7-ZRH
content-encoding
br
content-type
text/html
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqb6HzH%2Fs%2BIRFK9hLsEa8w6bjJ1ARJpqM0rBSBvD5KuCUhfO3ERzWT6CJn3uFbt3d8kMaBIzfDrYDtSSQC6lXQKBjJXQDosMKDvLSwoK3vja2O2LI2YEo59PSTRd0%2BjhZeNsl3pOjq8CpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame 2B75
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yMwXzcjAQsjTzxaYysEOn5qbFMHTnRXNn84OnzGv
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yMwXzcjAQsjTzxaYysEOn5qbFMHTnRXNn84OnzGv
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yMwXzcjAQsjTzxaYysEOn5qbFMHTnRXNn84OnzGv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2B75
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3376543238220108584
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3376543238220108584
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3376543238220108584
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2B75 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=064f71f3-5d6b-c067-3b85-edb3acac48db
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
30NVBS97YSSPQT493ZW1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 2B75 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=5e990d8e-41c1-7b9d-fb8b-6f24c49f833b&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2B75 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJmNmRlNDQtODhiNi0yNTM5LWVlNmItMzU5ZDBlN2Q0ZDVi
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2B75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6a9gJNktQDXhjHcjg4GW4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame 22F1
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZURpotJ3N8GOWqBdq-1wawAA%263286&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8058251235013482105
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80&rd=Y
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80&rd=Y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 03 Nov 2023 03:31:49 GMT
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80&rd=Y
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Fri, 03 Nov 2023 03:31:49 GMT
crum
dsum-sec.casalemedia.com/ Frame 22F1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8387421531271171339
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8387421531271171339
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCzBjrzw07NfX7yhMjyyUAJZ7LDf%2BbKNLh6y%2FjlL6eRpVN7mPPDY%2F%2FrD5vQJVlmyliZ4IVni%2BvS8GJN3oq5W5U2z8LgFwAzIejGWGPueyMyuDcA8IcPT1PWMR7nOLHbIwZPd%2BHYJkZxr2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018be46bba23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
an-x-request-uuid
37a64670-3a18-4b0a-9a2d-e99b5301b274
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8387421531271171339
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 22F1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=1QBtBtUMOAPOA2xT1w10VIdXbgrOUW8GggKi6Vpm
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=1QBtBtUMOAPOA2xT1w10VIdXbgrOUW8GggKi6Vpm
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7W23R89oWqDAZXJiToDYQbHpTgbV4pO16bH9VcpLCT1uGzK4QKr%2B6ssOkRu3Ti8o%2B0BAxyV1F8hTSRVtvKWGn%2BEgi%2BitiuwjAwvaAilZpEDeDN4UdQWBblLoyng0SQvp1KW%2FrS9OrK4qmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018be46bbd23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=1QBtBtUMOAPOA2xT1w10VIdXbgrOUW8GggKi6Vpm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 22F1 		43 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1698982308341066-423
Expires
Fri, 03 Nov 2023 03:31:48 GMT
rum
dsum.casalemedia.com/ Frame 22F1
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=341699ca7f72163f&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIufjmfkmc5wNVPmECAAAAAAA&expiration=1699068708&is_secure=true
43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIufjmfkmc5wNVPmECAAAAAAA&expiration=1699068708&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m95BM2gQ56EBPRyyF9qCOr2cQhr6omuxbAhJAaaslxA1f2tLjOplC74nNgXAS4Bu7Lc1wdLz4noxXylS5VO%2BUzlOnMgfqX%2BTrNmvGfT%2BdKEcsZKtOfGx3YDFKdIm0DFkP4RhIEp7"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018be56cc223c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIufjmfkmc5wNVPmECAAAAAAA&expiration=1699068708&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 22F1
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=847953322030&us_privacy=1---
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=847953322030&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeqhHKlJETxhsn2ZXaSr442kirmPbBzcBv%2FRJbuyyvj3JMFlGiTfdWtoWDbvCIIgFIuoH18trSVKZ80YCmQua3M6MwcvIiN8TA4fuiI48CpHz%2F3fWvjN9C%2Fgo8C6WEkjINkpEirDMgCNZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018be50c5523c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=847953322030&us_privacy=1---
content-length
0
CookieIndex
rtb.adentifi.com/ Frame 22F1 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.2.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-2-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 22F1 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1dfc:1fae:3d75:f146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame 22F1 		43 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZURpotJ3N8GOWqBdq-1wawAA%263286
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
2795
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82018be4383723af-ZRH
content-length
43
expires
Sat, 04 Nov 2023 03:31:48 GMT
ax.php
a.gsitrix.com/js/ Frame 2F02 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418380&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediaintelligence.de/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://mediaintelligence.de
date
Fri, 03 Nov 2023 03:31:48 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*
13926
g2.gumgum.com/usync/ Frame D513 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.196.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-196-228.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1a05961613fa41eb7e55ca925eeccc8cb78fe2ead75b8c914bdf7e91ea742c5d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 03 Nov 2023 03:31:48 GMT
etag
W/"028689f0ae9fc56eefba9199c9e22a95f"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame A876 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 21F7 		805 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
39716c8099c69520cfe67f906836158ecc28a7f12e838298a04c083dd5537de6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
805
content-type
text/html
date
Fri, 03 Nov 2023 03:31:48 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E173 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d1736c293387569e3edefcd73b690ca8bf5eae8f31790d0ab528da634b80ca8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82018be44ba123c7-ZRH
content-encoding
br
content-type
text/html
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NG7rPfbc2E29v3WsqjzACvk9raVPUdq9lw36%2B1QQftL%2BAsS6eZPOROr2WcNfi3rmVxWprzVLlh2XiDshPhofby9SeWMQk6N1wwTehhOQ5qNfyTwliezb5iG2YczANbuH9f7R4EdBxGy%2F3w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3F9F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Nov 2023 03:31:48 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 03 Nov 2023 03:31:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8DFE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=148914
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Sat, 04 Nov 2023 20:53:42 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 32C3 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9d8513911853a46df44cb59ba3a5d4bff30d88dbafa1a040acb92f54974d5764

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Fri, 03 Nov 2023 03:31:48 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-id
pU8dM5Sqvm_Ih_zByrokE77JAuJr6P_OCIt---O6VppZd5To08oGOQ==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
user-sync
sync.adkernel.com/ Frame 3AA6 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 03 Nov 2023 03:31:48 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 8B54 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.83.246.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-246-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
92ac0b1526eb55321fd239e00c41850da2fea004f1285ad4e623efd62505035b

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Fri, 03 Nov 2023 03:31:48 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 7FB0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8387421531271171339
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8387421531271171339
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
an-x-request-uuid
8985dd89-b3d4-472b-9e8c-867178df3a90
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=8387421531271171339
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 7FB0
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=Hl6TJGZHJ0yzGRhuS46cxQ5i
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Hl6TJGZHJ0yzGRhuS46cxQ5i
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Hl6TJGZHJ0yzGRhuS46cxQ5i
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 7FB0 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 03 Nov 2023 03:31:48 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 7FB0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698982308623
  • https://ad.turn.com/r/cs?pid=45&rndcb=5097535392
  • https://sync.1rx.io/usersync/turn/8058251235013482105?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-5252745e-4c37-4609-a16c-5af8a66ba38d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-5252745e-4c37-4609-a16c-5af8a66ba38d-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-5252745e-4c37-4609-a16c-5af8a66ba38d-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-5252745e-4c37-4609-a16c-5af8a66ba38d-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-5252745e-4c37-4609-a16c-5af8a66ba38d-003
date
Fri, 03 Nov 2023 03:31:48 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5252745e4c374609a16c5af8a66ba38d003
content-type
text/html
sync
ads.servenobid.com/ Frame 7FB0
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5108559730638919969
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5108559730638919969
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5108559730638919969
Date
Fri, 03 Nov 2023 03:31:48 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 7FB0
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=ec38c491-e39a-4422-aaad-afc439955c5d
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=ec38c491-e39a-4422-aaad-afc439955c5d
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-183
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=ec38c491-e39a-4422-aaad-afc439955c5d
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 7FB0
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 7FB0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 7FB0
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN...
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEyAgYMOAI=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.30 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:49 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEyAgYMOAI=
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 7FB0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 7FB0 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.200.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-200-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
sync
ads.servenobid.com/ Frame 7FB0
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 03 Nov 2023 03:31:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 03 Nov 2023 03:31:48 GMT
async_usersync
ib.adnxs.com/ Frame 0A89 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
an-x-request-uuid
8109a7eb-8f28-430d-8477-66812b0fbd27
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		333 KB
334 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-661
cdn-cachedat
10/31/2023 19:00:04
cdn-pullzone
829957
content-length
341032
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
59a6912ddcb9d657b5c90c1500f6cff3
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
log
c21lg-d.media.net/ Frame 1918 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3419839078287675000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 03 Nov 2023 03:31:48 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 95FE 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1293546
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
82018be4b8706aa0-GVA
expires
Thu, 31 Dec 2037 23:55:55 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame E173
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZURpotJ3N8GOWqBdq-1wawAA%263286&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8058251235013482105
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80&rd=Y
43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80&rd=Y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 03 Nov 2023 03:31:49 GMT
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80&rd=Y
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Fri, 03 Nov 2023 03:31:49 GMT
ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E173
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:1dfc:1fae:3d75:f146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame E173
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFHl07KiNMAABhuIJw3Pw&expiration=1700191908
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFHl07KiNMAABhuIJw3Pw&expiration=1700191908
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=be%2F2Hwd3qHjYWuwPjd8w0mp%2BcPUPXYpQFvei8pk5S3AYab9f5IxF5my0tyzH%2BM7sHAJp8ZTYaBarN3SZV189Py3MJQi%2BqWIdhh4TrWkefPuyt%2B6pE3XQFf3hIMBB%2FGjdoYeL4WyaQA7chQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018be54c9223c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFHl07KiNMAABhuIJw3Pw&expiration=1700191908
Date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame E173
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714707108&external_user_id=ecef4d28-1943-4539-a0c3-168d201e68f9
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714707108&external_user_id=ecef4d28-1943-4539-a0c3-168d201e68f9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZrRwOcVoC1TA32jKged4M6k1PyyFxtHje9Ij4UFB9ChXKSTBD1K6asR1w0KPfWzegDRoNzDCxTzlUCj2%2BLh2lCDasOp%2FdEveK4nAKemVuh0rOZrL4qhSl2y1ofQYnMqjxuYS%2FphbZfMtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018be63d8a23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714707108&external_user_id=ecef4d28-1943-4539-a0c3-168d201e68f9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame E173
Redirect Chain
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZURpotJ3N8GOWqBdq-1wawAA%263286
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=a4a3d394-2de3-4077-9a93-71dbd6746471
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=a4a3d394-2de3-4077-9a93-71dbd6746471
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4jehxh3RmAhssXKSq2pwF6TeVwKysW0un8a0q%2BFeBR60SaN20jISieapoPBfLRednSHc3TVLD3dJXZ29hZakACAVJaPtwG8lRas1X%2FO9mabCOcZ6j6KEhwBUf0upIq5ryNHQT4c8%2BJXmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018be63d8623c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=a4a3d394-2de3-4077-9a93-71dbd6746471
Date
Fri, 03 Nov 2023 03:31:48 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
crum
dsum-sec.casalemedia.com/ Frame E173
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=042ac4325401445fb06c8a2ae1f66575&expiration=1701574308
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=042ac4325401445fb06c8a2ae1f66575&expiration=1701574308
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyrTw197Le7NvTzqnXDPnU0PNw0iKn%2BxMbJhzNEjWObJ17fzOjZtCsvO5NSlE1i8ZxtL3ClxzdKbGnStUW%2Bnq%2BEpKJ4%2Fmxa5JWrU5B8WlaP2LAvSfFTAR1AH710%2BEC%2FOKACD3jz84UR4FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018be58cda23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:47 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=042ac4325401445fb06c8a2ae1f66575&expiration=1701574308
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame E173 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:bd10:7de8:ea54:baf7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame E173
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMiWkdMHso2ldCEll9QLKjQ&google_cver=1
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMiWkdMHso2ldCEll9QLKjQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FW6R4NjJLktwrTWWibXUFOvTW163wSldH%2F%2Fi7Gb1Fwbk1f2nxCN%2B8dVu2hNDOTzH%2B%2BBTjXYF6WKNeODvjeeJ94nADAYQAnscFT1yYjB3CZLC%2F8r2TMwklobzKnEx%2F6Qul95jj84bmNXzdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018be52c8123c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMiWkdMHso2ldCEll9QLKjQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame E173 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 3F9F 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e85e099758968e12502438257864835ace171ce312c8bb951649b9ad8c95fc83

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 23:30:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71819
Connection
keep-alive
Content-Length
13281
Expires
Fri, 03 Nov 2023 23:28:47 GMT
generate_204
tpc.googlesyndication.com/ Frame 03E7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tQZJ-A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8DFE 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66380792&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e9ac667fef32ec5aa5255ef7652a24388454ecc9db17bd881454d7f1154e33f9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 3F9F 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOI274NW-5-C2CF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
sync
ads.servenobid.com/ Frame 21F7 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4966780828212204348&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 21F7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=mk5gJZpCNSCBTWFwmEN5d8gZYymBH2IlzUyxLPRz
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=mk5gJZpCNSCBTWFwmEN5d8gZYymBH2IlzUyxLPRz
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=mk5gJZpCNSCBTWFwmEN5d8gZYymBH2IlzUyxLPRz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 21F7
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDk2Njc4MDgyODIxMjIwNDM0OA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDk2Njc4MDgyODIxMjIwNDM0OA==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDk2Njc4MDgyODIxMjIwNDM0OA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
9.gif
id5-sync.com/i/102/ Frame 21F7 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame 21F7 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:49 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
usersync
usersync.gumgum.com/ Frame D513
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8387421531271171339
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8387421531271171339
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
an-x-request-uuid
bd3242a1-1c22-41f6-816d-8989101b857c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=8387421531271171339
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame D513
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_97a6e4bc-4314-416b-ac2d-ef89fbcf4a5a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3376543238220108584&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame D513
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=a9a4a9fe-69d4-43cb-9cf0-7fc90ccf827d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=a9a4a9fe-69d4-43cb-9cf0-7fc90ccf827d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=a9a4a9fe-69d4-43cb-9cf0-7fc90ccf827d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame D513
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734$ip$185.195.71.220
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734$ip$185.195.71.220
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734$ip$185.195.71.220
Date
Fri, 03 Nov 2023 03:31:48 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame D513
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-LEnqjcNE2pcS0jukI0O8rG5Q.S4EwTEiAIy6~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-LEnqjcNE2pcS0jukI0O8rG5Q.S4EwTEiAIy6~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-LEnqjcNE2pcS0jukI0O8rG5Q.S4EwTEiAIy6~A
content-length
0
usersync
usersync.gumgum.com/ Frame D513
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=0ee9ee90-b1ab-4fc4-9aea-b85761667e55
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=0ee9ee90-b1ab-4fc4-9aea-b85761667e55
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=0ee9ee90-b1ab-4fc4-9aea-b85761667e55
Date
Fri, 03 Nov 2023 03:31:48 GMT
Connection
keep-alive
X-CI-RTID
0cc1fce0-2171-4880-aa8e-459276f02a42
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame D513 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame D513
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_97a6e4bc-4314-416b-ac2d-ef89fbcf4a5a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=sQc18lvMT-PuBXshTipv&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=sQc18lvMT-PuBXshTipv&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=sQc18lvMT-PuBXshTipv&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame D513
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Nxn7cZHThJQ9&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Nxn7cZHThJQ9&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=Nxn7cZHThJQ9&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-xtv4s
expires
-1
usersync
usersync.gumgum.com/ Frame D513
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4966780828212204348
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4966780828212204348
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4966780828212204348
date
Fri, 03 Nov 2023 03:31:48 GMT
content-length
0
sync
ads.servenobid.com/ Frame D513 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_97a6e4bc-4314-416b-ac2d-ef89fbcf4a5a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generate_204
tpc.googlesyndication.com/ Frame F782 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?APc8zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
rtb.gumgum.com/ Frame E71A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=3376543238220108584&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=3376543238220108584&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.196.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-196-228.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=3376543238220108584&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 9BE3 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85N2E2ZTRiYy00MzE0LTQxNmItYWMyZC1lZjg5ZmJjZjRhNWE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 10D9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=148914
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Sat, 04 Nov 2023 20:53:42 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 915D 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 03 Nov 2023 03:31:48 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 1AAF
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZURppcCo8YAAADNoPvcAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZURppcCo8YAAADNoPvcAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 03 Nov 2023 03:31:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 03 Nov 2023 03:31:49 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZURppcCo8YAAADNoPvcAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
7
X-SO-Cluster-ID
0
X-SO-HostName
m-ad324.dc4p.scaleout.jp
X-SO-IP
185.195.71.220
X-SO-Key
ZURppcCo8YAAADNoPvcAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"185.195.71.220","key":"ZURppcCo8YAAADNoPvcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad324"}
X-SO-LB-Hostname
m-tgng28.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad324
usersync
usersync.gumgum.com/ Frame D15F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=mSVjJFhRnNs8jkO8TB8R&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=mSVjJFhRnNs8jkO8TB8R&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 03 Nov 2023 03:31:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 03 Nov 2023 03:31:48 GMT Fri, 03 Nov 2023 03:31:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=mSVjJFhRnNs8jkO8TB8R&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 2F1A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Nov 2023 03:31:48 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 03 Nov 2023 03:31:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		349 KB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-664
cdn-cachedat
10/31/2023 18:58:48
cdn-pullzone
829957
content-length
357576
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d5742dc14ea1456410c6e88ffaac266b
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
drop_cookie_sw.php
csync.smilewanted.com/ Frame 2C03 		0
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82018be5b8b96aa0-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:48 GMT
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 3F9F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOI274NW-5-C2CF
  • https://ads.servenobid.com/sync?pid=323&uid=LOI274NW-5-C2CF
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LOI274NW-5-C2CF
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LOI274NW-5-C2CF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
/
onetag-sys.com/usync/ Frame 20A0 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
cs
cs-rtb.minutemedia-prebid.com/ Frame 32C3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZURpotJ3N8GOWqBdq-1wawAA%263286
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZURpotJ3N8GOWqBdq-1wawAA%263286
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:7a00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
FLES6-uenvPyVCsidNxC8WIlr7CGR544rrug0zK7z4k11iWnJ0AO0A==

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Upsi4mFLcGD1X%2F2%2BcmIeSFokynQzuw%2Fvfc668lQb39BQBmLgso7DVge2oqjVRu955DmjV0Y87Px5Rw%2FoGZNRHZcILEUPbeEfkCpsDVXvs%2BnQwtMCFkwGpIdCn72ZVR1lvcjdWD48RWm1UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZURpotJ3N8GOWqBdq-1wawAA%263286
cache-control
no-cache
cf-ray
82018be5fd3923c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 32C3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8387421531271171339
42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8387421531271171339
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
an-x-request-uuid
1fa8a358-ff92-4b09-b612-788efebd9aec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8387421531271171339
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-rtb.minutemedia-prebid.com/ Frame 32C3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=c7c0ef8a-3e53-44c9-8313-76d3849c09de
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=c7c0ef8a-3e53-44c9-8313-76d3849c09de
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:7a00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
seQdJDA4VK8kN6Xa0JBmIiztJz8d3fFx3FtI5AuQ0AwvKAPa2rWNhQ==

Redirect headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=c7c0ef8a-3e53-44c9-8313-76d3849c09de
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 32C3
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:7a00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
AC6fBX2Ffh5YBAyhnubKguo0QOv6SzhVe5k-GopUn9clPTD4nPHOsA==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 32C3
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1831480096082138740700
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1831480096082138740700
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:7a00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
CXA3c6Grhx7E_pTwopHmO7aMXKVDZF9UfrUnyflQrf5Elc64bMkGSg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=1831480096082138740700
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
ap.lijit.com/ Frame 32C3 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 03 Nov 2023 03:31:48 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 32C3
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=f1ae65977bbb2a6b03ed04f98e89eacd
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=f1ae65977bbb2a6b03ed04f98e89eacd
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:7a00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
qpZ2xu3oqdiIk1yLJmAYdeFJu6tX4x7KhmFx5yjfps3_Wno0yuk3qA==

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=f1ae65977bbb2a6b03ed04f98e89eacd
x-kong-upstream-latency
3
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 32C3 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=KV7pExa-kp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
img
sync.mathtag.com/sync/ Frame 08C2 		43 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x2 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 03 Nov 2023 03:31:48 GMT
Expires
Fri, 03 Nov 2023 03:31:47 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x2 config_version:"1369"
Pug
simage2.pubmatic.com/AdServer/ Frame DF6F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
117 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Fri, 03 Nov 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
894307
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 099B 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=211703CA-977C-4652-B528-8CA341A71ECB&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 03 Nov 2023 03:31:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N8H4SMB9D75MJKAABKFB
Pug
image2.pubmatic.com/AdServer/ Frame 8524
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NlQOnTZYW5gtVw_INFkXz2QDDZEtBQydYVaFVpYU
42 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NlQOnTZYW5gtVw_INFkXz2QDDZEtBQydYVaFVpYU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NlQOnTZYW5gtVw_INFkXz2QDDZEtBQydYVaFVpYU
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 8261
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8387421531271171339&gdpr=0&gdpr_consent=
42 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8387421531271171339&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
6c961649-c84f-4ace-800b-74f21e1a9aa7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8387421531271171339&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
cs
cs-server-s2s.yellowblue.io/ Frame D8D4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7297073436466217318&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.83.246.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-246-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 03 Nov 2023 03:31:49 GMT
server
istio-envoy
x-envoy-upstream-service-time
1

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 2968
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8915715d-48f3-4ed5-970b-5aab4494b7d6&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
568 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:48 GMT
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 03 Nov 2023 03:31:49 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
cs
cs-server-s2s.yellowblue.io/ Frame 31F0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_npTEel5WHNtX_XPbHsnNLnDR9w&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.83.246.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-246-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 03 Nov 2023 03:31:49 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 4A88
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
116 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 03 Nov 2023 03:31:48 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 4AC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZURppAAAAS89AQBi
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 03 Nov 2023 03:31:49 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6925-MXP
x-timer
S1698982309.036370,VS0,VE95

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 03 Nov 2023 03:31:49 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZURppAAAAS89AQBi
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6925-MXP
x-timer
S1698982309.904902,VS0,VE104
Pug
image2.pubmatic.com/AdServer/ Frame 5545
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGSGwwN0tpTk1BQUJodUlKdzNQdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAFHl07KiNMAABhuIJw3Pw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFHl07KiNMAABhuIJw3Pw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFHl07KiNMAABhuIJw3Pw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4966780828212204348&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFHl07KiNMAABhuIJw3Pw&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFHl07KiNMAABhuIJw3Pw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 03 Nov 2023 03:31:49 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFHl07KiNMAABhuIJw3Pw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
cs
cs-server-s2s.yellowblue.io/ Frame BCD5
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU0b97f1088e334c6b8a402e93d5dc4d7c
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.83.246.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-246-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 03 Nov 2023 03:31:49 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=211703CA-977C-4652-B528-8CA341A71ECB
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 0D80
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Nov 2023 03:31:48 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
bridge
cm.adgrx.com/ Frame 64C2 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 03 Nov 2023 03:31:48 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
cm
ipac.ctnsnet.com/int/ Frame 69D3 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 03 Nov 2023 03:31:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 084F
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6072955426991292825
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6072955426991292825
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6072955426991292825
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame C56D
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730638919969
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730638919969
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 03 Nov 2023 03:31:48 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730638919969
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame FC68 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 03 Nov 2023 03:31:48 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-d332b6bdedb7@version_1.575
X-core-time
1ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame A2A7 		0
0
sync
ads.servenobid.com/ Frame 5BAA 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=211703CA-977C-4652-B528-8CA341A71ECB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 03 Nov 2023 03:31:48 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8DFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IRcDypd8RlK1KIyjQaceyw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=148914
accept-ranges
bytes
content-length
5606
expires
Sat, 04 Nov 2023 20:53:42 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 8DFE
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.241.138.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-138-233.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.28.146
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.15.35
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 8DFE
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2512242981
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2512242981
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 google
last-modified
Fri, 03 Nov 2023 03:31:48 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
via
1.1 google
last-modified
Fri, 03 Nov 2023 03:31:48 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2512242981
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 8DFE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=211703CA-977C-4652-B528-8CA341A71ECB
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MmlhN1g0LS1GNWtSbzJLS21NenpBV0FiQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3376543238220108584&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
52.5.225.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-225-174.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:49 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 03 Nov 2023 03:31:49 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 8DFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjExNzAzQ0EtOTc3Qy00NjUyLUI1MjgtOENBMzQxQTcxRUNC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8DFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECOE4s0LViCAirLFVm0wV6M&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECOE4s0LViCAirLFVm0wV6M&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECOE4s0LViCAirLFVm0wV6M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8DFE 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 02 Nov 2023 03:31:48 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8DFE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3376543238220108584
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3376543238220108584
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3376543238220108584
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 8DFE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 8DFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=211703CA-977C-4652-B528-8CA341A71ECB&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-n0x1WSpE2uXtDlLpT0DmK0_3PymqrFM-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-n0x1WSpE2uXtDlLpT0DmK0_3PymqrFM-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-n0x1WSpE2uXtDlLpT0DmK0_3PymqrFM-~A&gdpr=0
date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
211703CA-977C-4652-B528-8CA341A71ECB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8DFE 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/211703CA-977C-4652-B528-8CA341A71ECB?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1dfc:1fae:3d75:f146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 8DFE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=908ce486-5d77-4dc1-9066-528fac85c320-654469a5-4348&gdpr=0&gdpr_consent=
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=908ce486-5d77-4dc1-9066-528fac85c320-654469a5-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=908ce486-5d77-4dc1-9066-528fac85c320-654469a5-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8DFE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8058251235013482105&gdpr=0&gdpr_consent=&us_privacy=
1 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8058251235013482105&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8058251235013482105&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 8DFE
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=538fe287916615d4&is_secure=true&networkId=17100&version=1&nuid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIar8rI55WeQMSDxqXAAAAAAA&expiration=1699068708&nuid=211703CA-977C-4652-B528-8CA341A71ECB&...
42 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIar8rI55WeQMSDxqXAAAAAAA&expiration=1699068708&nuid=211703CA-977C-4652-B528-8CA341A71ECB&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIar8rI55WeQMSDxqXAAAAAAA&expiration=1699068708&nuid=211703CA-977C-4652-B528-8CA341A71ECB&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8DFE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:67cb4075-ffb4-4e91-9334-d0fd4afcc75d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:67cb4075-ffb4-4e91-9334-d0fd4afcc75d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:67cb4075-ffb4-4e91-9334-d0fd4afcc75d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 03 Nov 2023 03:31:48 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
ap.lijit.com/ Frame 13FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 03 Nov 2023 03:31:49 GMT
X-Sovrn-Pod
ad_ap1sea1
usync.js
eus.rubiconproject.com/ Frame 2F1A 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e85e099758968e12502438257864835ace171ce312c8bb951649b9ad8c95fc83

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 23:30:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71819
Connection
keep-alive
Content-Length
13281
Expires
Fri, 03 Nov 2023 23:28:47 GMT
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 0CF7
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=29f45b7e-e596-406a-ae1d-1zz1698982293
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D3...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Drichaudience%26expires%3D3...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=cfb574be-ddcc-5333-9a57-453dff132c98&ssp=richaudience&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&us_ps=
95 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Fri, 03 Nov 2023 03:31:34 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 03 Nov 2023 03:31:49 GMT
location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&us_ps=
Pug
simage2.pubmatic.com/AdServer/ Frame 8B54
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8387421531271171339
42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8387421531271171339
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
an-x-request-uuid
62c825e6-274a-4a45-851a-feebfefee2ec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8387421531271171339
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame 8B54
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=f760eaecca5c15e14c19884ac265e43&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=f760eaecca5c15e14c19884ac265e43&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.72.49.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-49-103.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:49 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:48 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=f760eaecca5c15e14c19884ac265e43&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698982308617066-418
Expires
Fri, 03 Nov 2023 03:31:48 GMT
v1
match.sharethrough.com/universal/ Frame 8B54 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.200.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-200-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
sync
ads.servenobid.com/ Frame 8B54 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=kmNpEEt-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame DF66
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6025499749
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6025499749
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 03 Nov 2023 03:31:48 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 03 Nov 2023 03:31:48 GMT
etag
RX5252745e4c374609a16c5af8a66ba38d003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6025499749
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
khaos.json
token.rubiconproject.com/ Frame 2F1A 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOI274NW-5-C2CF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:48 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-659
cdn-cachedat
07/19/2023 19:53:43
cdn-pullzone
829957
content-length
374496
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
633
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
b3965eb2fc7e7d800a71766ad71f5896
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
df202a8c-68d3-5333-b97e-b57edc3adcdb
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame DFF9
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=5300638922811625121
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/df202a8c-68d3-5333-b97e-b57edc3adcdb
0
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/df202a8c-68d3-5333-b97e-b57edc3adcdb
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82018bea2a486aa0-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/df202a8c-68d3-5333-b97e-b57edc3adcdb
usersync
usersync.gumgum.com/ Frame 2F1A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOI274NW-5-C2CF
  • https://usersync.gumgum.com/usersync?b=mag&i=LOI274NW-5-C2CF
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LOI274NW-5-C2CF
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LOI274NW-5-C2CF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 2E64
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
0
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82018be9ba176aa0-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 03 Nov 2023 03:31:49 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:49 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 18:58:42
cdn-pullzone
829957
content-length
382956
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
085b5d8a5a5cdfb78634a041cedda0de
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
3376543238220108584
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 3DAA
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3376543238220108584
0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3376543238220108584
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82018be899a96aa0-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 03 Nov 2023 03:31:49 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3376543238220108584
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5457 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4392793954354&version=m202309260101&ct=77&x=13&cor=12689829192710860000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
k-SKnMev1yuurZAPl9Laf_O6Px1JGrld0CIt5uUg
csync.smilewanted.com/set_partner_userid_get/criteo/ Frame 29C3
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=FC_Z019wSFpTbXVqbVolMkYyUmpwUiUyQmxtMTZ3amtrbVBxMDJXRHlWaWUzOHBIc2NoeDVRM2xvdW5OVzk2dUl2cUVKMGUlMkZyT1R4amxkV05kZ0JwdGVIc1g1aHcwbWVTZVJnYlhxdFppU...
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8915715d-48f3-4ed5-970b-5aab4494b7d6&ssp=criteo
  • https://ssp-sync.criteo.com/user-sync/match?p=FC_Z019wSFpTbXVqbVolMkYyUmpwUiUyQmxtMTZ3amtrbVBxMDJXRHlWaWUzOHBIc2NoeDVRM2xvdW5OVzk2dUl2cUVKMGUlMkZyT1R4amxkV05kZ0JwdGVIc1g1aHcwbWVTZVJnYlhxdFppU2g2Wm9...
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-SKnMev1yuurZAPl9Laf_O6Px1JGrld0CIt5uUg
0
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-SKnMev1yuurZAPl9Laf_O6Px1JGrld0CIt5uUg
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82018be9ba196aa0-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:48 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-SKnMev1yuurZAPl9Laf_O6Px1JGrld0CIt5uUg
server
Kestrel
strict-transport-security
max-age=31536000; preload;
gen_204
pagead2.googlesyndication.com/pagead/ Frame 999A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1407925079066&version=m202309260101&ct=77&x=1&cor=1029451216087367800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5457 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUg-PKWMZ7LVEnRAI1qhbbE6cs-n26sY6_Ns4nT0Io-RouVMRK8m3i4Abx2QDa07CG3Gx5ntCeDrAHjUnUjg1D3S4nOjGvCnD0IvTBP6XSXketZz6ZdnVPOI8H&sig=Cg0ArKJSzIKD5wTKLmKvEAE&id=lidar2&mcvt=1091&p=0,0,250,300&mtos=1091,1091,1091,1091,1091&tos=1091,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=4027077851&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698982305788&rpt=2289&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
cookiesync.api.bliink.io/ Frame 19B0 		24 B
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.65.172 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.65.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-length
48
content-type
application/json
date
Fri, 03 Nov 2023 03:31:49 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
f760eaecca5c15e14c19884ac265e43
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame FE8F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/f760eaecca5c15e14c19884ac265e43?gdpr_consent=&gdpr=0
0
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/f760eaecca5c15e14c19884ac265e43?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82018be909de6aa0-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 03 Nov 2023 03:31:49 GMT
Expires
Fri, 03 Nov 2023 03:31:49 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/f760eaecca5c15e14c19884ac265e43?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1698982309248002-387
sodar
pagead2.googlesyndication.com/pagead/ Frame 88AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=399751795879316&bg=!NjWlNXrNAAb4oU7C2KE7ADQBe5WfOB9Kb5hns_9QgfgKW9XLco-mHa8EAjW79KFoEbYhwfooNRf1pGVNqdL9hcoFr7ArAgAAARVSAAAABGgBB5kCzTwJckWY5aWuViHuikjYmIYxKV4S53lDGOu7FH5iRf-AXqRigkmgDqzkhIm54RUu7iAPRTT76Cym5TuUnB-RdUpjRbe9cl7wx6XJmj3Cj1qO8tahWEsL_i4_vSSBLfe7iC4LI5fo-zk5SZGFHdtcqLMfVDPOqtSFWWfS7rC8j5W_2BHJ9RYHC8is6dzm3O7t0JULYFgod8zQXDYwNOVO3P9u0fOgknam_0a0x9WMkTDHpqUO3qL_qAgJpWJVE8mcN0LGfNndo58hJElK2HoWiee_QyJzjnhha8yNB85416T9cLLJtdIivUjd9V36XtQVRz0LMZXEy65bVmygsZIPbkmBw9tBEDozfx2SrMsJrPCgp9yCYMcR-Cr7vHWC464ZYkOKXRO9WljfnhH70w0vXfu2DiocBgKb3Dx5YAExXxy6_mgSsS4OTCUT9KcYV5o7jbPrJAuAs2k89OfwKOiEtIePPfVC7hpvhD7z5lj6_XD2ERi0PxgQo-a5uCgftgnl6nXsyjavJWMtnjpdkELCOP1tCFYIF6rcGeivybRBkkN6-6buME112meITihn9pLVuC5YRUEJQFHP0Ah3AoeQoAM4HXIpz7A2-buWTWoJ8vuIfkK6QHeHckLTbzTec7pANWeO26u5kHTsPrnBs6X-FyB-R5cIkEPz6F0YhGW4CPn2gY4or8Zz-xXrYrtQfqbHsPLFgyRNjcy-9VGOPV0a8L4l9UQOnhCSh-ActJv6USgHpcDfHVriOW8S2LBn8HOt6U_95qwpQhia9C2xi719_4LjJoLztKc01xrQcwLwU2ht1gYOAiWP-uopkafhVc6PfDUPGtAtMiu617lWoOLMXrq_U-y52RIdBE4QUHgo1B7WbkpmCq9xNzMNeYWrh29CWWlZnxzyucZRj4WS9C0smk995dsS62WbkoWrMK744BhQl61IzcJ9z8rm2MEXMg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310300101&jk=3389567392143493&bg=!Z2SlZCvNAAb4oU7C2KE7ADQBe5WfOE5ZR7HPLuYz7RnMiIddL6W3viMjoS_mWT54HNvZPwGbSEBiP0wkH8KBlldqJd5xAgAAASxSAAAABWgBB5kCwCe-t73mAi1A9PaUVkbP1yRCShqJeiVq_XEQhkKRKd4XC9hEqtdYkUxN6ZcMiA6ubyd87sDMeG5odIhx6fDfisRB6xJys64flCuqk6AoAEL8UAIV-m_zyDlgyLCUCytvDsGQl4ijnaS7dFmcxL0os7Sphm3BUOLdtTL-mz4IQZJmMZ5on0Fgw8TbjqVqSAOYP8IjoD_h--bzV4FzV0MT1OdPXT7a0R6TduExxt2PcOBaJyEGW_yIfcJWJJHkvoJjzhXrsJFpA-oM2eyBfmcbPOG-p5VCYPmAyzAcEtJ6mq-ib4KNQZe4w2BC9eYkJ7lqyOfcPWtWoaBeqtRx-2Uw1dhE7AybVqR9JIsXltjjSyzM6k0TZwJy0zHdTOcmwJzYjOBEEFUaRddQN48NrR91G7qX2zXFHNlu09EvHkiUPh9KMLvRnvxda0CSSsHHIXpoyB3lpG26D51ohiD-XNZjX8uV9UZo7dXLn9IAcKjgGQHWGRmLCoTi5VwHEvRD8tf_Nf8yYqc2iDrxLWYt7kXIMw33CGxhYl9hQVcZmfh7DKYy51bFhwLi-WJRgsTY40c_UTDjrxmlh7opkCCP-9QenlTLkx4SrvBFDkJG6N_Ich2xGpuuGW91aHPXAxQY9JGBWc68F2b25Kjy5UtF__KTjVZH-6LLv-Qtgt2a_SwTdesHJhrSwGnuzFIjxkD6vfY_Vld6dZ6THR32T0uVxoNjX4gkFDnnVTc2E19hYatEJQxB0rRbcD_f-PE2ma9jmGmkip9l7ZlkVhM8x3kF3fgNg6WH49Etug4WyjqFqrYgAxBElb2yVMnjsHujva4vEYZnk7BGcGyPcnmTcn0DX_di3_noFNFcMAjbWlCeAqWmj3zQhHurDYzIPMVWtqh8ydW_Atc8eJGqxLEbcbhYH4xxLNyzBavupTZiwjR_UahI4q2D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 0A89 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:49 GMT
an-x-request-uuid
f0828920-119c-474f-be9d-21ff7868527e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.220; 185.195.71.220; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
video8.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		330 KB
331 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:49 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-165
cdn-cachedat
10/31/2023 18:51:10
cdn-pullzone
829957
content-length
338212
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
494
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
f5858e0c360da9f2888e450fbcdb1957
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame 1D1F 		156 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&vpa=auto&vpmute=0&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&sid=A90D26E2-9E08-43B8-9F17-A26C46C55625&nel=0&eid=44772139%2C44777649%2C44781409%2C44801479%2C44802463%2C44806075&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dlt=1698982304172&idt=3641&dt=1698982309650&cookie=ID%3D307be2235f26f96e-22fd82dd84e30087%3AT%3D1698982304%3ART%3D1698982306%3AS%3DALNI_MbQnhYkX2DQr9Q13ZYlXN8XHUJ2ag&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=41517748657657&scor=3265406687383249&ged=ve4_td6_tt2_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 1D1F 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~loi276ph&c=1015684392095&slotId=507842196047.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4016:802::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1D1F 		156 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&vpa=auto&vpmute=0&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&sid=A90D26E2-9E08-43B8-9F17-A26C46C55625&nel=0&eid=44772139%2C44777649%2C44781409%2C44801479%2C44802463%2C44806075&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dlt=1698982304172&idt=3641&dt=1698982310628&cookie=ID%3D307be2235f26f96e-22fd82dd84e30087%3AT%3D1698982304%3ART%3D1698982306%3AS%3DALNI_MbQnhYkX2DQr9Q13ZYlXN8XHUJ2ag&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=3074080643448276&scor=1827501197682206&ged=ve4_td7_tt3_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 1D1F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~loi278d9&c=1015684392095&slotId=507842196047.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44801479%2C44802463%2C44806075
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4016:802::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 8DFE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
event.png
tpsc-ew1.doubleverify.com/ Frame ED19 		0
301 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=a83aeebd62a644a990cd05241cbf0188&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&vdur=164&eoid=17&te_exec=0&msrjs=4866&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=135&tetms=7&msltms=64&vltms=164&sei=289&vetms=48&tuviims=282&tuviems=494&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=264&msrcannum=2&ee_dp_tmads=2342&ismms=89&isumms=89&nvr=2&elmtp=4&isbxdms=2290&b0=2467&dvp_vsosnmr=3&lftb=2467&sftb=2467&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=89&dvp_dpr=1&vstsz=754&ee_dp_cvcmeeid=1&metp=1&meeid=1&dvp_itg=HEAD%3A1%2CBODY%3A1%2CIFRAME%3A16%2CSCRIPT%3A3%2CDIV%3A2%2C&ttfurm=3240&cbust=1698982311066474
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4866.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://mediaintelligence.de
Pragma
no-cache
Date
Fri, 03 Nov 2023 03:31:51 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-11-02T03:31:51
ads
pubads.g.doubleclick.net/gampad/ Frame 1D1F 		156 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&vpa=auto&vpmute=0&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&sid=A90D26E2-9E08-43B8-9F17-A26C46C55625&nel=0&eid=44772139%2C44777649%2C44781409%2C44801479%2C44802463%2C44806075&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dlt=1698982304172&idt=3641&dt=1698982311523&cookie=ID%3D307be2235f26f96e-22fd82dd84e30087%3AT%3D1698982304%3ART%3D1698982306%3AS%3DALNI_MbQnhYkX2DQr9Q13ZYlXN8XHUJ2ag&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=3115496032119908&scor=4480132107884149&ged=ve4_td8_tt4_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b11v886690812&_p=1698982304191&gcd=11l1l1l1l1&cid=65000381.1698982304&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1698982306&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dt=%E6%B7%B1%E8%AC%80%E9%81%A0%E6%85%AE%E8%AE%93%E4%B8%8D%E7%95%B6%E9%BB%A8%E7%94%A2%E9%81%8E%E5%88%9D%E5%AF%A9%E3%80%80%E7%B6%B2%E8%B4%8A%E9%99%B3%E5%85%B6%E9%82%81%EF%BC%9A%E5%8F%88%E5%85%B6%E9%82%81%E5%8F%88%E5%8F%AF%E6%84%9B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=7&tfd=9653
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video9.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		339 KB
340 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:51 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-662
cdn-cachedat
10/31/2023 18:59:54
cdn-pullzone
829957
content-length
347236
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
275
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
09beb5b271bdb3e646b5d9261833396b
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
PugMaster
image6.pubmatic.com/AdServer/ Frame 10D9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6041699&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8be594a1ac8976341e76eecd3e185fe3856d47454102e5845275aba9610b9133

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 03 Nov 2023 03:31:50 GMT
content-length
1567
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 8DFE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35531388&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8be594a1ac8976341e76eecd3e185fe3856d47454102e5845275aba9610b9133

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 03 Nov 2023 03:31:50 GMT
content-length
1567
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame CD1B 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 03 Nov 2023 03:31:51 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 9F42
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82018bfaced123af-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82018bf99d9a23af-ZRH
content-type
text/html
date
Fri, 03 Nov 2023 03:31:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
631
Pug
image2.pubmatic.com/AdServer/ Frame D3B3
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a2242851b6a4cd07/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d4a007d921c50dd2599a1ed6d683cd07&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgXXWXSVbhUgWjQaT&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgXXWXSVbhUgWjQaT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgXXWXSVbhUgWjQaT&gdpr=0&gdpr_consent=
pubmatic
ad.mrtnsvr.com/sync/ Frame 1629 		0
0
pub
matching.truffle.bid/sync/ Frame F3B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 03 Nov 2023 03:31:51 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame F80C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
1 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 03:31:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 03 Nov 2023 03:31:51 GMT
expires
Thu, 02 Nov 2023 03:31:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 480D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2109489970
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2109489970
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 03 Nov 2023 03:31:51 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 03 Nov 2023 03:31:51 GMT
etag
RX5252745e4c374609a16c5af8a66ba38d003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2109489970
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
usersync
usersync.gumgum.com/ Frame B820 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=211703CA-977C-4652-B528-8CA341A71ECB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 03 Nov 2023 03:31:51 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame 10D9 		95 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=211703CA-977C-4652-B528-8CA341A71ECB
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
82018bf9be4c6aa0-GVA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 10D9
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:32:01 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:32:01 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 10D9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:52 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
mw
mwzeom.zeotap.com/ Frame 8DFE 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=211703CA-977C-4652-B528-8CA341A71ECB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
82018bf9be4d6aa0-GVA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 8DFE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:32:01 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:32:01 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=211703CA-977C-4652-B528-8CA341A71ECB&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8DFE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:52 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
match
c1.adform.net/serving/cookie/ Frame 08AA 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=211703CA-977C-4652-B528-8CA341A71ECB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 03 Nov 2023 03:31:51 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 34C4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
393 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82018bfaded323af-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 03 Nov 2023 03:31:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82018bf99d9c23af-ZRH
content-type
text/html
date
Fri, 03 Nov 2023 03:31:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
6258
Pug
image2.pubmatic.com/AdServer/ Frame 1B66
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bfff791f00b69888/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d4a007d921c50dd2599a1ed6d683cd07&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMMMTRbMaahURSSS&gdpr=0&gdpr_consent=
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMMMTRbMaahURSSS&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:50 GMT
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMMMTRbMaahURSSS&gdpr=0&gdpr_consent=
pubmatic
ad.mrtnsvr.com/sync/ Frame 0B04 		0
0
pub
matching.truffle.bid/sync/ Frame 5AB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 03 Nov 2023 03:31:51 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 7EA2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
568 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:31:50 GMT
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 03 Nov 2023 03:31:51 GMT
expires
Thu, 02 Nov 2023 03:31:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 8476
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5101831268
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5101831268
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 03 Nov 2023 03:31:51 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 03 Nov 2023 03:31:51 GMT
etag
RX5252745e4c374609a16c5af8a66ba38d003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5101831268
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame 31DC 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=211703CA-977C-4652-B528-8CA341A71ECB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 03 Nov 2023 03:31:51 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=10637&tvi50=13623&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
77
date
Fri, 03 Nov 2023 03:31:52 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
73665
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6938-MXP
pragma
no-cache
server
nginx
x-timer
S1698982312.049256,VS0,VE77
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ads
pubads.g.doubleclick.net/gampad/ Frame 1D1F 		156 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&vpa=auto&vpmute=0&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&sid=A90D26E2-9E08-43B8-9F17-A26C46C55625&nel=0&eid=44772139%2C44777649%2C44781409%2C44801479%2C44802463%2C44806075&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dlt=1698982304172&idt=3641&dt=1698982312377&cookie=ID%3D307be2235f26f96e-22fd82dd84e30087%3AT%3D1698982304%3ART%3D1698982306%3AS%3DALNI_MbQnhYkX2DQr9Q13ZYlXN8XHUJ2ag&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=2301670025114928&scor=3371215531623737&ged=ve4_td8_tt4_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ax.php
a.gsitrix.com/js/ Frame 2F02 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418380&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediaintelligence.de/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://mediaintelligence.de
date
Fri, 03 Nov 2023 03:31:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*
ads
pubads.g.doubleclick.net/gampad/ Frame 1D1F 		156 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&vpa=auto&vpmute=0&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&sid=A90D26E2-9E08-43B8-9F17-A26C46C55625&nel=0&eid=44772139%2C44777649%2C44781409%2C44801479%2C44802463%2C44806075&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dlt=1698982304172&idt=3641&dt=1698982313229&cookie=ID%3D307be2235f26f96e-22fd82dd84e30087%3AT%3D1698982304%3ART%3D1698982306%3AS%3DALNI_MbQnhYkX2DQr9Q13ZYlXN8XHUJ2ag&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=3423096872105616&scor=1735234357912726&ged=ve4_td9_tt5_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video10.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		323 KB
324 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video10.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
c9ce49ef364cf2950aed5e50799ce8cc6ca3484f393d179a31dc7425957d549e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:53 GMT
cdn-edgestorageid
1078
cdn-storageserver
DE-199
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
330880
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
986df179c106f25a7693af0778ae37b9
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
SPug
simage4.pubmatic.com/AdServer/ Frame 10D9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 8DFE 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
pubads.g.doubleclick.net/gampad/ Frame 1D1F 		156 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&vpa=auto&vpmute=0&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&sid=A90D26E2-9E08-43B8-9F17-A26C46C55625&nel=0&eid=44772139%2C44777649%2C44781409%2C44801479%2C44802463%2C44806075&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshen-mou-yuan-lu-rang-bu-dang-dang-chan-guo-chu-shen-wang-zan-chen-qi-mai-you-qi-mai-you-ke-ai.html&dlt=1698982304172&idt=3641&dt=1698982314084&cookie=ID%3D307be2235f26f96e-22fd82dd84e30087%3AT%3D1698982304%3ART%3D1698982306%3AS%3DALNI_MbQnhYkX2DQr9Q13ZYlXN8XHUJ2ag&gpic=UID%3D00000cb365667b13%3AT%3D1698982304%3ART%3D1698982304%3AS%3DALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ&correlator=3423096872105616&scor=3890625667303174&ged=ve4_td10_tt6_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7b10cfab292c61e6b3332aebee609258.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/eb0dd34db8f8da35617bd059c083c07a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/6941a7c30f9890ff3ac77ed62e3be4f9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/e838760d93634fd39079c2d02aca3812.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/602c580e5c71d2d48730120e1d066911.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/7cefc464e08273eed27ad48e006b7d51.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202203/bf0bd0a3224be1556d235615c6f4b8eb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ec760afede175b908c66d7a23f536a13.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/33633daba608636eca473e1ec79e78e4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/db574accd4ff1191d03e6a7a313a39c3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/14623bc592ed903d9c2a68f0b345f4d1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/716a8b26f5f4a717194bbc634351e24a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/7747d5432921b197af15029a8c4f689e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/c4b0967be0cb1480787e23da643c0bfa.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7daf1b3a7b3f55b829a512ecf4754500.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202202/7b58ebc00d362fb0a865e3f0a7d9e904.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/d40d312bd25803747de43783de8c13cb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/212a6fc9abbd079779aea6dd1507566a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0fd93f18624ee9cc7090cbd8d17e256e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/2d77c30ecedf7d1362e4b9606f2ae8c6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f3e10b17f2099b2fb3993f2d2cf4d3f3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/2464d1cfabd9a91ef170608a6759ce32.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/83b2bb0817719b78dc3ebb4a30949d86.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a6e955739f4ceb18bc4fe7aff5445b19.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/07789ce018534e0299dfe9b54b201f78.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/e3bb0af7acd30ecf5c89f0498d9ed5f4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/206fbc8b035190311bd833d95b7c4bae.jpg?w=150&h=100&q=100
Domain
e3.adpushup.com
URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9zaGVuLW1vdS15dWFuLWx1LXJhbmctYnUtZGFuZy1kYW5nLWNoYW4tZ3VvLWNodS1zaGVuLXdhbmctemFuLWNoZW4tcWktbWFpLXlvdS1xaS1tYWkteW91LWtlLWFpLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS02ZWQyNjgxNC0wNjc5LTQzNTQtOTU5Ni03MTk0ODBjZTJmMTAiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYTRmNzU1ODUtZGViZC00NTJmLTlmZGQtMWI5MDkxZjJiMGQ3IiwidGltZU9mQXVjdGlvbiI6MTY5ODk4MjMwNDg1OSwiYmlkcyI6W3siY3BtIjowLjAzLCJhZElkIjoiNzYxYjQzNmIyZjMyNWE4Iiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDAzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTI4M30seyJjcG0iOjAuMDIxOTIxLCJhZElkIjoiNzhjZWZkZmE4YjhmOTk3Iiwib3JpZ2luYWxDcG0iOjAuMDIxOTIxLCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDIxOTIxLCJmb3JtYXRUeXBlIjoibmF0aXZlIiwicmVzcG9uc2VUaW1lIjo0MjEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzE1fSx7ImNwbSI6MC4wMywiYWRJZCI6IjgxMGE2YWVlYzI3MGM3OCIsIm9yaWdpbmFsQ3BtIjowLjAzLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NDksInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzE4fSx7ImNwbSI6MC4wMiwiYWRJZCI6Ijg0YTlhYWVmYTlkZTQ2ZSIsIm9yaWdpbmFsQ3BtIjowLjAyLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ1MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMTl9LHsiY3BtIjowLjAyLCJhZElkIjoiODVkOGRiYmI1ZDE1Y2UzIiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDUxLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTMyMH0seyJjcG0iOjAuMDIsImFkSWQiOiI4Njg3ZDQ0MWVkNGE1YjIiLCJvcmlnaW5hbENwbSI6MC4wMiwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NTEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzIwfSx7ImNwbSI6MC4wMjkxNDY1MDAwMDAwMDAwMDIsImFkSWQiOiI5MDNkMDBjNmNkYzFmMzciLCJvcmlnaW5hbENwbSI6MC4wMzQyOSwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDI5MTQ2NTAwMDAwMDAwMDAzLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MzQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzI0fSx7ImNwbSI6MC4wMzI3OTUzOTQ0NDk5OTk5OTQsImFkSWQiOiI5MWNmMmM0YTU5NGM5ZWMiLCJvcmlnaW5hbENwbSI6MC4wMzI3OTUzOTQ0NDk5OTk5OTQsImJpZGRlciI6Im9uZXRhZyIsInJldmVudWUiOjAuMDAwMDMyNzk1Mzk0NDQ5OTk5OTkzLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MzgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzI2fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6Im9uZXRhZyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiOTFjZjJjNGE1OTRjOWVjIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAzMjc5NTM5NDQ0OTk5OTk5M30seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYTRmNzU1ODUtZGViZC00NTJmLTlmZGQtMWI5MDkxZjJiMGQ3IiwidGltZU9mQXVjdGlvbiI6MTY5ODk4MjMwNDg1OSwiYmlkcyI6W3siY3BtIjowLjA1LCJhZElkIjoiNzVjODVjZjEyZDQzOTU0Iiwib3JpZ2luYWxDcG0iOjAuMDUsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MDEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MjgxfSx7ImNwbSI6MC4wMjM1MTYsImFkSWQiOiI3N2IwZDY2MmU0ODU3ZTQiLCJvcmlnaW5hbENwbSI6MC4wMjM1MTYsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAwMjM1MTYsImZvcm1hdFR5cGUiOiJuYXRpdmUiLCJyZXNwb25zZVRpbWUiOjQyMCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMTR9LHsiY3BtIjowLjAzLCJhZElkIjoiODJhMmJlN2FhNGJjZGFiIiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ1MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMTl9LHsiY3BtIjowLjAzLCJhZElkIjoiODNkZmZiODhlZTVlOTE5Iiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ1MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMTl9LHsiY3BtIjowLjAyLCJhZElkIjoiODc0NTUyZDIzNGJhMGU0Iiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDUyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTMyMX0seyJjcG0iOjAuMDIsImFkSWQiOiI4ODg1NmFhMDhmZDhhNCIsIm9yaWdpbmFsQ3BtIjowLjAyLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ1MiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMjF9LHsiY3BtIjowLjAyLCJhZElkIjoiODlkZThhYjIzZDY1NDE3Iiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDUyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTMyMX0seyJjcG0iOjAuMDMyNzk1Mzk0NDQ5OTk5OTk0LCJhZElkIjoiOTJjNTA3NjY2ZTU3MjdiIiwib3JpZ2luYWxDcG0iOjAuMDMyNzk1Mzk0NDQ5OTk5OTk0LCJiaWRkZXIiOiJvbmV0YWciLCJyZXZlbnVlIjowLjAwMDAzMjc5NTM5NDQ0OTk5OTk5MywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDM4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTMyNn1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJydWJpY29uIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NWM4NWNmMTJkNDM5NTQiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDV9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=3406.199996948242
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| unibots function| _statcounter object| adRecover object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| TRC function| _typeof object| _tblConsole undefined| msg function| setImmediate function| clearImmediate undefined| $ undefined| jQuery function| jqAlias undefined| google_measure_js_timing function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| regeneratorRuntime object| totm object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs object| google_reactive_ads_global_state number| google_unique_id object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo string| nam object| placementData function| quantserve function| __qc object| ezt object| _qoptions function| checkFrameandInitStartFun function| processData object| ucf object| request string| paramsString boolean| descriptionPage object| googDdmPs object| ubp_pbjsChunk object| ubp_pbjs object| _ubp_pbjsGlobals object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| io function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun function| clientJsFunction object| _google_rum_ns_ object| google_persistent_state_async function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| vttjs function| WebVTT function| videojs function| videojsPlaylist function| videojsContribAds object| $jscomp object| canAutoplay function| videojsIma function| isValidVideo string| myPlayerGabywa object| oldScript object| attr object| closure_lm_1534 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| closure_lm_249935 object| GoogleGcLKhOms function| prepareAdRequest object| google_image_requests

204 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChgKBgiiARC0FgoGCNIBELQWCgYIiwEQtBY
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1698982304.9F2F15E0A5E84FFA579A821F26836A04.1.1.1.1.1.1.1.1.1
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1698982304.1.0.1698982304.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.65000381.1698982304
www.bg3.co/ Name: __AP_SESSION__
Value: 3e2223a9-b094-469e-a40a-176b88e59be6
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: f75623e7-d21c-4ffa-b6a4-588a4e97a5f5
.statcounter.com/ Name: is_unique
Value: sc12918656.1698982304.0
.statcounter.com/ Name: is_visitor_unique
Value: 1698982304394503561
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D14624266-a134-40ad-b57a-06d81f5eff86-tuctc3def20
.bg3.co/ Name: __gpi
Value: UID=00000cb365667b13:T=1698982304:RT=1698982304:S=ALNI_MbLy72JjD6uKVZBcm3eVS0rCnGBuQ
.prebid.a-mo.net/ Name: __amc
Value: 1_1698982305_1698982305
.omnitagjs.com/ Name: ayl_visitor
Value: f1ae65977bbb2a6b03ed04f98e89eacd
.teads.tv/ Name: tt_viewer
Value: 11d5360e-3efe-4a32-8e4a-59c4b827e460
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LOI274NW-5-C2CF
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwodORqgY4AUABSAEQodORqgYYAA..
.adnxs.com/ Name: uuid2
Value: 8387421531271171339
.quantserve.com/ Name: mc
Value: 654469a1-65a48-fdb78-d64a7
.bg3.co/ Name: __qca
Value: P0-1372460953-1698982305226
.aralego.com/ Name: sspid
Value: 05e3d8c7-6920-3f1f-b93f-555ad1482cbc
.doubleclick.net/ Name: IDE
Value: AHWqTUlGmtqlWveBShzzbmeX_mh7siNHSD1EPXTdLw0BprfGH2I7q0iZsiBuqYx10JY
.adfarm1.adition.com/ Name: UserID1
Value: 7297073436466217318
.aralego.com/ Name: euconsent-v2
Value:
.casalemedia.com/ Name: CMID
Value: ZURpotJ3N8GOWqBdq-1wawAA
.casalemedia.com/ Name: CMPS
Value: 3286
.casalemedia.com/ Name: CMPRO
Value: 3286
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>4l$AQI!]tbPl1M>e)ZlrFUfJ+tGXxom^y)'9QTKqs>O]I5:d680G=[Gm[8/1R)6HK43If)y3KL9D3I?+/Lpnxk
.openx.net/ Name: i
Value: 8d3532d7-e846-446a-a15d-a7cca0b8b0c6|1698982306
ads.smartstream.tv/ Name: DID
Value: f7313c4f3bd5aade60f9aaf1668f13d2
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.bidswitch.net/ Name: tuuid
Value: cb955613-9d69-4dd4-b968-162f8faff42d
.bidswitch.net/ Name: c
Value: 1698982306
.bidswitch.net/ Name: tuuid_lu
Value: 1698982306
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBKJpRGUCEA28rKSaqEdU01nr86SdOI8FEgEBAQG7RWVOZQAAAAAA_eMAAA&S=AQAAAuNNhMRrRA0iWL-46rDoxhs
.bg3.co/ Name: __gads
Value: ID=307be2235f26f96e-22fd82dd84e30087:T=1698982304:RT=1698982306:S=ALNI_MbQnhYkX2DQr9Q13ZYlXN8XHUJ2ag
cm.adsafety.net/ Name: UID
Value: CM12023110303231e90bb366b7f405c5
.adsafety.net/ Name: cm_uid
Value: CM12023110303231e90bb366b7f405c5
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvbC9JamMzQUhtb0RkRkx3Q2JJV21nWHY1OENtS0J6RERaR1U5cGlkRFNnNSt1aTVqeEhWOEhYdGduN29wd2FXc3BqQ09keEtVaTRtVkdiYi84aE03aGx4QU1ENVN2Ymc4REpobjdRaXh1bE1DUFRZNXEzVnBGOVAwSUdwRGdvN0thQ2Z1TVFoOW9rMmE3R0ZZZnhkUFB0OFFCYnBEU3RpaGtYM0pmNXNOd3NNSWVtdzBWK1FGTUtOellCRkxRSFVYeFJIVkVlQmpCSnIwM2dqOUhmS2pjR3gzNlY0T1FSRm1yTEErdlVicmRBWXlFWk9SSWZ2eXlSbEdXSGQwdkNRSmNOcXcvQ05nWjgyM3daWnEvQXZzSXVVR3JUQno3bWNiQlc2N1d0TVd0MURoVzRLUklNbmVIdDdTSUZuSXpkOUFRPT0%3D
.adform.net/ Name: uid
Value: 3376543238220108584
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 4ad991761ab9f9eb
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_cef4966e-f3e4-4da0-9b02-9e185be6d5ed
.primis.tech/ Name: csuuid
Value: 654469a276a79
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1698982306.1.0.1698982306.0.0.0
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.bidr.io/ Name: bito
Value: AAFHl07KiNMAABhuIJw3Pw
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: bcookie
Value: "v=2&2cbcaea5-cdc7-4a0a-8402-4ab7e032b419"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTg5ODIzMDY7MjswMjEUIIwnDn3MUfC58xKYKAyW+qiqdVJtgdk139RpwVuU3g==
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3001:u=1:x=1:i=1698982306:t=1699068706:v=2:sig=AQFwBNKPw7hnQlSQ_hiraWZPkg8Fh1t9"
.liadm.com/ Name: lidid
Value: aa6a0fa1-3ac5-4b24-a230-2d0946f5ff80
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tapad.com/ Name: TapAd_TS
Value: 1698982306701
.tapad.com/ Name: TapAd_DID
Value: 92ff9800-a729-4660-98ee-75bd545cd374
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.simpli.fi/ Name: suid
Value: A62F7EF8261B48ABA7DBE4F1B653282E
.amazon-adsystem.com/ Name: ad-id
Value: A6ObgcYWC0d1k9yqpEM8yYY
.yieldmo.com/ Name: yieldmo_id
Value: 3Fq_7ccQQYcOoAB4JAKE%7C1698969600000%7C0
.mediaintelligence.de/ Name: trs
Value: 654469a286fdca1bc4a9c08b
.awin1.com/ Name: awpv18851
Value: 412871|1698982306|84567420-79f9-11ee-bbbe-22643cd2ee20
.awin1.com/ Name: awpv11482
Value: 412871|1698982306|84590c30-79f9-11ee-84cc-223908f3a6a6
.awin1.com/ Name: AWSESS
Value: 346440:2246444
.ipredictive.com/ Name: cu
Value: 0ee9ee90-b1ab-4fc4-9aea-b85761667e55|1698982307024
.rezync.com/ Name: zync-uuid
Value: 4a572172-9980-4e9a-87dd-fa94477b15ee:1698982306.9913738
www.conrad.ch/ Name: HTLP_timestamp
Value: 1698982307076
www.conrad.ch/ Name: CEAffHA
Value: AW
.www.conrad.ch/ Name: __cf_bm
Value: hucTT03Tl2i9qPNFO7buZqI7qvfs0t.nISg6k8.PBpM-1698982307-0-AVaDZrL415qChIqRk0TqWPO3T1pFNY8zpE+sJgFhAgy8rrdIbIHzeFKc/1DphRwpHsAeG/wxZLi5AdnYaFdyyzQ=
.mediago.io/ Name: __mguid_
Value: f34e9699801e8e7814vfyt00loi2765e
.mediaintelligence.de/ Name: emid
Value: 654469a386fdca1bc4a9c1a7
.adfarm1.adition.com/ Name: lv_5626024
Value: w=4787111|t=1698982306
.3lift.com/ Name: tluid
Value: 1831480096082138740700
.zemanta.com/ Name: zuid
Value: sQc18lvMT-PuBXshTipv
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjAztrA0tLQ0sxTiM9R1TvS0MPMyTI8vdI0HALciv44lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjAztrA0tLQ0sxTiM9R1TvS0MPMyTI8vdI0HALciv44lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXB2xGAIAwEwB_biUMecDm7CUMsxMrd_S5ETZjChMwh0SxJnCNvMQLYOrsfXUym-Vg3qQ7PHwhZkxc6AAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 211703CA-977C-4652-B528-8CA341A71ECB
.adfarm1.adition.com/ Name: lv_5609187
Value: w=4389193|t=1698982307
.yandex.ru/ Name: yuidss
Value: 1680426871698982307
.yandex.ru/ Name: yandexuid
Value: 1680426871698982307
live.rezync.com/ Name: sd-session-id
Value: .eJwNzFsOgjAQRuG9zDM1lF5m_m6GVDsmjYKGwouEvdvHk3w5J81f3Za86rpT2rdDB3q8a69G6aRWf4u-KFGwo4QAdmN0AgtE0DVQ09bqZ51r6cbnwJPlyQAyGq_IRrgU88zwnvlug2qyEQKZ-ucGWMdO6PoDpUwlfw.ZURpow.f9YeuOcIMVO7ewjW-3f_Nf5NMig
.turn.com/ Name: uid
Value: 8058251235013482105
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734.y3mZU9MH0U2KUvV36gnMcphg5n4DvkPAIFyIO9PXhCU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734.y3mZU9MH0U2KUvV36gnMcphg5n4DvkPAIFyIO9PXhCU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A_npTEel5WHNtX_XPbHsnNLnDR9w.FkokuDS7pLE9wFHDRIeIXhIFPtT%2Fby6PPknTHsszXuo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A_npTEel5WHNtX_XPbHsnNLnDR9w.FkokuDS7pLE9wFHDRIeIXhIFPtT%2Fby6PPknTHsszXuo
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKII5GKfMO4Pi0-ejx4ZWO-v8CvjKKF9rTRF2l9Mm3BTOVEHwYBCCj05GqBjABOgTwi70wQgRSZsAj.Zlc985Fr5NIz5NwC%2Fd9sk8UJKeF7qwgJTnCIoF0NS14
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKII5GKfMO4Pi0-ejx4ZWO-v8CvjKKF9rTRF2l9Mm3BTOVEHwYBCCj05GqBjABOgTwi70wQgRSZsAj.Zlc985Fr5NIz5NwC%2Fd9sk8UJKeF7qwgJTnCIoF0NS14
.rlcdn.com/ Name: rlas3
Value: l5ZkmbpDCvteMC3jlxIYwm/MumQ5VJYAuVPIT5YdURM=
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1698982307.1.0.1698982307.0.0.0
.rlcdn.com/ Name: pxrc
Value: CKPTkaoGEgUI6AcQABIGCLrqARAA
.360yield.com/ Name: tuuid
Value: 9169b479-fcde-4d14-967f-f2f96e80ddfc
.360yield.com/ Name: tuuid_lu
Value: 1698982307
.lijit.com/ Name: ljt_reader
Value: Hl6TJGZHJ0yzGRhuS46cxQ5i
.criteo.com/ Name: uid
Value: a831c7e9-6bcd-4e27-88d4-f40541e53afa
.bg3.co/ Name: cto_bundle
Value: cMQutF80TEh2TCUyQkZkR3p5RGszTW9nQkhKUVgwYjVDRW5NUDlLMjI3JTJCelkxUDNJNWxpMVRlSkZYb2ozenllNjZBRkxUZjFaaUtIYU1NNzQzUGRmSVhuRmVIb0FiNDBaSmpVZkVlVldOSEZVQTZlRlJVS3NsYTJaVE8wakxLcjN6MTkxZHBJdm5aMVklMkJ4eWJPejRiYXU2NnRZZ0ElM0QlM0Q
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-03T03%3A31%3A48%22%7D
.openx.net/ Name: pd
Value: v2|1698982308|gen0vNvQiygu
.ads.stickyadstv.com/ Name: UID
Value: f760eaecca5c15e14c19884ac265e43
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
.servenobid.com/ Name: pid_339
Value: y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
.servenobid.com/ Name: pid_312
Value: 8387421531271171339
.servenobid.com/ Name: pid_337
Value: y-HdepPplE2uH1x8nPaEm_aDBgAVfxcRnLWTdg3mw-~A
.acuityplatform.com/ Name: auid
Value: 847953322030
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBRWRnSliKmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVkZ0pYio90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.servenobid.com/ Name: pid_324
Value: 5108559730638919969
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_333
Value: ZURpotJ3N8GOWqBdq_1wawAADNYAAAAB
.smartadserver.com/ Name: pid
Value: 4966780828212204348
.gumgum.com/ Name: vst
Value: e_97a6e4bc-4314-416b-ac2d-ef89fbcf4a5a
.servenobid.com/ Name: pid_310
Value: Hl6TJGZHJ0yzGRhuS46cxQ5i
.servenobid.com/ Name: pid_353
Value: 0000EEA
.minutemedia-prebid.com/ Name: wrvUserID
Value: KV7pExa-kp_mm
.servenobid.com/ Name: pid_317
Value: 4966780828212204348
.servenobid.com/ Name: pid_309
Value: e_97a6e4bc-4314-416b-ac2d-ef89fbcf4a5a
.company-target.com/ Name: tuuid
Value: ecef4d28-1943-4539-a0c3-168d201e68f9
.company-target.com/ Name: tuuid_lu
Value: 1698982308|ix:0
.quantserve.com/ Name: d
Value: EBQBIQGrKoEO-TCJiTCuu4EM-7EA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1WNsQ2AMAwEhURLRcEUQSS28zbbBCUMRElJSckYTEUHobzi7q6m89HUNNCkSjjbjxFZtx6cBMEjODOdHBdLTpGzW5MxA4uXUuZXiqOZJ5DufVUKJMef4z1UZ2F5AJi-MzGKAAAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2eu3:19e0~2eu3:198o~2eu3:175w~2eu3:18z8~2eu3"
.adsby.bidtheatre.com/ Name: __kuid
Value: 67cb4075-ffb4-4e91-9334-d0fd4afcc75d.468196308
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5252745e-4c37-4609-a16c-5af8a66ba38d-003%22%7D
.dotomi.com/ Name: DotomiTest
Value: 538fe287916615d4
.ctnsnet.com/ Name: cid
Value: 042ac4325401445fb06c8a2ae1f66575
.creativecdn.com/ Name: u
Value: mSVjJFhRnNs8jkO8TB8R
.creativecdn.com/ Name: ts
Value: 1698982308
.servenobid.com/ Name: pid_316
Value: 211703CA-977C-4652-B528-8CA341A71ECB
.contextweb.com/ Name: V
Value: Nxn7cZHThJQ9
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 8ad366fafda2e9f8
.servenobid.com/ Name: pid_348
Value: KV7pExa-kp_mm
.go.sonobi.com/ Name: __uis
Value: ec38c491-e39a-4422-aaad-afc439955c5d
.go.sonobi.com/ Name: HAPLB8G
Value: s86183|ZURpp
.yellowblue.io/ Name: wrvUserID
Value: kmNpEEt-kp_s
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a
.weborama.fr/ Name: AFFICHE_W
Value: zDZDiRJOAd-M89
.csync.loopme.me/ Name: viewer_token
Value: 91fda4c3-bcd4-4a26-8514-a9c83a30bee7
.adx.opera.com/ Name: UID
Value: OPU0b97f1088e334c6b8a402e93d5dc4d7c
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIar8rI55WeQMSDxqXAAAAAAA&KRTB&22713-AAAIar8rI55WeQMSDxqXAAAAAAA&KRTB&22715-AAAIar8rI55WeQMSDxqXAAAAAAA&KRTB&23519-AAAIar8rI55WeQMSDxqXAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8387421531271171339&KRTB&23339-8387421531271171339
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3376543238220108584&KRTB&23263-3376543238220108584&KRTB&23481-3376543238220108584
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8058251235013482105&KRTB&23150-8058251235013482105&KRTB&23527-8058251235013482105
.servenobid.com/ Name: pid_332
Value: ec38c491-e39a-4422-aaad-afc439955c5d
.mfadsrvr.com/ Name: tuuid
Value: 8915715d-48f3-4ed5-970b-5aab4494b7d6
.mfadsrvr.com/ Name: c
Value: 1698982308
.mfadsrvr.com/ Name: tuuid_lu
Value: 1698982308
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECOE4s0LViCAirLFVm0wV6M&KRTB&23025-CAESECOE4s0LViCAirLFVm0wV6M&KRTB&23386-CAESECOE4s0LViCAirLFVm0wV6M
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-NlQOnTZYW5gtVw_INFkXz2QDDZEtBQydYVaFVpYU&KRTB&19420-NlQOnTZYW5gtVw_INFkXz2QDDZEtBQydYVaFVpYU&KRTB&22979-NlQOnTZYW5gtVw_INFkXz2QDDZEtBQydYVaFVpYU&KRTB&23403-NlQOnTZYW5gtVw_INFkXz2QDDZEtBQydYVaFVpYU
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559730638919969
.servenobid.com/ Name: pid_352
Value: kmNpEEt-kp_s
.de17a.com/ Name: guid
Value: 1.6072955426991292825
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7297073436466217318&KRTB&23369-7297073436466217318
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU0b97f1088e334c6b8a402e93d5dc4d7c&KRTB&23485-OPU0b97f1088e334c6b8a402e93d5dc4d7c&KRTB&23524-OPU0b97f1088e334c6b8a402e93d5dc4d7c
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-_npTEel5WHNtX_XPbHsnNLnDR9w&KRTB&23334-_npTEel5WHNtX_XPbHsnNLnDR9w&KRTB&23417-_npTEel5WHNtX_XPbHsnNLnDR9w&KRTB&23426-_npTEel5WHNtX_XPbHsnNLnDR9w
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nry|7dN.0.AAFHl07KiNMAABhuIJw3Pw|7bq.0.1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZURppAAAAS89AQBi
ads.playground.xyz/ Name: connect.sid
Value: s%3AW-twcwkUlwK7MkzIosQwvc4XUS7SMF48.EZgYZshxf6pnRjCr4RafKCmiPN5h21meCn0t3%2FxzSys
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: d4a007d921c50dd2599a1ed6d683cd07
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6072955426991292825
.smartadserver.com/ Name: csync
Value: 127:AAFHl07KiNMAABhuIJw3Pw|134:OB_OK
.richaudience.com/ Name: pdid
Value: 29f45b7e-e596-406a-ae1d-1zz1698982293
.sitescout.com/ Name: ssi
Value: 908ce486-5d77-4dc1-9066-528fac85c320#1698982309150
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFHl07KiNMAABhuIJw3Pw
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo9su2bO5MWFRwWzGvB5zjFz6IwaRerIshX+13DaoJuaGZhCjmEipHqc7rCz2U4vJ0hVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5ODk4MjMwOTIzNX0
.servenobid.com/ Name: pid_323
Value: LOI274NW-5-C2CF
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-908ce486-5d77-4dc1-9066-528fac85c320-654469a5-4348&KRTB&23418-908ce486-5d77-4dc1-9066-528fac85c320-654469a5-4348
.audrte.com/ Name: arcki2
Value: 2ia7X4--F5kRo2KKmMzzAWAbA!20220908!1698982309230!ip#185.195.71.220
.audrte.com/ Name: arcki2_pubmatic
Value: 211703CA-977C-4652-B528-8CA341A71ECB!20220908!1698982309233
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1698982309
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.us.ck-ie.com/ Name: CID
Value: c3faed346e4290a7c0b1a078d9a3bae62984e507
.betweendigital.com/ Name: tuuid
Value: df202a8c-68d3-5333-b97e-b57edc3adcdb
.betweendigital.com/ Name: ut
Value: ZURppQAGCuC3oTeSz5lsQrThJIJlkM04KGnzxw==
.addthis.com/ Name: na_tc
Value: Y
.smilewanted.com/ Name: sw_user_params_infos
Value: IZBjTQld%2Bl6hFRGkN5oyQELqm5MuYSnfqxXxtG2smeVQabkh1sjVpxk7E6z40n3Kh3pBpJuAgVMiFVxRclfXoLli0zjop4vU1T4o%2Faetsxzq1GL%2BR4CxGeVl%2BFcQfRtppcpQ4gocZSCxNUl%2BdS9b1F5mfLcbsG%2BNQu2foMdhlm1V9FFUgGWhpPjLN%2FM6QW7u7IPMQ%2B41B13ojGKkaf8zNLnE3etTpKuY9L2Nmks8VR2TrYAVAzKaaedU%2BNpN2CjZSs%2FQRTSUpfqlf341aJlaykU90X%2BMX7amsmAm1kV%2B8HqGMs79SAJiOqX4e1cbeV0LedDQ30E5gtIJDHbcL7ZxclUTTNk37L%2Bg9ZvV5nabkm1Fw5GUGqRrk23q3Xsg20jq6JNulQgUDL5Qr5oXvDZOPg%3D%3D
.richaudience.com/ Name: avcid-bsw-uid
Value: cb955613-9d69-4dd4-b968-162f8faff42d
.socdm.com/ Name: SOC
Value: ZURppcCo8YAAADNoPvcAAAAA
.audrte.com/ Name: arcki2_ddp2
Value: 2ia7X4--F5kRo2KKmMzzAWAbA!20220908!1698982309534
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.addthis.com/ Name: na_id
Value: 2023110303314900041712424619
.addthis.com/ Name: uid
Value: 654469a5d002ebe7
.addthis.com/ Name: ouid
Value: 654469a500014ad97c85365967664ba939d3b9443477078d41f9
.audrte.com/ Name: arcki2_adform
Value: 3376543238220108584!20220908!1698982309711
.pubmatic.com/ Name: SPugT
Value: 1698982310
.servenobid.com/ Name: pid_321
Value: RX-5252745e-4c37-4609-a16c-5af8a66ba38d-003
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 162412:4
.pubmatic.com/ Name: DPSync3
Value: 1700179200%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1699833600%3A63%7C1699574400%3A2_223_15%7C1704153600%3A69%7C1700265600%3A35%7C1701561600%3A203%7C1700179200%3A55_264_54_21_238_251_22_165_249_204_13_234_3_7_214_196_46_254_81_99_8_56_88_161_233_220_71_166_176_243
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5252745e-4c37-4609-a16c-5af8a66ba38d-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.zeotap.com/ Name: zc
Value: 56e4a8c1-c129-4552-5ccd-a3485e678d14
.semasio.net/ Name: SEUNCY
Value: E0E4882452B2AE7
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.onaudience.com/ Name: cookie
Value: bf3e4508e35ac5d4
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-HHt10NrrgXXWXSVbhUgWjQaT
.pubmatic.com/ Name: PugT
Value: 1698982311
.tribalfusion.com/ Name: ANON_ID
Value: aRntuJPME7eQmKvCjWxraUfel3cjrbiCWAMpXZduObdmsn718BT09YH0D1edW8hNpEAJZdju9YqQPF5mDsD8qjlgjJ

41 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202309/e838760d93634fd39079c2d02aca3812.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/eb0dd34db8f8da35617bd059c083c07a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7b10cfab292c61e6b3332aebee609258.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/7cefc464e08273eed27ad48e006b7d51.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/602c580e5c71d2d48730120e1d066911.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ec760afede175b908c66d7a23f536a13.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/6941a7c30f9890ff3ac77ed62e3be4f9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202203/bf0bd0a3224be1556d235615c6f4b8eb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://static.bg3.co/imgs/202105/f3e10b17f2099b2fb3993f2d2cf4d3f3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a6e955739f4ceb18bc4fe7aff5445b19.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/716a8b26f5f4a717194bbc634351e24a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/db574accd4ff1191d03e6a7a313a39c3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/c4b0967be0cb1480787e23da643c0bfa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7daf1b3a7b3f55b829a512ecf4754500.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/212a6fc9abbd079779aea6dd1507566a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202202/7b58ebc00d362fb0a865e3f0a7d9e904.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/e3bb0af7acd30ecf5c89f0498d9ed5f4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/7747d5432921b197af15029a8c4f689e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/14623bc592ed903d9c2a68f0b345f4d1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/d40d312bd25803747de43783de8c13cb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/2d77c30ecedf7d1362e4b9606f2ae8c6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/07789ce018534e0299dfe9b54b201f78.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/33633daba608636eca473e1ec79e78e4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/206fbc8b035190311bd833d95b7c4bae.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0fd93f18624ee9cc7090cbd8d17e256e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/2464d1cfabd9a91ef170608a6759ce32.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/83b2bb0817719b78dc3ebb4a30949d86.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/42753/L2Evc2hlbi1tb3UteXVhbi1sdS1yYW5nLWJ1LWRhbmctZGFuZy1jaGFuLWd1by1jaHUtc2hlbi13YW5nLXphbi1jaGVuLXFpLW1haS15b3UtcWktbWFpLXlvdS1rZS1haS5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://capi.connatix.com/us/pixel?puid=LOI274NW-5-C2CF&pId=11&gdpr=&gdpr_consent=&us_privacy=
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other warning URL: https://mediaintelligence.de/trck/ehtml/449f5b35d42da36136c4a7bb695acef1?tp=onetag
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9zaGVuLW1vdS15dWFuLWx1LXJhbmctYnUtZGFuZy1kYW5nLWNoYW4tZ3VvLWNodS1zaGVuLXdhbmctemFuLWNoZW4tcWktbWFpLXlvdS1xaS1tYWkteW91LWtlLWFpLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS02ZWQyNjgxNC0wNjc5LTQzNTQtOTU5Ni03MTk0ODBjZTJmMTAiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYTRmNzU1ODUtZGViZC00NTJmLTlmZGQtMWI5MDkxZjJiMGQ3IiwidGltZU9mQXVjdGlvbiI6MTY5ODk4MjMwNDg1OSwiYmlkcyI6W3siY3BtIjowLjAzLCJhZElkIjoiNzYxYjQzNmIyZjMyNWE4Iiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDAzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTI4M30seyJjcG0iOjAuMDIxOTIxLCJhZElkIjoiNzhjZWZkZmE4YjhmOTk3Iiwib3JpZ2luYWxDcG0iOjAuMDIxOTIxLCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDIxOTIxLCJmb3JtYXRUeXBlIjoibmF0aXZlIiwicmVzcG9uc2VUaW1lIjo0MjEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzE1fSx7ImNwbSI6MC4wMywiYWRJZCI6IjgxMGE2YWVlYzI3MGM3OCIsIm9yaWdpbmFsQ3BtIjowLjAzLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NDksInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzE4fSx7ImNwbSI6MC4wMiwiYWRJZCI6Ijg0YTlhYWVmYTlkZTQ2ZSIsIm9yaWdpbmFsQ3BtIjowLjAyLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ1MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMTl9LHsiY3BtIjowLjAyLCJhZElkIjoiODVkOGRiYmI1ZDE1Y2UzIiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDUxLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTMyMH0seyJjcG0iOjAuMDIsImFkSWQiOiI4Njg3ZDQ0MWVkNGE1YjIiLCJvcmlnaW5hbENwbSI6MC4wMiwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NTEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzIwfSx7ImNwbSI6MC4wMjkxNDY1MDAwMDAwMDAwMDIsImFkSWQiOiI5MDNkMDBjNmNkYzFmMzciLCJvcmlnaW5hbENwbSI6MC4wMzQyOSwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDI5MTQ2NTAwMDAwMDAwMDAzLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MzQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzI0fSx7ImNwbSI6MC4wMzI3OTUzOTQ0NDk5OTk5OTQsImFkSWQiOiI5MWNmMmM0YTU5NGM5ZWMiLCJvcmlnaW5hbENwbSI6MC4wMzI3OTUzOTQ0NDk5OTk5OTQsImJpZGRlciI6Im9uZXRhZyIsInJldmVudWUiOjAuMDAwMDMyNzk1Mzk0NDQ5OTk5OTkzLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MzgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MzI2fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6Im9uZXRhZyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiOTFjZjJjNGE1OTRjOWVjIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAzMjc5NTM5NDQ0OTk5OTk5M30seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYTRmNzU1ODUtZGViZC00NTJmLTlmZGQtMWI5MDkxZjJiMGQ3IiwidGltZU9mQXVjdGlvbiI6MTY5ODk4MjMwNDg1OSwiYmlkcyI6W3siY3BtIjowLjA1LCJhZElkIjoiNzVjODVjZjEyZDQzOTU0Iiwib3JpZ2luYWxDcG0iOjAuMDUsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MDEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTgyMzA1MjgxfSx7ImNwbSI6MC4wMjM1MTYsImFkSWQiOiI3N2IwZDY2MmU0ODU3ZTQiLCJvcmlnaW5hbENwbSI6MC4wMjM1MTYsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAwMjM1MTYsImZvcm1hdFR5cGUiOiJuYXRpdmUiLCJyZXNwb25zZVRpbWUiOjQyMCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMTR9LHsiY3BtIjowLjAzLCJhZElkIjoiODJhMmJlN2FhNGJjZGFiIiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ1MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMTl9LHsiY3BtIjowLjAzLCJhZElkIjoiODNkZmZiODhlZTVlOTE5Iiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ1MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMTl9LHsiY3BtIjowLjAyLCJhZElkIjoiODc0NTUyZDIzNGJhMGU0Iiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDUyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTMyMX0seyJjcG0iOjAuMDIsImFkSWQiOiI4ODg1NmFhMDhmZDhhNCIsIm9yaWdpbmFsQ3BtIjowLjAyLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ1MiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg5ODIzMDUzMjF9LHsiY3BtIjowLjAyLCJhZElkIjoiODlkZThhYjIzZDY1NDE3Iiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDUyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTMyMX0seyJjcG0iOjAuMDMyNzk1Mzk0NDQ5OTk5OTk0LCJhZElkIjoiOTJjNTA3NjY2ZTU3MjdiIiwib3JpZ2luYWxDcG0iOjAuMDMyNzk1Mzk0NDQ5OTk5OTk0LCJiaWRkZXIiOiJvbmV0YWciLCJyZXZlbnVlIjowLjAwMDAzMjc5NTM5NDQ0OTk5OTk5MywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDM4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODk4MjMwNTMyNn1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJydWJpY29uIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NWM4NWNmMTJkNDM5NTQiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDV9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=3406.199996948242
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:67cb4075-ffb4-4e91-9334-d0fd4afcc75d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cb955613-9d69-4dd4-b968-162f8faff42d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=#US_PRIVACY
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A62F7EF8261B48ABA7DBE4F1B653282E&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhMMMTRbMaahURSSS&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

69be34fe654769228626d28f7f45bd7e.safeframe.googlesyndication.com
a.audrte.com
a.gsitrix.com
a.teads.tv
a.tribalfusion.com
a5156.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.smartstream.tv
ads.stickyadstv.com
ads.yieldmo.com
an.yandex.ru
ap.lijit.com
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bada53f148ccbc895dc271a680dea39c.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
c21lg-d.media.net
capi.connatix.com
casale-match.dotomi.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.socket.io
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
contextual.media.net
cookiesync.api.bliink.io
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d.adroll.com
d.turn.com
d5p.de17a.com
data.mediaintelligence.de
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal90004.redintelligence.net
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imagesrv.adition.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
live.rezync.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mediaintelligence.de
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pro.ip-api.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
socket.unibots.in
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
stas.outbrain.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
trace.mediago.io
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
unibots.b-cdn.net
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
visitor.omnitagjs.com
vjs.zencdn.net
widgets.outbrain.com
www.awin1.com
www.bg3.co
www.conrad.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
x.dlx.addthis.com
ad.mrtnsvr.com
ads.avct.cloud
cm-supply-web.gammaplatform.com
e3.adpushup.com
static.bg3.co
103.231.174.251
104.20.219.77
104.22.68.131
124.146.153.162
13.230.249.13
13.32.27.7
13.32.27.83
130.211.44.5
138.201.63.116
141.226.224.32
141.94.171.213
141.95.171.139
142.250.185.130
145.40.97.67
15.235.15.221
151.101.2.49
151.101.65.44
152.199.21.70
154.59.122.79
162.19.138.119
162.210.196.208
162.55.233.29
169.197.150.8
172.104.206.52
172.64.146.152
172.64.149.180
172.64.151.101
178.250.1.9
18.158.152.62
18.196.68.59
18.66.97.112
184.30.17.67
184.30.20.22
184.30.21.51
184.30.24.22
185.106.33.48
185.184.8.90
185.29.132.245
185.64.190.81
185.64.191.210
185.86.139.94
185.89.210.90
192.96.203.13
193.0.160.131
193.135.9.126
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.205
2.16.241.18
2001:4860:4802:32::36
208.93.169.131
213.155.156.166
213.227.153.223
216.52.2.30
217.79.188.21
217.79.188.46
217.79.188.59
23.210.125.176
23.212.88.20
23.32.184.180
23.32.184.192
23.32.185.35
23.37.63.179
23.88.86.2
23.97.225.52
2400:52e0:1e00::1078:1
2400:52e0:1e00::722:1
2400:52e0:1e00::865:1
2404:6800:4016:802::2003
2600:1f18:24e6:b902:883a:48dc:4b0f:3957
2600:1f18:612b:4280:43c0:214f:6eb7:4a47
2600:9000:2057:7a00:1f:4c18:bd40:93a1
2600:9000:223c:2600:6:44e3:f8c0:93a1
2600:9000:2251:cc00:1a:5235:f980:93a1
2602:803:c003:200::61
2606:4700:10::ac43:db6
2606:4700:20::681a:467
2606:4700:20::ac43:4a81
2606:4700::6810:5914
2606:4700::6812:18ad
2606:4700::6812:bae0
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:480:9::210:ee0e
2a02:26f0:7100::213:c699
2a02:6b8::90
2a02:fa8:8806:12::1400
2a04:4e42:600::300
2a04:4e42:600::729
2a04:4e42::649
2a05:d018:cc3:fe05:bd10:7de8:ea54:baf7
2a05:d018:d29:3601:1dfc:1fae:3d75:f146
3.126.125.13
3.126.189.136
3.211.39.212
3.33.220.150
3.66.134.167
3.71.149.231
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.241.138.233
34.241.26.2
34.247.233.198
34.96.71.22
35.157.200.246
35.186.193.173
35.204.158.49
35.205.65.172
35.208.249.213
35.214.247.30
35.227.252.103
35.244.159.8
35.244.174.68
37.157.2.247
37.157.6.233
37.157.6.254
44.196.2.18
44.215.36.255
46.105.200.240
46.228.164.11
46.228.164.13
46.228.174.117
46.4.10.49
50.31.142.159
51.195.61.120
51.77.64.70
51.89.9.252
52.21.198.14
52.210.8.58
52.213.196.228
52.46.151.131
52.5.225.174
52.50.105.105
52.95.118.179
54.158.12.183
54.72.49.103
54.77.197.204
54.83.246.219
63.251.14.14
63.34.177.0
64.202.112.255
64.227.64.62
69.166.1.67
69.173.144.137
69.173.144.165
69.192.160.219
72.251.241.206
76.223.111.18
77.243.51.121
77.245.57.72
8.2.108.175
8.43.72.97
80.77.87.161
82.145.213.8
85.114.159.118
85.195.93.95
85.91.45.70
88.221.110.96
88.99.69.161
89.163.142.91
95.101.149.233
96.46.183.20
98.98.134.243
00902e76286f07982a371a753d9f0ab4970bdeb263f00b361f1c7dd8126594b9
0237aee8bb3dae5aca75f9ca754657eb9316ffb44c6101afbc370910c284e21c
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
02aef444d225d88a60f9bbb70f190757efd61304171291003c73df554bfadcce
02ba78c0231b2b63196b67715fad60c4e09d1e2f5074408b1ad856d59be305d8
0320b8bc1125b63bd06db4e0d7864bd29f6dad6096cc9432cec0522e2ae49997
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
063c5ad5f7a9841baa04c6d1be02e2dc899de5d9cfc244160870bdced679e637
06eca77911c52c8c51c81166043013d81d67efa2dba421d5d5a0db7f9b9da880
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0821b83864782329906749de2530edc53e21de45cbf7a27bb58dce5129586211
082da8d20ae0f8d1198c2975e3bff3cd785f9d26d0eac584c7f2bafea4bae4f3
096562b6054ffa5454a2c4bd33f23e0c8f669b6a2c2c9b1bbd81580e38d3165a
0a1e8eedc94c0cedc3c62afbd806bbc36b5863094f2fb961d4855cd53a7ec407
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
106094bb32d91e6cd43c2093eb478d23b78dc005303eb0209463fa48df83310a
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b
166c42a322eda48a1e0be2c9c71a28f66c325d3e4cb08e77bed5c89e14838b4e
17ec579fcc54760dc311b0a6b284495059ee0067cabf38b8f623fbc563b80d33
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
19442eeceb09ba614ca6ee07b22598363b9c03109682cb01f27aec8a54f8730b
1976b2ad90c95b61cd1a449f6992d2c2908f337a462d2015f1c77aabded22705
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1a05961613fa41eb7e55ca925eeccc8cb78fe2ead75b8c914bdf7e91ea742c5d
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1d8b5ed751d2424749a4258b5bebbfd102f17eb5963753273992c9da45b1efa1
1e5df99d3e015062a7058dfd74a6b9bf3b31355e95a05c8d3899d192fb8721f3
1e815f23b6a174d8f3c92d50e9f197863173672f667bff4a9bd5a12b8ece50dc
1e8afb5d5667af5e320122e0e058a49f069094824cee38ce65f21f39b8268ac4
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f73ca3ca5aa08959a088d050b97134eaf9384499c9e354bc69b237404b03026
1f8e7b593e3734119dba2dc2e1c9ead191d3dedbb87c6eb4e1d652ceb088f30b
1fa76dabfb80391bbef3320798c5982c564ef0928a5edcecfe2f3127332f27b2
1fe99d2615002ac44eed7734e4a67473ebd2a0d4f85b871923019ea5fbd5076b
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
207b5d5af193855b0b3c7068a3ec3f7b4a0594f18eec78d7a9c5a2f79c51b4ec
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720
23106e7c3c425ac991acdeb26c55eced3a41e8e439c65f794ef3fac7b1a5fe1a
244934ae3983ba2a85c97ad273c72cf25cca404bb1e57ec3b9fe52106a95b59d
24f060023333a658168ef0d059edccac7f9bcf6390724e841147a1b50fa5ed96
251f042187fdf6088f397ad7858a36859dfd7ab8fc1350cd1ff8ce84e5ffea7a
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2849822cf4e301f243ffaa9d75ef79c1d11ff1dd58c3929c7f6c9a8b9d6c88b5
284ebd9fef1a9f687a60c653c45b096df580ee4629c94ee642dbb2c0ae1d7f49
2a1d99c91471524a71612ba09aaf2582a5282e85469016bc480c55b9dcff6a4b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d1736c293387569e3edefcd73b690ca8bf5eae8f31790d0ab528da634b80ca8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
309a1ec040b90186e8bd76ea73eda64f7aff0eaf326d0c28546699993d0bd3dd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3747e29d91ed5c62dfdc5cb7b81a2e326fc7e4b913182ece229d1728c111bba1
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249
39716c8099c69520cfe67f906836158ecc28a7f12e838298a04c083dd5537de6
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e6aeabdce7243d4ade8d7b6507b117108fac1442ec26c73c15a07b2e9b0fa43
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec56a59720aa3fd5e33aa1605a8ad4b937c395b5b937c0ad42774f1be652e9b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
438eac9d3f8eabcd1fc9585819263fc5b6e393e9772ca54266c435b5ed287306
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a53e09ad6266849dbf0bf81d670e933c4072f6bca2961bfb97e7ec2570a4f4
44c00976c63c0b191533208779d395c6da10e28b38b909e2bfe3656c8f01bd63
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
46f52ab934281d42dcb5d5d138a989a5ccb8634823a74e2b8fc9e1b129d4d775
471550ed7025e2abacc6b0cf8aafb152a479d00674d64561b109bbbd22abc469
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
491084d822ce22e4c60b29f8226b3655afb7406709e7db51aae0421256464562
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e31d5374b27ceebc38e40109e2e69aead432b5ff8764167464fe727a748f2
4bd2ee3635819252168074e3794d73fd2889b54b457e8d31d98cbab3e62b4cc5
4c9169b48ae3a92bb08e40190308a42039a56af231f5c14458e4287e9bfb277a
4d5f2d6e22d3ae659a498f7ba6c45f01556a8b02d3b10b25c07d6f7ca75e8e48
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d
4eaebe517808424ce52a9626a6b2f37c7246c5aacd2265e6c98076552515c21c
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
57a78e81c705bafd323bfdfd88e00fb2c448120e53af8bcd87bda687f6debb69
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5b4af2a5de789f1351628e0970d30000303eab0079b80c055231d00c3e019541
5cca611b1c389d58946836ca0bb7fa9a0d0268ebd1f80f9c00406c7646a845a5
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6284df0f00bd4a37b7e380df638c5c0457a83d28a52001baab667eaecfe17f31
62d55b047e0926b5d4e8a17cc75caa218394d459dd6b1a14530c9ebb0cd9992c
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
63e5308ad4df69f4389142b81c35a933698ba191640b7bb50debf737b07c4ec0
66168fa5f89845f41a2b9a483a19d5c8602bc732b19f8554f83c55494a0722fa
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
67db2b0c3deefc3f84f7ceaad4268e56b2220f2486c54c7b5ef34dab9f6f15b4
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
691f71808a5a10f5e6461831e6ee82292ad18c5d315d2f64b5c51f5da9d364f0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a95d4851a5a62a11b45ae1cf35084a8de588490142485963952ae68a61ed290
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
72e314452d2ce42e199ea761b1fcce05c12817f36ebcd868801a51dc1fd284fb
75142c35f7c00a41c4f722667770f7eda135d815f970b5e6be8de87095ea12f3
763cf512a1a61c6db5b0797ae644b5dd9e2757c5ae1daeb8eb81645d3a58f24c
76d0d15688f66a6512490a49ed6d0189d568c6c7c421c1b648aa06173cac3300
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77f8456ea95eed1583cfd8890fbc36804b459738e1a882c2373e1fc6f90a361c
78165422bbfab7eb8f4fc7f811e5ab9a6f7fed8ce67a867c495db3ac4ee92fce
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
795b505a4aabc1b2835d0c9259362e39716d279bfdd2a4d389eec0927d6536f7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7aa6b6e9a3bb07a6e7a1b473023f32f86b2b8672e3af6ef299d980882cc859a6
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952
7c3d25759c8eb6dfc3edba338c12d57d166f86ea569aca2891f6fd690b8c4978
7c6595efd61181675033f0c4cbab7e40415b75dc4aedfa9a1fe6cd5d695eb8ff
7ed524681c8f26b8f77c73f83b736ffd170c3417ead94f4fad38f78c746fa98f
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54
84491922c43030c1587d93ab1a0a854b813be962993c1de1ab94d0559f9eaf6b
853bf1acd1d9fc7331edc0a23faa78f97eb8024129e035d59a5508167acd94db
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a597c061d02e5cc11d9fd527bcef7053ac283c02739cde759fabd42fec9dc98
8a87e831ad576606c49105170c49d0a6894aafff4ce59e03112bb13e2704e199
8be594a1ac8976341e76eecd3e185fe3856d47454102e5845275aba9610b9133
8cc039b3eb06f163b57045dca66e2d6143369dde0bb2d4615a4407a37e8e0b67
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903f3e48e49b21836bcd03e2636a90e04849493fe08efb777a183a571ba79a00
90b2e9eb7c4839e777c5a1fecd25d7253ac89a7be79a8281b280346b2871d0a1
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782
927dceade4bbf1aed6f20722a47bc6d45f976d560ea646948f3eeada6ea1a039
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92ac0b1526eb55321fd239e00c41850da2fea004f1285ad4e623efd62505035b
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
946cc4cebc2e776d4d50a7223139f2a9f1c483ff3756a9a5ce9b5739fcbad8ca
95d7c8acb16387c958294971ba667ee04057fe3fbe4293b6ea10a1d0e635ac4d
95e86399378b9e467acfe34931dea9f14faa138de134958575d14432830be4d3
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b50f2faefb05d6d3577b69243a26eee2b4e664402d8b4b57926d8b78cfd09c1
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c9cc2a537f72c0114b491a9c17fc05c7de6b38ad22f314376ca68d5bca37b0c
9d8513911853a46df44cb59ba3a5d4bff30d88dbafa1a040acb92f54974d5764
9df8c7ef5f36a7b12cab996ba25c8ac2498558bb64bc69588e4aa20c30548aea
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a19b3a770a433295ec7c946e9a2d4d263489be69ebab4d54aafb13ecd9d337b4
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a4022a5cf728cb77376280dead8b08f3d8bd307681563f227ad2cfd880217afe
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4e4719ed51405a4c87ab0ddb8d69620d9afaff97faa3a1040046fa2c272c988
a57c8746058a6883bf5ffd626a95bb8bb82957287e54eb3b6e75480c7bdb654f
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b
a8bb3b3f53002f26ddac2b30db0bd1851ba307fa7255b82c3ca423e03a87553f
a9970cd25be69eacc0338425d98f1ad6064c54fe4d51d5232108cb2d1e594abe
aa4b5ef71883340d967b61fc5306164dd24a6ae92b3c3438834a39fea1b61b54
ab9a2aa06c9954233dfa03111f9ba193dd70a6c2e889b317023b3be6e81ad572
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae8e897ab5cdad4df9514d0978ccdca9a75220a2099fcab931dfbcdcd2d7b893
aec17fe4c92b4c0a84e7805a9a694067191b7473f37bd05c83ec1eccd3ef9dad
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f092f6197eacc2363e809fd2dc07638f8a9859883130d144ca74903027b870
b20645d9889636b28396af7bb164384f9e4aae959d3c374465179f302079acdc
b4876cc5ecad6b8f19dfbae30f9117e73ccf6623f73ce2983dd983e4e4f270a6
b499758f19f8908ac7f96fcb014f53fc5ab0fb1b372828c83c9c0d4f76403bcc
b4fb4412d7c19507705d4e00cd20b6465381a15cd0f8f47f5334eea369c28854
b8772a132b701c01463cd2da89c0f05adc6a0d45824ae699de2e9abc043dba71
b8925b8da4673e60fab13ebe62382175d88c34f60cdc217e93b816fa4e020e15
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5fa5f53afd2af25112e83ffe0034e828f98cfbf0eb3ffa65091f62c118ba11
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd28563e5697baaad4af9ad150f0fbc91df7c7337d9ce5b2c1a4f42c38852f38
bd572090883bcc5dac1ee41b72ad36a3bda60eabcf3a8f4912d3860636640326
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f
c131b7d7074657a3c6b3c78070b555c08c806b6aa112b5eb079adfedf01285db
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c60cc76a2aaf1b481b52db3cd2850d24a9121a3e4217ad247dba7a67daed2450
c6321cefd9bbd7220eb910f67bbbe1961084487f50de40a089d8d5d8fabed249
c6d2c15417ece5810ab49b0733446e929b26927dbac35048bb190f2b66c7a31c
c993079438bd899967bf73351c33eef1f251f263e96cc44b3b8878eb3cb4b89a
c9ce49ef364cf2950aed5e50799ce8cc6ca3484f393d179a31dc7425957d549e
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
cb0ddd1c7207dd09e38de1312cfc2aedb825999d5acc2389f1828ea4c9ec7b79
cd68525cb11f60d8d7b537b314b24df440c3fbfdaf31e03d901d418f32e517ed
cee99bbb02727f60a13953bb2e143d789811fd300be17e2b2625a7def94d8fd2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf78f595b41917c38d6753af680fe5e46850a184686a4e635e31a1921915aa7a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d36158b2e7eb69b3e8b7105cf18dbfa247ba390c1397a966c613b7e6b9d1eee0
d4e867a01f5bb9bc9563b1ca370b4520f6f5c870698532ca27cb74bf50341ac0
d53061b329e42c194f8f1920384802008342fa76b98b474070594fd1d152d837
d71f15e40a332b01a051d53e8b0bbb334f02456038d71e42ca042a109f85089e
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
d825171ee049738384d39c60a6f320f7c0a8705d6e182ef85ce5aa6c408fb4d5
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87
dc60382f61ecc1fa0cf0f32bfc803a5cdefc6ea5f23c6a0744cd3ee0ccba08d6
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e015dd321227206b8c1493e33e09227b3bfee6d9612ac1ab49470f0ed81a2375
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
e6aa60e383a19f8563783ce016ff63568f23092f50550661c62803f167d9f80b
e85e099758968e12502438257864835ace171ce312c8bb951649b9ad8c95fc83
e8c14d322b8a2275cbd6c9a20feaff839a0d6464825eea56553d30784b457339
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
e91a25647d0ac40582377200ea42f12969ae4f73e8fb8d5ea15eb9d4169a54e6
e9ac667fef32ec5aa5255ef7652a24388454ecc9db17bd881454d7f1154e33f9
e9c19ed28bccaa4e32d36ec044a8b462e7cf210f304a7280940481491917adf4
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ed99cc78308db86bc3710306a5cb4bfa9578fd25a87601001d19333adf4c50cc
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
ef8dca515116a544cf53d6c82059863082b91c5f1e4faad65fcee9330f4305a5
efc473dcdcf62e562f384ba4112558f559de7b8c98646d74b8392bba18d8a1c8
f00526324216b6d91576e96796f825de7e1357a4f48061dcebfc6aef4f2f64b1
f0c0bd4f8fd46f4328b4386edce4f6333299ce8132c24a863e2432b7c9183bbe
f0ec5b202866c0dad1213b6bba6e7a3b7d39f9a4c54b03b9bc8f5117086d85f7
f16b2d3a72a7876cbffa77a40be8c62e73735aadb21faac54c95d9f89ea9d3ea
f4496f8f246742aae568bd46891841bdfe94e991b84a07854997c9eda7e49e5d
f5b2ced7185c7b94a61a5853c4ce29456b8df4ec575ecc1e8d1df31a11db7110
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8383a5be6d1a813f66622bf5428d3d3abe09cedb1141e6c69c48c9fadc8f381
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
f8bb8639edd91a776a5e10e695e0dd8eec12184d1628da243fc0ac866c705b0d
fc6e61951944cbabab5dec684167694291dce60fb81aa4c79cdb46b270764ea4
fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163
fd57b824842433d6ded041bbd6cad0bae15b9579213c1c8089663d6087086bc7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50c1a50cc8fc3493ed21f3cbf9fa572cce75af3baf98cb081bc6b5a0f61d22