urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Submission: On September 03 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 114 IPs in 15 countries across 107 domains to perform 672 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 142.250.186.129 15169 (GOOGLE)
7 12 192.96.203.13 30633 (LEASEWEB-...)
6 104.26.4.103 13335 (CLOUDFLAR...)
14 89.187.169.39 60068 (CDN77 ^_^)
2 2.16.202.106 20940 (AKAMAI-ASN1)
5 23.50.131.73 20940 (AKAMAI-ASN1)
51 151.101.193.44 54113 (FASTLY)
62 142.250.185.194 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
3 178.250.1.11 44788 (ASN-CRITE...)
20 185.106.33.48 200478 (TABOOLA-AS)
2 142.250.186.170 15169 (GOOGLE)
5 5 104.64.126.246 16625 (AKAMAI-AS)
14 23.218.210.30 16625 (AKAMAI-AS)
9 12 52.210.175.116 16509 (AMAZON-02)
22 3.33.220.150 16509 (AMAZON-02)
17 142.250.185.226 15169 (GOOGLE)
11 19 69.173.144.165 26667 (RUBICONPR...)
6 142.250.184.225 15169 (GOOGLE)
8 23.97.225.52 8075 (MICROSOFT...)
1 9 141.226.228.48 200478 (TABOOLA-AS)
2 142.250.181.234 15169 (GOOGLE)
4 8 3.71.149.231 16509 (AMAZON-02)
22 58 142.250.186.66 15169 (GOOGLE)
2 5 52.94.222.140 16509 (AMAZON-02)
2 9 52.46.128.147 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
3 151.101.65.44 54113 (FASTLY)
30 216.58.212.129 15169 (GOOGLE)
2 13.107.213.60 8075 (MICROSOFT...)
8 142.250.74.196 15169 (GOOGLE)
2 142.250.186.67 15169 (GOOGLE)
1 3 91.228.74.168 16509 (AMAZON-02)
1 104.16.89.20 13335 (CLOUDFLAR...)
1 95.101.149.35 16625 (AKAMAI-AS)
1 69.173.144.137 26667 (RUBICONPR...)
1 213.19.162.21 3356 (LEVEL3)
1 11 172.67.10.198 13335 (CLOUDFLAR...)
1 3 145.40.97.67 54825 (PACKET)
18 54.220.11.225 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
3 35.186.253.211 15169 (GOOGLE)
1 3.75.115.20 16509 (AMAZON-02)
1 178.250.1.8 44788 (ASN-CRITE...)
7 10 185.89.210.101 29990 (ASN-APPNEX)
8 29 51.89.9.252 16276 (OVH)
3 104.18.39.155 13335 (CLOUDFLAR...)
1 185.255.84.151 200271 (IGUANE-)
1 18.195.32.10 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
2 142.250.185.66 15169 (GOOGLE)
1 18.66.192.12 16509 (AMAZON-02)
1 172.64.102.25 13335 (CLOUDFLAR...)
6 9 18.196.122.173 16509 (AMAZON-02)
4 142.250.185.72 15169 (GOOGLE)
1 18.66.187.108 16509 (AMAZON-02)
4 216.239.34.36 15169 (GOOGLE)
2 3.233.155.245 14618 (AMAZON-AES)
13 172.67.74.129 13335 (CLOUDFLAR...)
1 213.19.162.37 26667 (RUBICONPR...)
1 217.79.188.11 24961 (MYLOC-AS ...)
2 217.79.188.46 24961 (MYLOC-AS ...)
8 22 185.80.39.216 27381 (CASALE-MEDIA)
1 172.217.16.195 15169 (GOOGLE)
1 1 91.210.226.74 48314 (IP-PROJECTS)
1 1 89.163.155.32 24961 (MYLOC-AS ...)
2 3 76.223.111.18 16509 (AMAZON-02)
1 104.18.38.76 13335 (CLOUDFLAR...)
1 95.101.148.20 16625 (AKAMAI-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
3 7 35.244.159.8 15169 (GOOGLE)
1 99.84.88.2 16509 (AMAZON-02)
2 2 154.59.122.79 174 (COGENT-174)
4 178.250.1.9 44788 (ASN-CRITE...)
6 7 37.157.5.133 198622 (ADFORM)
4 185.29.132.241 30419 (MEDIAMATH...)
2 4 69.173.144.139 26667 (RUBICONPR...)
2 4 185.86.138.154 201081 (SMARTADSE...)
4 35.244.174.68 15169 (GOOGLE)
4 6 185.64.190.79 62713 (AS-PUBMATIC)
1 144.76.104.53 24940 (HETZNER-AS)
2 5 216.52.2.91 32475 (SINGLEHOP...)
3 4 162.55.236.225 24940 (HETZNER-AS)
1 34.242.3.8 16509 (AMAZON-02)
2 3 185.86.138.152 201081 (SMARTADSE...)
3 23.35.236.201 16625 (AKAMAI-AS)
1 99.84.88.77 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 44.193.104.224 14618 (AMAZON-AES)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 1 69.166.1.34 27630 (AS-XFERNET)
4 52.58.1.69 16509 (AMAZON-02)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 1 8.2.110.24 46636 (NATCOWEB)
3 3 188.42.196.115 7979 (SERVERS-COM)
2 35.186.215.140 15169 (GOOGLE)
2 2 8.2.110.114 46636 (NATCOWEB)
1 2 37.157.4.28 198622 (ADFORM)
2 2 23.50.131.87 20940 (AKAMAI-ASN1)
2 2 54.155.69.215 16509 (AMAZON-02)
1 2 178.63.52.121 24940 (HETZNER-AS)
2 217.79.188.21 24961 (MYLOC-AS ...)
1 172.105.43.230 63949 (AKAMAI-LI...)
2 2 46.228.164.11 56396 (AMOBEE)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 162.210.196.208 30633 (LEASEWEB-...)
1 3 80.77.87.166 46636 (NATCOWEB)
1 2 185.86.139.93 201081 (SMARTADSE...)
12 52.210.15.1 16509 (AMAZON-02)
2 2 35.210.239.72 15169 (GOOGLE)
1 1 54.158.197.157 14618 (AMAZON-AES)
1 1 52.205.57.26 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
2 3 151.101.2.49 54113 (FASTLY)
1 1 124.146.215.49 2514 (INFOSPHER...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 54.247.40.125 16509 (AMAZON-02)
9 54.229.162.154 16509 (AMAZON-02)
1 2 18.203.189.31 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 54.147.123.103 14618 (AMAZON-AES)
2 185.64.190.80 62713 (AS-PUBMATIC)
1 35.204.158.49 396982 (GOOGLE-CL...)
1 142.250.184.230 15169 (GOOGLE)
1 13.42.176.194 16509 (AMAZON-02)
1 87.248.119.252 203220 (YAHOO-DEB)
1 104.22.25.87 13335 (CLOUDFLAR...)
1 142.250.186.130 15169 (GOOGLE)
1 198.47.127.20 3257 (GTT-BACKB...)
1 34.227.156.9 ()
672 114
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
11    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
cdn.ampproject.org
12    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
6    104.26.4.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
14    89.187.169.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 89-187-169-39.bunnyinfra.net
cdn.unibotscdn.com
2    2.16.202.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-106.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    23.50.131.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-73.deploy.static.akamaitechnologies.com
cdn.adpushup.com
51    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
62    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
3    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
20    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
2    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
imasdk.googleapis.com
5    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
14    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
12    52.210.175.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-175-116.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
22    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
17    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
19    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
6    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
68baba596ce3cfbef586a77a9bbbe291.safeframe.googlesyndication.com
9ba66d73ea74420f78a9d775a11d2e08.safeframe.googlesyndication.com
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
0cb707e3fdfe11d8962056daef24dda2.safeframe.googlesyndication.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
2    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
8    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
58    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
www.googletagservices.com
5    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
9    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
30    216.58.212.129 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f1.1e100.net
tpc.googlesyndication.com
2    13.107.213.60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
8    142.250.74.196 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net
www.google.com
2    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
d-27904427312725089125.ampproject.net
fonts.gstatic.com
3    91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
cms.quantserve.com
pixel.quantserve.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    213.19.162.21 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
11    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
3    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
18    54.220.11.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    3.75.115.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-115-20.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
10    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
29    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
3    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    18.195.32.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-32-10.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
1    18.66.192.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-12.muc50.r.cloudfront.net
adx.holmesmind.com
1    172.64.102.25 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
9    18.196.122.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-122-173.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
1    18.66.187.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-187-108.muc50.r.cloudfront.net
cdn.prod.uidapi.com
4    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    3.233.155.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-155-245.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
13    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
1    213.19.162.37 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
2    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
22    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
www.gstatic.com
1    91.210.226.74 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    89.163.155.32 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm50.as.net
cm.adsafety.net
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
1    99.84.88.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-2.muc50.r.cloudfront.net
public.servenobid.com
2    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
4    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
6    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal9000.redintelligence.net
5    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
4    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
1    34.242.3.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-3-8.eu-west-1.compute.amazonaws.com
g2.gumgum.com
3    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    99.84.88.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-77.muc50.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    44.193.104.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-104-224.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    52.58.1.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-1-69.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
3    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
2    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
dmp.adform.net
2    23.50.131.87 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-87.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    54.155.69.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-69-215.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de
hal900020.redintelligence.net
2    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
1    172.105.43.230 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-43-230.ip.linodeusercontent.com
newsbot.unibots.in
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    162.210.196.208 (Fairfax, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
agent.aralego.com
3    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
12    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    54.158.197.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-197-157.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.205.57.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-57-26.compute-1.amazonaws.com
sync.ipredictive.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    124.146.215.49 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    54.247.40.125 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
9    54.229.162.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
cs.minutemedia-prebid.com
2    18.203.189.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-189-31.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    54.147.123.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-123-103.compute-1.amazonaws.com
a.audrte.com
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
s0.2mdn.net
1    13.42.176.194 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-176-194.eu-west-2.compute.amazonaws.com
track.webgains.com
1    87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com
s.yimg.com
1    104.22.25.87 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pubads.g.doubleclick.net
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
1    34.227.156.9 (None, )

ASN- ()
ioms.bfmio.com
Apex Domain
Subdomains		 Transfer
98 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
68baba596ce3cfbef586a77a9bbbe291.safeframe.googlesyndication.com
9ba66d73ea74420f78a9d775a11d2e08.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
0cb707e3fdfe11d8962056daef24dda2.safeframe.googlesyndication.com
874 KB
84 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 919
trc.taboola.com — Cisco Umbrella Rank: 614
vidstat.taboola.com — Cisco Umbrella Rank: 2542
il-trc-events.taboola.com — Cisco Umbrella Rank: 20471
images.taboola.com — Cisco Umbrella Rank: 1780
imprammp.taboola.com — Cisco Umbrella Rank: 15906
am-match.taboola.com — Cisco Umbrella Rank: 16049
wf.taboola.com — Cisco Umbrella Rank: 2698
am-vid-events.taboola.com — Cisco Umbrella Rank: 14973
pips.taboola.com — Cisco Umbrella Rank: 1574
cds.taboola.com — Cisco Umbrella Rank: 1786
vidstatb.taboola.com — Cisco Umbrella Rank: 4450
sync.taboola.com — Cisco Umbrella Rank: 998
am-wf.taboola.com — Cisco Umbrella Rank: 17391
2 MB
71 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net Failed
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421 Failed
773 KB
46 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
eus.rubiconproject.com — Cisco Umbrella Rank: 593
token.rubiconproject.com — Cisco Umbrella Rank: 597
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811
fastlane.rubiconproject.com — Cisco Umbrella Rank: 510
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10495
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2179
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1110
104 KB
29 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
15 KB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 567
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
dsum.casalemedia.com Failed
19 KB
22 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
6 KB
20 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
ads.yap.yahoo.com Failed
geo.yahoo.com Failed
9 KB
19 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2295
public.servenobid.com — Cisco Umbrella Rank: 4549
11 KB
14 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 653
ads.pubmatic.com — Cisco Umbrella Rank: 513
image6.pubmatic.com — Cisco Umbrella Rank: 752
image2.pubmatic.com — Cisco Umbrella Rank: 895 Failed
simage2.pubmatic.com Failed
image4.pubmatic.com Failed
simage4.pubmatic.com — Cisco Umbrella Rank: 1267 Failed
35 KB
14 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
9 KB
14 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 32070
stream.unibotscdn.com Failed
320 KB
13 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
usersync.gumgum.com — Cisco Umbrella Rank: 1853
4 KB
13 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12393
as.ad4m.at — Cisco Umbrella Rank: 34772
assets.ad4m.at — Cisco Umbrella Rank: 44002
273 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15810
e3.adpushup.com — Cisco Umbrella Rank: 18406
281 KB
13 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 40826
sync.aralego.com — Cisco Umbrella Rank: 2723
agent.aralego.com — Cisco Umbrella Rank: 253055
7 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
acdn.adnxs.com — Cisco Umbrella Rank: 578
secure.adnxs.com — Cisco Umbrella Rank: 450
24 KB
11 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6591
csync.smilewanted.com — Cisco Umbrella Rank: 2812
static.smilewanted.com — Cisco Umbrella Rank: 11008
17 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 405
220 KB
10 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 4792
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 3806
6 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1078
x.bidswitch.net — Cisco Umbrella Rank: 342
20 KB
10 openx.net
rtb.openx.net — Cisco Umbrella Rank: 751
adpushup-d.openx.net — Cisco Umbrella Rank: 25350
us-u.openx.net — Cisco Umbrella Rank: 478
eu-u.openx.net — Cisco Umbrella Rank: 2529
u.openx.net — Cisco Umbrella Rank: 670
7 KB
9 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1578
ssbsync.smartadserver.com — Cisco Umbrella Rank: 777
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 682
3 KB
9 adform.net
c1.adform.net — Cisco Umbrella Rank: 591
cm.adform.net — Cisco Umbrella Rank: 1198
dmp.adform.net — Cisco Umbrella Rank: 3237
5 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
4 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
bidder.criteo.com — Cisco Umbrella Rank: 767
dis.criteo.com — Cisco Umbrella Rank: 596
2 KB
6 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15124
82 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 659
ce.lijit.com — Cisco Umbrella Rank: 857
2 KB
5 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 18530
ad4.adfarm1.adition.com — Cisco Umbrella Rank: 86836
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 76128
dsp.adfarm1.adition.com Failed
20 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
283 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2537
3 KB
4 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3059
cs.admanmedia.com — Cisco Umbrella Rank: 937
1 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 558
103 B
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1819
1 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 740
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1098
2 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2547
www.google-analytics.com Failed
404 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
265 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 583
eb2.3lift.com — Cisco Umbrella Rank: 388
1 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 488
fonts.googleapis.com — Cisco Umbrella Rank: 41
357 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 692
906 B
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1532
2 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2190
cs.yellowblue.io — Cisco Umbrella Rank: 2392
2 KB
3 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37964
hal900020.redintelligence.net — Cisco Umbrella Rank: 239596
9 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1307
contextual.media.net — Cisco Umbrella Rank: 666
hbx.media.net — Cisco Umbrella Rank: 1253
10 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 880
370 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1240
cms.quantserve.com — Cisco Umbrella Rank: 756
pixel.quantserve.com — Cisco Umbrella Rank: 928
10 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25640
498 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
857 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 570
701 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 551
2 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4628
913 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 834
850 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4270
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 537
1 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 2955
992 B
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 100847
20 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1278
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1556
2 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
49 KB
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9283
505 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1104
www.googleadservices.com Failed
915 B
2 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 900
9 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 733
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 28688
11 KB
1 bfmio.com
ioms.bfmio.com
486 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3146
439 B
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 624
30 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 49150
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
17 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 791
610 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1188
829 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1052
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 925
465 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 716
1 KB
1 unibots.in
newsbot.unibots.in — Cisco Umbrella Rank: 55380
693 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 929
623 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 812
735 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1651
160 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 21765
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 30737
823 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732
2 KB
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 25069
3 KB
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 877694
871 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4109
visitor.omnitagjs.com Failed
454 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1457
493 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
2 KB
1 ampproject.net
d-27904427312725089125.ampproject.net
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
649 B
1 bg3.co
www.bg3.co
static.bg3.co Failed
14 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 loopme.me Failed
csync.loopme.me Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 opera.com Failed
t.adx.opera.com Failed
0 awin1.com Failed
www.awin1.com Failed
0 liadm.com Failed
i6.liadm.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 bumlam.com Failed
sync.bumlam.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 quantcount.com Failed
rules.quantcount.com Failed
pixel.quantcount.com Failed
0 openxcdn.net Failed
oa.openxcdn.net Failed
0 criteo.net Failed
static.criteo.net Failed
0 id5-sync.com Failed
cdn.id5-sync.com Failed
672 107
Domain Requested by
62 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
www.googletagservices.com
imasdk.googleapis.com
43 cm.g.doubleclick.net 21 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
www.bg3.co
onetag-sys.com
adpushup-d.openx.net
g2.gumgum.com
30 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
pagead2.googlesyndication.com
29 onetag-sys.com 8 redirects cdn.adpushup.com
onetag-sys.com
csync.smilewanted.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
23 images.taboola.com www.bg3.co
22 match.adsrvr.org www.bg3.co
eus.rubiconproject.com
imprammp.taboola.com
am-match.taboola.com
googleads.g.doubleclick.net
cdn.adpushup.com
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
onetag-sys.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
20 il-trc-events.taboola.com www.bg3.co
cdn.taboola.com
18 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
onetag-sys.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
eus.rubiconproject.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
17 dsum-sec.casalemedia.com 7 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
17 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
agent.aralego.com
www.bg3.co
www.googletagservices.com
16 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
www.bg3.co
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
14 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
13 pixel.rubiconproject.com 7 redirects eus.rubiconproject.com
onetag-sys.com
12 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
12 pr-bh.ybp.yahoo.com 9 redirects imprammp.taboola.com
am-match.taboola.com
ads.pubmatic.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
9 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
onetag-sys.com
eus.rubiconproject.com
9 x.bidswitch.net 6 redirects am-match.taboola.com
onetag-sys.com
9 ib.adnxs.com 6 redirects cdn.adpushup.com
acdn.adnxs.com
9 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
onetag-sys.com
ssum-sec.casalemedia.com
8 csync.smilewanted.com 1 redirects cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
8 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
8 ups.analytics.yahoo.com 4 redirects imprammp.taboola.com
am-match.taboola.com
onetag-sys.com
8 e3.adpushup.com www.bg3.co
8 sync.aralego.com 6 redirects ads.aralego.com
7 c1.adform.net 6 redirects ads.pubmatic.com
6 assets.ad4m.at as.ad4m.at
6 image8.pubmatic.com 4 redirects onetag-sys.com
6 token.rubiconproject.com 4 redirects eus.rubiconproject.com
6 cdn.aralego.net www.bg3.co
ads.aralego.com
adx.holmesmind.com
agent.aralego.com
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 ad4m.at www.bg3.co
ad4m.at
ssum-sec.casalemedia.com
5 www.googletagservices.com googleads.g.doubleclick.net
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
5 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
adpushup-d.openx.net
ads.pubmatic.com
5 secure-assets.rubiconproject.com 5 redirects
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 trc.taboola.com cdn.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 match.sharethrough.com public.servenobid.com
csync.smilewanted.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 id.rlcdn.com onetag-sys.com
4 ssbsync-global.smartadserver.com 2 redirects onetag-sys.com
4 pixel-eu.rubiconproject.com 2 redirects onetag-sys.com
4 sync.mathtag.com onetag-sys.com
4 dis.criteo.com 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
ads.pubmatic.com
googleads.g.doubleclick.net
4 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
4 www.googletagmanager.com cdn.adpushup.com
cdn.ampproject.org
cdn.unibotscdn.com
www.googletagmanager.com
4 ads.aralego.com 1 redirects ads.aralego.com
agent.aralego.com
3 am-wf.taboola.com vidstat.taboola.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 cs.admanmedia.com 1 redirects ssbsync.smartadserver.com
g2.gumgum.com
3 us-u.openx.net 1 redirects adpushup-d.openx.net
3 ads.betweendigital.com 3 redirects
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 ap.lijit.com csync.smilewanted.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 htlb.casalemedia.com cdn.adpushup.com
3 rtb.openx.net cdn.adpushup.com
3 prebid.a-mo.net 1 redirects cdn.adpushup.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
2 as.ad4m.at ad4m.at
as.ad4m.at
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 image2.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
2 image6.pubmatic.com ads.pubmatic.com
2 ad.turn.com 2 redirects
2 ad2.adfarm1.adition.com ad4.adfarm1.adition.com
ad2.adfarm1.adition.com
2 hal900020.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900020.redintelligence.net
2 ads.avct.cloud 2 redirects
2 ads.stickyadstv.com 2 redirects
2 us.ck-ie.com 2 redirects
2 ad.sitemaji.com adx.holmesmind.com
securepubads.g.doubleclick.net
2 ce.lijit.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 ums.acuityplatform.com 2 redirects
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 ad4.adfarm1.adition.com 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
ad4.adfarm1.adition.com
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 sync.taboola.com 1 redirects am-match.taboola.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 prebid.smilewanted.com cdn.adpushup.com
2 www.clarity.ms www.bg3.co
www.clarity.ms
2 fonts.googleapis.com cdn.taboola.com
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 ioms.bfmio.com vidstat.taboola.com
1 mwzeom.zeotap.com public.servenobid.com
1 s.yimg.com ad.sitemaji.com
1 0cb707e3fdfe11d8962056daef24dda2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 simage4.pubmatic.com ads.pubmatic.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 pixel.quantserve.com www.bg3.co
1 track.webgains.com as.ad4m.at
1 s0.2mdn.net imasdk.googleapis.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 u.openx.net 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 cdn.indexww.com ssum-sec.casalemedia.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 secure.adnxs.com 1 redirects
1 agent.aralego.com 1 redirects
1 newsbot.unibots.in cdn.unibotscdn.com
1 eu-u.openx.net adpushup-d.openx.net
1 cms.quantserve.com 1 redirects
1 cm.adform.net csync.smilewanted.com
1 sync.admanmedia.com 1 redirects
1 hbx.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects public.servenobid.com
1 p.rfihub.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 hal9000.redintelligence.net googleads.g.doubleclick.net
1 static.smilewanted.com csync.smilewanted.com
1 fonts.gstatic.com fonts.googleapis.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 www.gstatic.com 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
1 imagesrv.adition.com 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
www.bg3.co
1 beacon-ams3.rubiconproject.com www.bg3.co
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 amp.analytics-debugger.com cdn.ampproject.org
1 adx.holmesmind.com pagead2.googlesyndication.com
1 vidstatb.taboola.com www.bg3.co
1 cds.taboola.com cdn.taboola.com
1 tlx.3lift.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 d-27904427312725089125.ampproject.net cdn.ampproject.org
1 pips.taboola.com cdn.taboola.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 imprammp.taboola.com vidstat.taboola.com
1 9ba66d73ea74420f78a9d775a11d2e08.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 68baba596ce3cfbef586a77a9bbbe291.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.bg3.co
0 geo.yahoo.com Failed adx.holmesmind.com
0 ads.yap.yahoo.com Failed s.yimg.com
0 csi.gstatic.com Failed imasdk.googleapis.com
0 match.adsby.bidtheatre.com Failed public.servenobid.com
0 pixel.onaudience.com Failed public.servenobid.com
0 uipglob.semasio.net Failed public.servenobid.com
0 csync.loopme.me Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ads.pubmatic.com
0 t.adx.opera.com Failed ads.pubmatic.com
0 dsp.adfarm1.adition.com Failed ads.pubmatic.com
0 pixel.quantcount.com Failed secure.quantserve.com
0 www.awin1.com Failed hal900020.redintelligence.net
googleads.g.doubleclick.net
as.ad4m.at
0 stream.unibotscdn.com Failed cdn.unibotscdn.com
0 image4.pubmatic.com Failed ads.pubmatic.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
public.servenobid.com
0 visitor.omnitagjs.com Failed cs-rtb.minutemedia-prebid.com
0 i6.liadm.com Failed ssum-sec.casalemedia.com
0 ad.360yield.com Failed g2.gumgum.com
0 b1sync.zemanta.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync.adotmob.com Failed ssbsync.smartadserver.com
0 dsum.casalemedia.com Failed ssum-sec.casalemedia.com
0 www.googleadservices.com Failed www.bg3.co
0 sync.bumlam.com Failed onetag-sys.com
0 sync.targeting.unrulymedia.com Failed public.servenobid.com
csync.smilewanted.com
0 www.google-analytics.com Failed www.bg3.co
0 stats.g.doubleclick.net Failed cdn.ampproject.org
0 rules.quantcount.com Failed secure.quantserve.com
0 oa.openxcdn.net Failed securepubads.g.doubleclick.net
0 static.criteo.net Failed securepubads.g.doubleclick.net
cdn.adpushup.com
0 cdn.id5-sync.com Failed securepubads.g.doubleclick.net
0 static.bg3.co Failed www.bg3.co
672 195
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cdn.unibotscdn.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
cdn.adpushup.com
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2023-08-29 -
2024-09-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
feebee.com.tw
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
cricket.unibots.in
R3		 2023-06-22 -
2023-09-20		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-14 -
2023-10-04		 2 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh

This page contains 106 frames:

Primary Page: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Frame ID: 41BF3CD961CF06FDFD12E4232F7EB251
Requests: 213 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 4CD2E9E2D18048420519AF0112DC8812
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3F18E50DBB6D001FF2AD5C2BA433B5F1
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: D4F1F996026DB746EDAEBF63C335EBDB
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 9C386F644E3944A480F4433670958678
Requests: 12 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: CB3607C9AE4E95DCC02B0DD27BF43995
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: C7E3D655E9C30228199DCC0EB8E68155
Requests: 4 HTTP requests in this frame

Frame: https://68baba596ce3cfbef586a77a9bbbe291.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 32EF8DAAB069A67A5CDD18F41D4D4835
Requests: 1 HTTP requests in this frame

Frame: https://9ba66d73ea74420f78a9d775a11d2e08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0E6D1F3969DD3E7CBD0D91E81EA45C2E
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&cmcv=&pix=undefined&cb=1693754184699&uv=3329&tms=1693754184699&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=882b3644-534a-4ef9-a17a-ec60541f91e8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: C70C84D07078FA2B423EC8B14360FC09
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B03AE4448CF109018EC34251B0105247
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 28DB2C2C72F62B0F1F48CE932711CC4F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 357E37775BA68651CE668EE8B3FCEF11
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E319DBAEC63EB23F3A914507495A9DE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C919C9D1343A9A93DD72BC8324F80B0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: F263E4DDB0E6CCBB199571DFBDB2383A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-29307978831445629073&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2843&oid=2&is_amp=5&amp_v=2308181609000&d_imp=1&c=43000509&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&ga_hid=509&dt=1693754189689&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&bdt=14877&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 123E589C05CF7B999AE13067760A214B
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: DA4A740808AE6820A4ADE4E4885425CA
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Frame ID: 2708D7AACBD9DC69656DC3D3123667AA
Requests: 17 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 68D866CCB3CC8A8973F29C2EDD5A54DB
Requests: 5 HTTP requests in this frame

Frame: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F551090C1A8EF4102E0ADB42BC3462E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXPimUSGowy8mP-hGMh4gdXoo8uEq6qp581HtOKZCLtvdhMf86IkId4Bvy9KwGTruwwhjmMY226UiZrVhYkQI2ugUfzlA
Frame ID: DFB8D4117651A351E980B6B12EF3DEEA
Requests: 4 HTTP requests in this frame

Frame: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E00952158C076C582C37D60E1AC53C03
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWptNZMZzFInI-gtNJV8UFZKNYqwGC4QceEiKoez19m76D0RUMZDQtXsnae_M836b6y1adEVuv6P_RbSGpwhPRQtZpp5Q
Frame ID: DD78EDA840733B6D533D5CA64C05ACE4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9B110FA254BB1E5F75E365E0CC3821F5
Requests: 15 HTTP requests in this frame

Frame: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3C7A3362DEE05ED18EBF47197F3995FA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVdNbkgdcrf1ZX9A9hcx7mcj02Qfj6pluVADSuJtVrDeRAaeaOVENj4h-yIR1nif2gjbsuVg1G0JjMG6MIiFRPjvgcOUA
Frame ID: 1749EB7A186C25BB538FC3A7F6A451AE
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 98FB3453A353C2C1660E0518591D355B
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 76E0E0F51F136CB5F91C8BA8D68A8B3F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BA3F058C35AC518D220DF33831CAC41C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4D063E8CD058C8EADAB8888FDBF7650A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D0E5FBEAFBC1EF70B6706D7DF704C583
Requests: 3 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: 0DD99C02510DCEF504093DA699807300
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: AA7D81FBDE7C117B321E1C386B0141B0
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1693754190045
Frame ID: 85CB7D698CE7082562484F82D6A42E4A
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 996AAB5D8899F0E9A8D572B6F52B5D4A
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: A6C89BDF90417E8D2B362CC27F017722
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 4DE630EBF55069094A1A09CA8BBECC17
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 2A2F47C3BF4E37C4F40B238DBC15BECB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 4C44ED930C88334F51A8EA273F571F1B
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 597B5BD83E073A874E814A7747054B0D
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: C4B361E50579FA172E03CA4BCA1FF363
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F3FD609BE497AB3D34DF59E65EE975CD
Requests: 10 HTTP requests in this frame

Frame: https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=38cfa9ccb77fa5d1ecbf05ec151d88f0
Frame ID: F0FAB6B53F2D2072BBFA2387C756FAFF
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 4D24F6AF9B15BE3C6A85BDC806E8AE58
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 3FAF08A9D5C2AF8F09F028409408CE09
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 1F87D8645337D3BA072E8DB1F75105B6
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 4A12BD449EA09F6D5504876423C04A89
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 3C1D67A40A8C7E3E9E8CB42F0F100096
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 27D2183744961535A90B0C7693C3AF6E
Requests: 14 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: DCB6F5112B2611EC744FE0349759F55C
Requests: 14 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 9D042022FE0FE207650469E7B1D9D5E2
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 0EED5F82C8994B9F0BC345321E614F41
Requests: 5 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
Frame ID: 92266E067A09631BEF40C894CCBBB3CE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/3f14bfce-84f6-52f6-90ef-28fbf41b8ba9
Frame ID: 7458C241F607898F804A68C38D2548D9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
Frame ID: D2D578D0F526157A4068E4790ABA974F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 45F8CBDE48C1EA4B41D87AD78FBAF1A5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/806be4bb7b0be258506a34a3a85ade?gdpr_consent=&gdpr=0
Frame ID: 68268AE1D6C5CBB69D308CF2A2363F4F
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: CA417C1C18AA541573A7555E0A09A93F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Frame ID: 620DA6262FDEB78F1BEDD87C681388A2
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1E192C5CE898185E56CBCE85E02B04B2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
Frame ID: 4FA272894B34D3168DA5E4FE1302A702
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 651E8191CF203D999D1C895D824BBE86
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Frame ID: EF9840B55D90EF668094C98D3CF05221
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZPSjVAANgOzdVQAN&gdpr=0&gdpr_consent=&_test=ZPSjVAANgOzdVQAN
Frame ID: 616D12E7BD94DCB9BC852952EDF92DC1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ZjY4NTBiNy04ZjJkLTQ0NTItODU0Mi03NDI4OGQ2Y2E4ZjM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: ED53EDA8D55A16F1C897AA419E41C55D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: EA3EB254D070F2546CAA08CFAC8E9EA9
Requests: 9 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 64077C93172CD4BCED70E92CD59A70EF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZPSjVMCo8XsAAKZFEsoAAAAA
Frame ID: C1C2BBED3E093E1AAEA853BD590FD4DD
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_9f6850b7-8f2d-4452-8542-74288d6ca8f3&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 6F442BC448259B5CBB3A55CE7709EB4D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=LZ3JqfLxRWDxivCS5VMX&pi=gumgum&tc=1
Frame ID: FB683FA47A48E074A9D959855C9CFBB4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 750BFE2C0B14FF15C70E1FE63C2AE83F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Frame ID: BF9F452C63ECFE338C57A2D9E675A01F
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Frame ID: BF9EBBE764C9F21D03E202C838CD71A1
Requests: 15 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4A70F26E238567A31A492522ACF4CC60
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&redir=true&gdpr=0&gdpr_consent=
Frame ID: 924B14B697576DB89E03582C12DB5742
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0QmwkIYO45bKXLWS3gz7l9UE5JTKDrWRhg1iGEG2
Frame ID: 7B5C32015CA7A7742878595A2FD98BF8
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957
Frame ID: 349B7332BFFD41D49CC4D731E7DF6E66
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPYHXUKP0ZIPzKpaPgAeK75GoAq3wpd5yn57osYgR2rbi75o4EAEguoTAM2D1hYCA3ATIAQmpApgq7ZfxFbI%2DqAMByAObBKoEjgJP0EgHi9XSX1D%5FdsAhBwclnD5tl7YtsE1AwcWmfuUy0paizrw0hI7vxXeVVaDiSv9OA104d75GMmzE5f9vCmacsCzYQxpqNQ1co0mRFZ7UFFCesBSWi4Gres53p%5FXi0Z%5FcICFnudn79BmbCk1YW15%2DbdXqwpelsYa3UvF1kDNa3MHh3BXLU1%5Fcsc8YJ849uKZ6W%5F3y5kQSJezbwgsA7XVTs5QcQifdVuq%5FYYK8VYXP2nJjlAoIfVyQLw5FYcPyi%2D3%2D7scUrtfYz2kTu23eoFTByB37S2H6y4Ka3k3cpVLy6vh9VeuOOZois2sO3sIZYnNUNUS2YIJNFjhrytWywU%5FHtrlgs9TBSIu%5FBZqUJ0%5FABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWsaxQw0DE864h7aSm2baS%5FPH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE%2D1xgB%26sig%3DAOD64%5F0pIWoNQ2zcjaPScDPAnJmGkxeaEg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCj3eb1AYz%2DIbHSr01ipLive8MDohGv3BbbCo4WCXgva35vo%2DfU5%2D4sT9wqGwCAxKTfXsn3ht5rCbgyeNcf3EEveH3sMXL0pVLFUOZ1bnVSEqVtOg9Vh3moTetF%2D%2DdLlekJrw4M%5FZUdIUgt%5Fahoaw50arN0ZD40zxvUcg%5FZGVzvU%2DlpVuU%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCC%5FEw3eCpLC9VyUxZr4FQOExocX1%2DDl0O4gU8lDs7rXSpoiP3M2lIOT6YSQ6bX9%5FXNqz%5F8TAcwQ%5FquscX6YtAgQ5KL47DI1txzYHwTj7YS9nX%2DvQjiCMWzfdCr0WxulwbGDw5e%2DMeWFf1YBTy%2D07ZLUjcq4mhnCGMvb0sqS5nDSqjEnJWlULiFUHSxJHIk2y1maZWDJqCbISLfoIWeWcxumrMEEWwWMk3dqnGDpElwFJWpgPW8MUSlRP5vezNv2pB2SV2%5FzZGM2nPGdedQrt%2DHbN1L%2DJ4O%5FebNj%2DwMXGueroOxVnwjgSORj31jYYAEreC96bTm15Cv93BQv2J840pHawD4YjbN47Pfakb9mNU%2DHVYiYaj4343MckoB4bfuOBAfNaVw70hWnf8t5iPT36yaXIVGAuK22ULGEMdtsZ6b0UXLIO9BjBLwtym%5FC8rquFO%2D9Yp%5FGzIPVJnZmnRKLbn%5FoeQ%2Dl7t4pcjKTrBrhZ43NJOdDdeOUUxIRAd8BwzUn1Ejq%5Fonsp8CpDw29%2D01Zmlldz0n5vaukKFsraCZ27PSYPm6WMoZlloGMSvvjh3Pl3iuJpCNT0AcXHK8rSABYDeh124E%2DfrLyX84halx1OAM1YqMXUiYCDXsgIMYlWWdWYjnywGdoHM3brynDxW%2D%2DTv97GaJzSR%5FZyizvJ0LmuJSuD%5FQI1o%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274618870703131658%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274618866413865994%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D31267%2526keyword%253D%2526gclid%253DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274618875005373197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274618866413865994%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D19848%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 52A8330FF0B8196F4BB3E06302FCFBF5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5123563F1C7FA580CE7E38F7D7D2EF2
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Frame ID: 5D42F4AA7A056753DE57A5ED23E64950
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: E4500D09C931078E3A2B72169C701225
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/canary/omweb-v1.js
Frame ID: 14BFB7E12043CB53A14A2A24B6ADF8F9
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=48048000099369204438458012436020&pv=1
Frame ID: 0EAEE57DBA4A86C53E5155D0A1D17A48
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=48048000099369204438458012436020&pv=1
Frame ID: D92C6126537BE8EF534784B7679BEF1F
Requests: 1 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=48048000099369204438458012436020&a=917ffd6f
Frame ID: F78080B5265FDB755DE2A475CA7F6618
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6118AA284A9DBAECCC836BC097DF2243
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 38628A33B03F15A72B1BF8BA61DA7D35
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A71953163C104E914D093B0F174FDDD1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 321F9DD1D30A5A9EE70C2D4FF6FC13A9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED8507E2CE26DF7ECF0FB79FBC8AFFE1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 015853BFDC1A0984380228ACDEFC7321
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0717D9D912605BC010DC695FB8727756
Requests: 6 HTTP requests in this frame

Frame: https://0cb707e3fdfe11d8962056daef24dda2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 1B38CC576698AA010EC5AF8D91ACA269
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMiAZzxU8pbAis2aXdEmnkDauziyDybN1gx03LCnMNMo6ADIjkT9NyZOxEGjUvCI-BEZe94-xjs0XSuWdZQSyuBBZIy5yoPU0nAJcPxDNerr1zwLuvY4unk0KdXDaUbfpGgFQHYHEgjUrb6tXV-GbhEFk2j8jsb8Z76oZNpDdNjhIOktKUbMUDXLx9cFGYepS7liLa_FqIF1EmcI5oLjiEGv4nQl3nmVUU9ogUxH-mtIXb4mB-0i1pm6lKTrfXWtVDrMnQCvYcAWf3UQUDkFywuPQnHTo6sZBxT3huHYi6h57XAJfOfvu1Fm5GHE4ZIjC5pQOZmZRox-fm&sai=AMfl-YR0C9RpLjeUWRF9UnfE8t2vO8AoBea5_T1tE18QlDUIwcRVTxS0F9PsAKykIAbPBKleEmEkJcMOjEEEMBBDWUibESuYEsfNY-UNkg&sig=Cg0ArKJSzIv4SXtQ8KwlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B15AB4BB6BED96EFFA91EC7C54D51270
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55EB32D509C3D81F6B14AC4C3F92A09D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9965C7A1C5B5C0287D9C2D8D83DB15DB
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&gdpr=0&gdpr_consent=
Frame ID: 1EAF97BAEEBE156B70557F35AA075BE8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3756744799350472698&gdpr=0&gdpr_consent=
Frame ID: EC36F2E91D8F60A94EAF499356937403
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Frame ID: F2A33666209302C8F17B0C3E04799713
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TRzXViOTUS1rMEklYY4qvp61b0Q&gdpr=0&gdpr_consent=
Frame ID: 3DA005B89411047DE9C996765F445ECC
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 2FBA87C1333CAFE83D1E6199F0F13DE3
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: F74882CEA844AA7E2BAF4814B0316900
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: AAC7863FF734C73FA65A275B48A9D7E4
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 5584D0E431975D813C6E32B626A4E95C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=F0861002-F5F2-4B4F-A10B-B54C3A68032F
Frame ID: 615A04E5B90A587FE583D9980991E278
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

莫德納剩不到6萬劑!第22輪預約今午截止 第三劑副作用一次看 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

672
Requests

73 %
HTTPS

0 %
IPv6

107
Domains

195
Subdomains

114
IPs

15
Countries

5983 kB
Transfer

16504 kB
Size

137
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 76
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 77
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-wMLTKltE2oVCKiAdYvPmgpCIj.JA1HqdW640XgU-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 79
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 127
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM3LICQA-1K-F6X4 HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM3LICQA-1K-F6X4 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-wMLTKltE2oVCKiAdYvPmgpCIj.JA1HqdW640XgU-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 135
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM3LICXH-1G-7O8T HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM3LICXH-1G-7O8T HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-wMLTKltE2oVCKiAdYvPmgpCIj.JA1HqdW640XgU-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 139
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE0zTElDWEgtMUctN084VA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAoy9oBdkGPscJ_SkLsbEPE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE0zTElDWEgtMUctN084VA==&google_push=
Request Chain 140
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGRiZmM5OTA5YThhY2ZjMDYwY2U2MzE0ZmQ0ZTA5MDhmZDE0YTc4Yw
Request Chain 141
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TKnObJDsROWGKbefsqbvVA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TKnObJDsROWGKbefsqbvVA
Request Chain 142
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mIhXMwVoZ9OhlyhxV19Q3Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3FXwNF5E2oJ98hB464p2.NytB6y6dRZDwJC3Qw--~A
Request Chain 144
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aUV1soNhQ6-ak3z5AqE5lg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aUV1soNhQ6-ak3z5AqE5lg
Request Chain 145
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM3LICXH-1G-7O8T
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFaw8nbmLVCd_H5eDUYW9Jg&google_cver=1
Request Chain 217
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181862&bpp=7071&bdt=1147&idt=9934&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=1&ga_vid=43094690.1693754192&ga_sid=1693754192&ga_hid=1611727898&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1659962708&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077222%2C31077527%2C44795922%2C31076995%2C31077549&oid=2&pvsid=1553154380435623&tmod=1540308934&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.y62p9mt0e7mu&fsb=1&dtd=9989 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Request Chain 222
  • https://pr-bh.ybp.yahoo.com/sync/taboola/2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-PtgW4yhE2oQNBcvdYLGFuyg5SOCKlfO.zGTuZA--~A
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1&C=1
Request Chain 280
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPSjUvUhxp3GT8zay8eZTwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEJwZt2JJkMWfVdSAGXXbfBY&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJwZt2JJkMWfVdSAGXXbfBY&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=b131bdeaccd375b8e8fbf4bfed202da2&uid=b131bdeaccd375b8e8fbf4bfed202da2&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 303
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 316
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEHO7NpsD3Coah4tWWKfJ2m4&google_cver=1&google_push=AXcoOmS6AivxrI1ytivgc-4UOJsO0EEkBLvjIZapmfDmHVKbLyu1KTw4IVSBwTnNhLoH_KPL3mAAewm-z81dGyVfRKzC5X5TvM2T HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=822682057993
Request Chain 317
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENn7SjxpzjGjfNlS-7Bgs0E&google_cver=1&google_push=AXcoOmSYaoROSrIZSaRghkP6bGWqcbjKH-PhpVrwu3Qie4CNqkkdVRqYVLV1mlJXijFS59YOsl3jATKcDceyOaGyQ8UhQLSCGNAI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSYaoROSrIZSaRghkP6bGWqcbjKH-PhpVrwu3Qie4CNqkkdVRqYVLV1mlJXijFS59YOsl3jATKcDceyOaGyQ8UhQLSCGNAI&google_hm=eS1NMFRPbXJWRTJwRXlwNEt0a2hSaWdZUTRMcVIwVEprWX5B
Request Chain 319
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECaVA--s5Fuk-oSb8YkN4iQ&google_cver=1&google_push=AXcoOmRz6LvXtPlDcm3NHarPuTsy1HII25BFMhoOSbfjH6kdvNWybG9nMiTkK-nB1jbNvwZn8NyvapA5umpInKlRl6rbx0AicCk4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECaVA--s5Fuk-oSb8YkN4iQ&google_cver=1&google_push=AXcoOmRz6LvXtPlDcm3NHarPuTsy1HII25BFMhoOSbfjH6kdvNWybG9nMiTkK-nB1jbNvwZn8NyvapA5umpInKlRl6rbx0AicCk4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAyMDYwMjEwNjI0NTMzNDkzNg&google_push=AXcoOmRz6LvXtPlDcm3NHarPuTsy1HII25BFMhoOSbfjH6kdvNWybG9nMiTkK-nB1jbNvwZn8NyvapA5umpInKlRl6rbx0AicCk4
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
Request Chain 325
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPSjUvUhxp3GT8zay8eZUAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
Request Chain 329
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3756744799350472698
Request Chain 331
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-FtFe6PYDkkqPuhKL0USRkXxyC6NPw
Request Chain 334
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
Request Chain 347
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 348
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=38cfa9ccb77fa5d1ecbf05ec151d88f0
Request Chain 353
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 358
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3756744799350472698
Request Chain 359
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HQo0pRZHSTrO5TO2SZmI79TD
Request Chain 361
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1693754194981 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5530673588 HTTP 302
  • https://sync.1rx.io/usersync/turn/4577964332765081410?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
Request Chain 362
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5140084927014901744
Request Chain 363
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=deed0c55-e9a9-493e-8fbb-24a7b48823f4
Request Chain 364
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 365
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
Request Chain 366
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYyAg4SOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ssp.disqus.com/match?bidder=14&buyeruid=3756744799350472698&r=Cid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYyAg4SOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYyAg4SOAI=
Request Chain 367
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
Request Chain 369
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 370
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=2b8ae527-d393-45ee-876f-8849acdee581
Request Chain 371
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1693754194981 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1940660461 HTTP 302
  • https://sync.1rx.io/usersync/turn/4361791550651297602?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
Request Chain 373
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-1742152708604427771 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/3f14bfce-84f6-52f6-90ef-28fbf41b8ba9
Request Chain 375
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
Request Chain 379
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3756744799350472698
Request Chain 380
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-rDfcyLgAxoAc8vW9sYXULh37gkGig
Request Chain 383
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TmvFCfvR8aoLv8eTBjGbVontFNqV4GNQy4wzr_RQdIU
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
Request Chain 391
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/806be4bb7b0be258506a34a3a85ade?gdpr_consent=&gdpr=0
Request Chain 394
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UZtkbAacN2pKzmFuXp4va1WWMGhKnGFtBp_rm1a0
Request Chain 395
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4209624951218091518
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL6anRsA0jGH1ejTl1mkEMI&google_cver=1
Request Chain 407
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-zjfVX_PZe_4eGRws1BDP5KkK-7Xew
Request Chain 409
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
Request Chain 411
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LM3LICXH-1G-7O8T&gdpr=0
Request Chain 412
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3756744799350472698
Request Chain 413
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6549451280056235199
Request Chain 414
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yVgiNjluyroAUbk67vpFQ9L60wpYRtdVrsGLEQpgWuU
Request Chain 415
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjA4NjEwMDItRjVGMi00QjRGLUExMEItQjU0QzNBNjgwMzJG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=
Request Chain 416
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
Request Chain 418
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=fa5c6e48-6cf7-49b8-94fc-fa0df4bb4cd1&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 420
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
Request Chain 425
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CqYo5UKP0ZITzKpaPgAeK75GoAuOwq5Vu9s_4jekQw56y0esBEAEguoTAM2D1hYCA3ASgAc671dIDyAEJqQKlwlt7P_SyPuACAKgDAcgDywSqBPACT9B9_z04VIPS5qbEJzkWOWkzQtAtvG9GffC6OwO-RrajJcq0LUsfry7hQTx7UUFusJi7_EBT6AAcTciaxu4bHU_UV-KtfHiJN3YxsOyQUpMyKb_Gaq0CWCoO2bRArKNIvko2_RbYLyp_hiupKdS_kjTjOYI0nbtE0OFKj4UYRoPGYPkYTldr3N_30cQj8PGfZRMcj4uRKg__Y3ylkJrASkdPKDcpmeUjz9fb6jKaSRH9THjlJB7DiGdkJhu3SQMiBh0WDVQ1inrhWxhC-FF6IdFx4OfnZ-mvuSa8kUJeSmcSaMMFwAZXbaFEWWd6zpFnpUwKk0fTJrwfy8DCk7zCz2X3algmnODKRvamtRHkw9SUSDmY9d15tbuD_FlDil6IY6FvJ-njaSP66wvIK53yr0tnj4rj5xIPga9XxyFYyrQX9RDc0Oybu_fL8ta1NIkVuohjHEQNE1rHSFuEaw6VYPUzoXUx7Cr_4HsYw90spZ_ABNLV2JaaBOAEAYgFm5zvqEiSBQQIBBgBkgUECAUYBKAGLoAHrKXVNKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOW5BdIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwmgk6aHR0cHM6Ly93d3cub3JlbGxmdWVzc2xpLmNoLz9Qcm92SUQ9MTA5MTc3NDYmZ2Nsc3JjPWF3LmRzJoAKA8gLAZgMq_65pZ4E2gwRCgsQwOOa5Pj87J_jARICAQO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=DtO_ytlTJls&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWsaxQw0DE864h7aSm2baS_PH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE-1xgB&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb8148254eb40af3f0000000000000000%22,%222%22:%220xd2e172846a26243f0000000000000000%22,%223%22:%220x51ea06745050e7cb0000000000000000%22,%224%22:%220x71660dd9bafab4570000000000000000%22,%225%22:%220xf87e01c90ef8c8570000000000000000%22},%22debug_key%22:%222290743413156476604%22,%22debug_reporting%22:true,%22destination%22:%22https://orellfuessli.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22978673102%22],%224%22:[%2209-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215206326015782925569%22}&andc=true
Request Chain 426
  • https://hal900020.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a6e70a2387&subid=&uid=6a0bba86d6f94e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC2uHUKP0ZKH8KrCyvcAP_L-N4AKRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCA3ATIAQmpApgq7ZfxFbI-qAMByAObBKoEigJP0LviAm4-swriZ8q-khzQmok0Iw9F1Ef0AaTfOwiNs34PPvlyeDZ0FxFac0OzfwGu4Am0-uWIhNwHl7D5FJmG96uGaDFJCdNOQtuZpLq-7Y4JQtxT4VDbhhGDyxcHqyQdgep4F2qBNo5unweNSAAq0keTm45d3fEQjdSpzG03lONW9E-29VY9ApJ3hhOZBoyIqoI6uM_R9kQoi1Lb52a6VDtxV86fkq5_goXxWSdQmU3Owchv_ankntwxcwhifiCH6m-iUx7r4HRm5MVNLWG7hjlgbb10mhV9uJfgqnwG1juLrB1RQjsTY6dlZk66y73yFoS4Z5cmLzh2MNP35G00Vc6lRnCLRLDgB8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIoeT4h96OgQMVMFkPAh38XwMsEAEYASAAEgKtZvD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWKwWS-BGVZTcubZdTpqz9eySVoKl6VJezz32pUK3g0NhZ7-vdGAE%26sig%3DAOD64_2VRZnuq8iGBuF8up1NnDFtZW_Scg%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-AWbd6ElTCn7DnV7BeIH1xt2CXAaFNWTSr4BemF_4D1byOcxornWNQZIGdKxzJ9MBoE4n8y-Rz_8JgYA56zVKAbdjiGmBKKsbIIHOLjoeQtY9Cr2aiJvxER85ZndFF_Jd6cji2IM7pwuG0QRddBcTiSfkZZIrsgnJSAx0uanHaWmk7cmIU%26cry%3D1%26dbm_d%3DAKAmf-CKd_91LV8KfBG2YhLpkAda-vv4oEAwWuyGQsMlGpAsu564YVgXmnIK87eH861MfcLjAelozbkqjr-plcZbHIYcX5KRpTfX4aY65pzbJG2maeY8wAPSJdC8KjH916-P45I7NqOvKRIn4n5Zzodbmox7aPPITnrWjQhdSqpaZoMozEN79a-XbwA-FhNVjgNlbB51Ke0rqtfSS4rFgzKG4C739HA795T-I2jX_Oci2ZGUqS7p2tc15kxgp6h0CF35AwfAHqP_3cjyZXfRVG9a02YfOekD6DT7KJBSF7HvMtLVAHLfkBuV7BBvetXneCGM-x3L4HvYQa9luu5fqCbhRM5PzvLcLT0SQqssHrpwAQ-nlhwW88lPzxgv940fYg4MIqbMT6LhEkNg5JtLdjMhpTtn6TJ0PaVOk61180b7dtLjT3l7FlmGPgnvrizq-0kI9tgIZuoxOwnjZWXivhrraJnjW8J61a7GtkWOjt50kUePwszZplXEJJBfWz7Rd_A5Pj6TczRDKilzYMuTqlV8hFavLpIqDeTYf3cPRE9va6xZDRv1SwFgokXBVS9KbE9a3G6vly5fCXm7VPTLg0eA89afrJXZK6nJIwWXn37njSTbQJuhBDLQzAAIkekHWiWz2BzkEYGw_oCS4gAiJWnkU2WFrXA3ADxP5npSOnW4qlIfo9vcciw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=5778715999391&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900020.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a6e70a2387&subid=&uid=6a0bba86d6f94e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC2uHUKP0ZKH8KrCyvcAP_L-N4AKRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCA3ATIAQmpApgq7ZfxFbI-qAMByAObBKoEigJP0LviAm4-swriZ8q-khzQmok0Iw9F1Ef0AaTfOwiNs34PPvlyeDZ0FxFac0OzfwGu4Am0-uWIhNwHl7D5FJmG96uGaDFJCdNOQtuZpLq-7Y4JQtxT4VDbhhGDyxcHqyQdgep4F2qBNo5unweNSAAq0keTm45d3fEQjdSpzG03lONW9E-29VY9ApJ3hhOZBoyIqoI6uM_R9kQoi1Lb52a6VDtxV86fkq5_goXxWSdQmU3Owchv_ankntwxcwhifiCH6m-iUx7r4HRm5MVNLWG7hjlgbb10mhV9uJfgqnwG1juLrB1RQjsTY6dlZk66y73yFoS4Z5cmLzh2MNP35G00Vc6lRnCLRLDgB8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIoeT4h96OgQMVMFkPAh38XwMsEAEYASAAEgKtZvD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWKwWS-BGVZTcubZdTpqz9eySVoKl6VJezz32pUK3g0NhZ7-vdGAE%26sig%3DAOD64_2VRZnuq8iGBuF8up1NnDFtZW_Scg%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-AWbd6ElTCn7DnV7BeIH1xt2CXAaFNWTSr4BemF_4D1byOcxornWNQZIGdKxzJ9MBoE4n8y-Rz_8JgYA56zVKAbdjiGmBKKsbIIHOLjoeQtY9Cr2aiJvxER85ZndFF_Jd6cji2IM7pwuG0QRddBcTiSfkZZIrsgnJSAx0uanHaWmk7cmIU%26cry%3D1%26dbm_d%3DAKAmf-CKd_91LV8KfBG2YhLpkAda-vv4oEAwWuyGQsMlGpAsu564YVgXmnIK87eH861MfcLjAelozbkqjr-plcZbHIYcX5KRpTfX4aY65pzbJG2maeY8wAPSJdC8KjH916-P45I7NqOvKRIn4n5Zzodbmox7aPPITnrWjQhdSqpaZoMozEN79a-XbwA-FhNVjgNlbB51Ke0rqtfSS4rFgzKG4C739HA795T-I2jX_Oci2ZGUqS7p2tc15kxgp6h0CF35AwfAHqP_3cjyZXfRVG9a02YfOekD6DT7KJBSF7HvMtLVAHLfkBuV7BBvetXneCGM-x3L4HvYQa9luu5fqCbhRM5PzvLcLT0SQqssHrpwAQ-nlhwW88lPzxgv940fYg4MIqbMT6LhEkNg5JtLdjMhpTtn6TJ0PaVOk61180b7dtLjT3l7FlmGPgnvrizq-0kI9tgIZuoxOwnjZWXivhrraJnjW8J61a7GtkWOjt50kUePwszZplXEJJBfWz7Rd_A5Pj6TczRDKilzYMuTqlV8hFavLpIqDeTYf3cPRE9va6xZDRv1SwFgokXBVS9KbE9a3G6vly5fCXm7VPTLg0eA89afrJXZK6nJIwWXn37njSTbQJuhBDLQzAAIkekHWiWz2BzkEYGw_oCS4gAiJWnkU2WFrXA3ADxP5npSOnW4qlIfo9vcciw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=5778715999391&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPSjUvUhxp3GT8zay8eZTwAAFAcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN5iRXMlM0MUBBeeR8FIBMo&google_cver=1
Request Chain 441
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPSjUvUhxp3GT8zay8eZTwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
Request Chain 443
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=2b16aa1b-8be9-45f0-8ed6-b15a3e6a793c&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_a6fa8a8b-ad2d-4231-ae98-e0d9e249883a&bsw_param=2b16aa1b-8be9-45f0-8ed6-b15a3e6a793c&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 444
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4505906738727153474
Request Chain 445
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZPSjUvUhxp3GT8zay8eZTwAA%265127&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=ec1e27b8-50b5-4a73-81fd-f2def380c521-tuctbee28d3
Request Chain 446
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1652886196918596719&gdpr=0&gdpr_consent=
Request Chain 449
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 453
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NzMyMTI3ODYxMTYzMTAxOTY=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDoc8-ZiLDC9q9Gf-v3jXUw&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 455
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3756744799350472698
Request Chain 456
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9f6850b7-8f2d-4452-8542-74288d6ca8f3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_9f6850b7-8f2d-4452-8542-74288d6ca8f3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=6946d306-f0f0-462b-9ba3-85baf71ff09b&ssp=gumgum2&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 457
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28CBwx_e84aYGp15AqaR7bk8C98-bhQyy9jyOQ70aefvzMHJ__VK1PJ8c2-lVcmOyc%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28CBwx_e84aYGp15AqaR7bk8C98-bhQyy9jyOQ70aefvzMHJ__VK1PJ8c2-lVcmOyc%29%26gdpr%3D0
Request Chain 458
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=27efc182-92b0-09ed-3753-3122c4282d5a
Request Chain 459
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4d1cd756-2393-512d-6b30-4925618e2abe$ip$158.181.111.68
Request Chain 460
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-hJ6fDTJE2pcm70wvAu_OcG_norvKRX23N9bX~A
Request Chain 461
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=aacb5a7f-a8f3-4a08-a1df-9d6a901b0f25
Request Chain 465
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=jemOHVnLIkVW&ev=1&pid=558355
Request Chain 466
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1652886196918596719
Request Chain 468
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPSjVAANgOzdVQAN HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPSjVAANgOzdVQAN&gdpr=0&gdpr_consent=&_test=ZPSjVAANgOzdVQAN
Request Chain 472
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPSjVMCo8XsAAKZFEsoAAAAA
Request Chain 474
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=LZ3JqfLxRWDxivCS5VMX&pi=gumgum&tc=1
Request Chain 475
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 477
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LM3LICXH-1G-7O8T HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LM3LICXH-1G-7O8T
Request Chain 478
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPSjUrG66UqZj17-PwqaWAAAFCUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN5iRXMlM0MUBBeeR8FIBMo&google_cver=1
Request Chain 479
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPSjUrG66UqZj17.PwqaWAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1&google_hm=2
Request Chain 482
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=cc3ac53fa3817b9&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAITZ07rf10cgNLbDyVAAAAAAA&expiration=1693840597&is_secure=true
Request Chain 483
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZPSjUrG66UqZj17.PwqaWAAA%265157&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPSjUrG66UqZj17.PwqaWAAA%265157&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f3e34e20c9604cfc98604bb30621c11e HTTP 303
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPSjUrG66UqZj17.PwqaWAAA%265157&gpp_sid=&us_privacy=&gpdr=
Request Chain 484
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3569158016234090306
Request Chain 487
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=182f2247cacb676f2f53277fc4d29&gdpr_consent=&gdpr=0
Request Chain 489
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F0861002-F5F2-4B4F-A10B-B54C3A68032F
Request Chain 491
  • https://cs.admanmedia.com/sync/minute_media?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=dd992ad3-7f90-4fb8-aac0-330eda5ac02e&ismms2s=1
Request Chain 492
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZPSjUvUhxp3GT8zay8eZTwAA%265127
Request Chain 493
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Request Chain 494
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1815395141153584143645&ismms2s=1
Request Chain 495
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1498b87f6-c537-0eef-28b0-38384c7ba6f9
Request Chain 496
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=0&gdpr_consent=%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=1652886196918596719&gdpr=0&gdpr_consent=
Request Chain 497
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=ALceYpMdZTyU&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
Request Chain 499
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=3f14bfce-84f6-52f6-90ef-28fbf41b8ba9&ismms2s=1
Request Chain 502
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=F0861002-F5F2-4B4F-A10B-B54C3A68032F&ismms2s=1
Request Chain 504
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Request Chain 510
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilueAFe3CV6qvCk0KHNpPNBylbHqh1BGJw
Request Chain 512
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=%26ismms2s%3D1 HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LM3LICXH-1G-7O8T&gdpr=0&gdpr_consent=&ismms2s=1
Request Chain 513
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26ismms2s%3D1%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&ismms2s=1&uid=3756744799350472698
Request Chain 515
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=%26ismms2s%3D1&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1652886196918596719
Request Chain 517
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=%26ismms2s%3D1&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ZiMSVoxSGvvH1fxtFzoXY-Aksgm3F9nu_jFVIGXZ2u0
Request Chain 518
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=%26ismms2s%3D1&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957
Request Chain 519
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
Request Chain 520
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=%26ismms2s%3D1 HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
Request Chain 522
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=%26ismms2s%3D1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
Request Chain 526
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0QmwkIYO45bKXLWS3gz7l9UE5JTKDrWRhg1iGEG2
Request Chain 528
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZudvxxwfQKyXpDnKfXmpVw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 529
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&gdpr=0&gdpr_consent=&ct=y
Request Chain 530
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3847319669
Request Chain 531
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzlpYjFoZDFxcWZRbVNDRURnSm9hWXhYUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4209624951218091518&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 532
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjZFNzZGQzctMUMxRi00MEFDLTk3QTQtMzlDQTdENzlBOTU3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 533
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENk8r4HAljOZw6WXfkzwWA8&google_cver=1
Request Chain 536
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4209624951218091518
Request Chain 538
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HF0Mwi1E2uVOz6vDpWYDTNeip8z6zEU-~A&gdpr=0
Request Chain 543
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LM3LICXH-1G-7O8T HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LM3LICXH-1G-7O8T
Request Chain 550
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEHO7NpsD3Coah4tWWKfJ2m4&google_cver=1&google_push=AXcoOmS2AHTEJJF51cNjlP27HTK2yeG17D-OfX1c25OK6HqQTHBBeKI75M4Ipq6CWvHw0L27EjjJXH6lZHoDUm9n64yHrdVoleo9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=822682057993
Request Chain 551
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENn7SjxpzjGjfNlS-7Bgs0E&google_cver=1&google_push=AXcoOmSQEiDvaz8o-9AGI4YdbEqsWgnLoWWN1Qi9CcLJgt_V4aDmepFN8K3cC58p-pmpXRmtTuNB3Zl8x7GiE8Uwc2gujgyx11vT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSQEiDvaz8o-9AGI4YdbEqsWgnLoWWN1Qi9CcLJgt_V4aDmepFN8K3cC58p-pmpXRmtTuNB3Zl8x7GiE8Uwc2gujgyx11vT&google_hm=eS1NMFRPbXJWRTJwRXlwNEt0a2hSaWdZUTRMcVIwVEprWX5B
Request Chain 553
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECaVA--s5Fuk-oSb8YkN4iQ&google_cver=1&google_push=AXcoOmRlNU_7_MwsthD_53VgDNrOnpJ06pIpomXi_krXu425tquLTHh_fVhNy_xXOjURhjALDfXJt7zl22RElpgi4vdd1-EbBX3s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwOTYyNDk1MTIxODA5MTUxOA&google_push=AXcoOmRlNU_7_MwsthD_53VgDNrOnpJ06pIpomXi_krXu425tquLTHh_fVhNy_xXOjURhjALDfXJt7zl22RElpgi4vdd1-EbBX3s
Request Chain 571
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LM3LICXH-1G-7O8T HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM3LICXH-1G-7O8T
Request Chain 590
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENn7SjxpzjGjfNlS-7Bgs0E&google_cver=1&google_push=AXcoOmTlJ2DgHQLQD1M1OcW9S1fU-OPYg3H5O57277qCIO9bOmL8VRBL_u-oh0qR0quaVSTHXrC8Grmwpo1l3HGbM4jGxkwBAM1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTlJ2DgHQLQD1M1OcW9S1fU-OPYg3H5O57277qCIO9bOmL8VRBL_u-oh0qR0quaVSTHXrC8Grmwpo1l3HGbM4jGxkwBAM1s&google_hm=eS1NMFRPbXJWRTJwRXlwNEt0a2hSaWdZUTRMcVIwVEprWX5B
Request Chain 592
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECaVA--s5Fuk-oSb8YkN4iQ&google_cver=1&google_push=AXcoOmSoRSTFkIsMw6q8RT3vUl8aZzcSJylF--CXClvPYo0KQLAV7lSbi4tYPTrlSyNwYGW1FkwCsncxaSRcuH3OxMYOEtDVp5Fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwOTYyNDk1MTIxODA5MTUxOA&google_push=AXcoOmSoRSTFkIsMw6q8RT3vUl8aZzcSJylF--CXClvPYo0KQLAV7lSbi4tYPTrlSyNwYGW1FkwCsncxaSRcuH3OxMYOEtDVp5Fp
Request Chain 643
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3756744799350472698&gdpr=0&gdpr_consent=
Request Chain 645
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TRzXViOTUS1rMEklYY4qvp61b0Q&gdpr=0&gdpr_consent=
Request Chain 654
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=34716313a78217b9&is_secure=true&networkId=17100&version=1&nuid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM_m5xPPUAfwNBl-gPAAAAAAA&expiration=1693840598&nuid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 655
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3569158016234090306&gdpr=0&gdpr_consent=&us_privacy=

672 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
www.bg3.co/a/ 		49 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
86bd0e57d2b056636dc8347bdb05d5ced008ec1367a639063e934fb552a6d7e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 03 Sep 2023 15:16:13 GMT
etag
"c5ac-NC31o5v9wyWvadiaRPuliwcqiAw"
expires
Sun, 03 Sep 2023 15:31:13 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Sep 2023 15:16:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72923
x-xss-protection
0
server
sffe
etag
"8f05ddb4de6114d6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 03 Sep 2023 15:16:16 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
58cead55b65f3b0678c4b30ae3d13b6e12567e960e0bb85cdde591943acc9932
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Sep 2023 15:16:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9638
x-xss-protection
0
server
sffe
etag
"3c97018a73867a04"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 03 Sep 2023 15:16:16 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
b259bb222a39b3d352bd17275abf5799be7aba7c78275743c801ad55b7332531
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 03 Sep 2023 15:16:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7567
x-xss-protection
0
server
sffe
etag
"694191137fe44b1a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 03 Sep 2023 15:16:16 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7363
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrhlNGNJqowaf1%2Byz8F2JkqmxEah%2FqX%2Faro%2BG6cR65aRoVrMFJhLilPCplBHcc9JOCjn%2FKU%2BXYzR5Lqp%2Fwwrg2k3eAIia66f9snZsSkBnoe09O1e04fJxFZN2mX83wlnUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
800ef40b98fc0e32-AMS

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
player.js
cdn.unibotscdn.com/ubplayer/ 		244 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
72733561a4030b10d08d15daed28ca2e67708a34c33aad818949c91bf1413787

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:16 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-382
cdn-cachedat
09/02/2023 08:40:33
cdn-pullzone
873945
last-modified
Sat, 02 Sep 2023 08:40:17 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64f2f4f1-3ce5e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
c069a27cb09565d61853c3d54e994ce1
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-106.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
eada67cef809faab179bb42d56042d47c6a205526e110cab1a8f03a585104a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 03 Sep 2023 15:16:16 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Sun, 03 Sep 2023 07:00:25 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
content-length
10017
expires
Sun, 03 Sep 2023 16:16:16 GMT
adpushup.js
cdn.adpushup.com/42753/ 		658 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-73.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
0ca5dae92ef6608fe14a8ba5e56f72d38b31e7570d98f2287024bfe4a0d53c99

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 03 Sep 2023 15:16:16 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Thu, 31 Aug 2023 21:40:02 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=11, origin; dur=0, ak_p; desc="1693754175611_388605705_898530626_1090_2006_345_680_146";dur=1
content-length
141535
expires
Sun, 03 Sep 2023 16:16:16 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		482 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
84f85b0bd79098f25828f2bb3b2b177620594a4278319fd97136dca240148a2e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VKlFuah3bvS4Rpbf8LXdSUzuYa_VXGJA
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:15 GMT
x-amz-request-id
K7W0WAZGS3KQHT7W
age
3144
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
9
x-amz-replication-status
FAILED
content-length
54228
x-amz-id-2
43go8cNsxYBlHfItaG1z1rIYGYKm+2G3om/yNkUoxnrBUa7Zk70MhzPJMbj7yoGeJ34+T5vR+OM=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Sun, 03 Sep 2023 14:23:51 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754175.288370,VS0,VE2
etag
"ae5ac22b8c45976cae6da9be45e5fd43e843e16b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
11
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
tr5
cdn.taboola.com/libtrc/ 		3 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=rbox-loaf-wtf_var
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230092-FRA
date
Sun, 03 Sep 2023 15:16:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693754176.146650,VS0,VE0
x-cache
HIT
content-type
text/html
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
cdn.taboola.com/libtrc/ 		807 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
656e83dc850cc212558c42afc10854ee7917477199b624efb1d1c1126f9fdf80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
k7l_Koexn6o8.rJou6G0Wj.GSGRdZeVe
content-encoding
br
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:16 GMT
x-amz-request-id
EMNQMW79N89BYQZ0
age
25158
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171004
x-amz-id-2
VEXLDSMGZikcH9nivmwRnxEx8GCGfiTaNqdPkrvaHM3UYe86hI6sWgLotyjXxFA5CkfLPXU5SJQ=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:16 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754177.685516,VS0,VE0
etag
"d7bc13e501b1a821b994c491e94fd903"
vary
Accept-Encoding
content-type
application/javascript
abp
96
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2014
fdda00450582e5b1adb74cc47b63b93f.jpg
static.bg3.co/imgs/202202/ 		0
0
55423c8fb8db5268f9414326229d7589.jpg
static.bg3.co/imgs/202110/ 		0
0
a811260246202625831a44f4e78188ce.jpg
static.bg3.co/imgs/202108/ 		0
0
c2142f7e64c5bf09ab31e363bbe081c7.jpg
static.bg3.co/imgs/202202/ 		0
0
241c67517315d06d91e7c882f8acc28d.jpg
static.bg3.co/imgs/202110/ 		0
0
8be953d9ae8a509d527319885d087d19.jpg
static.bg3.co/imgs/202201/ 		0
0
241c67517315d06d91e7c882f8acc28d.jpg
static.bg3.co/imgs/202112/ 		0
0
a2ed9e8688acb634c22de80a96080bda.jpg
static.bg3.co/imgs/202109/ 		0
0
229809f05bf315b2ded468b3e83b68da.jpg
static.bg3.co/imgs/202202/ 		0
0
cbca490a70cf2b15ae15f249aab788bf.jpg
static.bg3.co/imgs/202202/ 		0
0
9c34e2d1550239e7238fa97881a321a0.jpg
static.bg3.co/imgs/202107/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
08d502e7f6319b0015d0ea006b216f287353f60e0cd84462a5a43d6294bfea7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:09 GMT
age
413053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2971
x-xss-protection
0
server
sffe
etag
"81fe35e806c986f9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:09 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
c5a151f6d9e09fd60bf6973d09630854a1ea0545ac0cbeb88dec0790b3c04b7b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:09 GMT
age
413053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23145
x-xss-protection
0
server
sffe
etag
"1e24d49ff16f97fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:09 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
857 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
22dc79ab92abba87adc663fbd3b8d9242b1ede690743e6d92eca2d5d69ec597b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
509
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a7c94d5780fa800afb0066d0ceed10b6488d78ec4cb2a85c42e5772b6218cd26
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:09 GMT
age
413053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3937
x-xss-protection
0
server
sffe
etag
"256c2c03e8e2f982"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:09 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1693754183.dop163.fr8.t,1693754183.cds133.fr8.hn,1693754183.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:23 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1693754183.dop163.fr8.t,1693754183.cds133.fr8.hn,1693754183.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
267563
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		72 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A16%3A20.231&lti=rbox-loaf-wtf_var&data=%7B%22id%22%3A605%2C%22ii%22%3A%22%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693738515032%2C%22vi%22%3A1693754180229%2C%22cv%22%3A%2220230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A12924%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%22%2C%22vpi%22%3A%22%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2943%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A876%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22rbox-loaf-wtf_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a9fccff8064a800e82955b64af137559e38ed314b498e2c4931badb76ecee43

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
514
date
Sun, 03 Sep 2023 15:16:20 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
63969
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1693754180.262157,VS0,VE514
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
923690f3c0feaf6346a2755af20e2b8580a048126501966a8ccd0fd31c6b53e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:46 GMT
age
413016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10348
x-xss-protection
0
server
sffe
etag
"279670ab552e383b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:46 GMT
bg3.json
cdn.unibotscdn.com/clientdata/ 		19 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/bg3.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
3f18968d0dacf1850dfce645f211ad6244443b9af0415f380ea27f0e835cb58f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
gzip
cdn-edgestorageid
1078
cdn-storageserver
DE-383
cdn-cachedat
09/03/2023 07:31:15
cdn-pullzone
873945
last-modified
Sun, 03 Sep 2023 07:30:40 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
652
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
b3998a905cd7a46fff8da628c90e8265
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6830
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0IxkVpuOA%2BC1CsJilE21Rkm%2FxWb4w30gF27PPYMKA0a6suuY1aqniq6KCyq6h4hpEiTHii1KjcFQBm5lmyc1Z3PY2Jt%2BGlPgXAcxSxZHulEWjiBs651fJ3JAD1ybyFkwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
800ef40d9c260e32-AMS
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a6fdcca2c798f4c7a89a90a7cb30385af534d3f7ce1b0b638688308e0d0cf5cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:21 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a6fdcca2c798f4c7a89a90a7cb30385af534d3f7ce1b0b638688308e0d0cf5cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:21 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6509157487234116&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:21 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9322738596035389&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:21 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
floating-unit.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28b7c765a1cfc313d5a5478384abeec7f66ff2ac464b9855ded74ebfb59c6fef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
H_CetaKp_vdBInE593yew5PuClxdsxd2
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:21 GMT
x-amz-request-id
4GXDY71SECMQ0448
age
4
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
2521
x-amz-id-2
eHAoNjRq/5WIOKtgJufHFE08L4mnNoQ6RbsdsuugxWROIGQG78P/LA2f6USVSAdy1VdGABIHC4o=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:26 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754182.869797,VS0,VE1
etag
"89f5b6283cb553c3d3f712a2e34efd5b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
14
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
taboola-vignette-new-scanning.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
886fb66114698d24aec1cb73015b27b34bd169c5ee28d7f5799608b1830e4b50

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZAP02fK3LSbVQY7BfdwiD2GdgXT6w1nF
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:21 GMT
x-amz-request-id
HGJ1A5DZYCB7TD4B
age
40
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
8068
x-amz-id-2
Aqs2TkIlCRx/TXuSZr3Yu0AW4ATYoCJ+inrYuEXGxyLN2deY/uCNceP7iH75MZRCpN/bEmJe/VE=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:44 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754182.928209,VS0,VE1
etag
"02e82991ab4b751954749facd93adddd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
40
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
distance-from-article.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
418164226b14a46ef78e163388de145ed14402cc735c6f21d0f2daf818dfdbbe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9AqijrHEVsKefAibXiLvelk7Sz3KSqfT
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:22 GMT
x-amz-request-id
AK7QRX2NZ3X3F95D
age
102
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1181
x-amz-id-2
ZIf5xkEE+jsFNZMLo96EN85mW/eEBL1dypG/onwxJgCA34He3NA7wkfXw2lZUI+KO/HYDOLrDlE=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:16 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754183.675560,VS0,VE0
etag
"110ed1b1e5259b1b4e90ad8825572aa2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
9
article-detection.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
327b33e7c6a9d7eff9e46b2a4cb1c3b615e79e9b30f383a9c95e0ac701f4ea0d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OUKpJZQlWcWLVh8MdJYiurJnFUDI9ab4
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:22 GMT
x-amz-request-id
AK7H02DNBCMZ0WMZ
age
101
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1341
x-amz-id-2
LpgN4+4MV1LTPw/bVdbkRo/ZVrcoJXIuN0EWvRxL8LOwO64gvWNtsUEflznnPLc1HdDr15klv5g=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:09 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754183.695853,VS0,VE0
etag
"ee4f1df6b5948159485410b08ed8f338"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
98
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
8
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.8/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:22 GMT
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
108602
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36490
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Sat, 02 Sep 2023 09:06:04 GMT
server
AmazonS3
x-timer
S1693754183.713650,VS0,VE0
etag
"fd7ae01836d3569c79370b947186fc34"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Mt6J1F-CGshnZjpFsfpaaJmwIate2Cx6kS3ud1pcGUxGOwxqpjbetQ==
x-cache-hits
5096
feed-card-placeholder.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd8ba53bc8df94466e19afeba16373959e8e4f090c3ab91415894230bd8a8798

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NW2arwKM0M9bS56ZQ21z4xKDPCmMMpG3
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:22 GMT
x-amz-request-id
AK7WH0D8SY94V09P
age
117
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1305
x-amz-id-2
+QLJQz0fOD3mxD7z6bU5qvxQgz6Pzgsrb8bTqw9X38OyDqb9H6LDgvJ7DJ0XvcDpW1ZOKsaPrpU=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:21 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754183.713685,VS0,VE0
etag
"23284767594dc437d46d72d0e274fedd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
91
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
7
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:20 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
82
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754181.955735,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
16
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
126
userx.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a672364beb0b35fd44f447abf914a2f3037a420a9bbd478c00db342705367380

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XUNQ7ACOUfiSDXEpR1km2gCZM.Qme3aS
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:22 GMT
x-amz-request-id
H0PWNXPRYHWMZ8JR
age
65
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
5446
x-amz-id-2
I7cl9Nuew9P5wMjRggcAxhw4EIeBLxPKJ0ZLWJkjNK9TFTdxhFGma8fww0SyL+drgeiPKqXVyG4=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:47 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754183.713686,VS0,VE0
etag
"b018ec320f051f0affb9f81a8a865b30"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2
explore-more.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fea4bc9b9d2aad38143b0847ab5000206306ec8cb3e9182610b062ad157419b0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2i3xaYjTvZX8vmMr_xN6xxpAolMJOnjl
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:24 GMT
x-amz-request-id
4GXAN1BVW6VQHKFS
age
105
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
8850
x-amz-id-2
axsOmGf0fDu1hJjeHQjlkNnZOSKvPALGPh1Yzp7DeidBkxMuVAPfw8aucoh77Yrs3Xbw+WqAR7U=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:19 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754184.183389,VS0,VE0
etag
"bd2f37bd4ff14b4db13060bda0bd35fa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=rbox-loaf-wtf_var&ri=9c2186cd361593ad6702ee99edd30aaf&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754180_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=17%3A16%3A20.894&id=963&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=rbox-loaf-wtf_var&ri=9c2186cd361593ad6702ee99edd30aaf&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754180_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1693754180895%7D&tim=17%3A16%3A20.895&id=2353&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=rbox-loaf-wtf_var&ri=9c2186cd361593ad6702ee99edd30aaf&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754180_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693754180901%7D&tim=17%3A16%3A20.901&id=3324&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=rbox-loaf-wtf_var&ri=9c2186cd361593ad6702ee99edd30aaf&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754180_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A16%3A20.926&id=9176&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A20.928&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=4220&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&lt=rbox-loaf-wtf_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60680
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A20.929&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6044&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&lt=rbox-loaf-wtf_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60680
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A20.936&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7703&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&lt=rbox-loaf-wtf_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60348
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A20.937&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5560&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&lt=rbox-loaf-wtf_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60348
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A20.941&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6690&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&lt=rbox-loaf-wtf_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60348
json
trc.taboola.com/palmate-bg3co/trc/3/ 		20 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A16%3A20.949&route=AM:IL:V&lti=rbox-loaf-wtf_var&data=%7B%22id%22%3A119%2C%22ii%22%3A%22%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754180_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA%22%2C%22ui%22%3A%222d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4%22%2C%22uifp%22%3A%222d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4%22%2C%22lbt%22%3A1693738515032%2C%22vi%22%3A1693754180229%2C%22cv%22%3A%2220230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A12924%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%22%2C%22vpi%22%3A%22%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4010%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A876%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22rbox-loaf-wtf_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea3bf3087b7dbb2db946c6373d0592624a0cf2a07abfdb94dd2f9a59ed54aa60

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
349
date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
64138
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1693754181.972496,VS0,VE349
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1005%2Cw_1340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1005%2Cw_1340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
566b0032083e7586f68271093b3abf7be6d13e4f21aec361625559fc7ad62454

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 03 Sep 2023 15:16:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1005%2Cw_1340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age
5289328
edge-cache-tag
371149999047074580014513752138842485437,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
371149999047074580014513752138842485437,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
528
expiration
expiry-date="Sat, 15 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.vietnamplus.vn/
content-length
140374
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200083-IAD, cache-iad-kiad7000022-IAD, cache-lga21936-LGA, cache-iad-kjyo7100173-IAD, cache-fra-eddf8230092-FRA
last-modified
Wed, 14 Jun 2023 08:58:14 GMT
server
nginx
x-timer
S1693754185.739365,VS0,VE3
etag
"67e1120668d2fdb3ca97edda3977c237"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 154, 1
e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
934e7afc3bf0992685646d136147be5edac19d1ed31557559ef134693c5c2900

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 03 Sep 2023 15:16:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age
1981734
edge-cache-tag
371149999047074580014513752138842485437,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
371149999047074580014513752138842485437,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
194
expiration
expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.today.com/
content-length
70608
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kjyo7100083-IAD, cache-sna10735-LGB, cache-iad-kiad7000095-IAD, cache-fra-eddf8230092-FRA
last-modified
Fri, 14 Jul 2023 02:57:32 GMT
server
nginx
x-timer
S1693754186.776375,VS0,VE1
etag
"7b4889e48e2b609ec20faf4ddacf1947"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 95, 1
0d9a7236-fd00-41e2-8719-5eeeb232a040__kpNfILvU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0d9a7236-fd00-41e2-8719-5eeeb232a040__kpNfILvU.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bd8bb4cb774305bc2fd4a6baaca4afe5c9bf266f88de367f6f7d97fc1544683e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 03 Sep 2023 15:16:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0d9a7236-fd00-41e2-8719-5eeeb232a040__kpNfILvU.jpg
age
945716
edge-cache-tag
378444803743174980718442203329491238811,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
378444803743174980718442203329491238811,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
657
req-referer
https://tiere-pflanzen.de/
content-length
12192
x-request-id
a8c6b94b72fb08e6231f9b7210846ef5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200164-IAD, cache-iad-kjyo7100127-IAD, cache-iad-kcgs7200025-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 07 Aug 2023 21:37:03 GMT
server
nginx
x-timer
S1693754186.776378,VS0,VE3
etag
"afa01d9f69e3708824ac3c2591961cde"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 6, 1
verschwundene-automarken.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.autozeitung.de/assets/field/images/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.autozeitung.de/assets/field/images/verschwundene-automarken.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3b1c28427268adb46b9a0514ea3f95bec0fcfcb82d25710e25cc8c5398efb1ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 03 Sep 2023 15:16:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.autozeitung.de/assets/field/images/verschwundene-automarken.jpg
age
1581225
edge-cache-tag
336695264982305939426838818038563402923,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
336695264982305939426838818038563402923,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
1715
req-referer
https://www.gazzetta.it/
content-length
27988
x-request-id
af630bb6fdf62cbb73602a8f94cd6870
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000123-IAD, cache-iad-kjyo7100126-IAD, cache-sna10746-LGB, cache-iad-kcgs7200175-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 31 Jul 2023 15:09:35 GMT
server
nginx
x-timer
S1693754186.843752,VS0,VE1
etag
"e9965f593cd8834652b9d44951b1976c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 14, 1
3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
089193c5def6ea660c36eb5facb28fab307bd87dba4dce136ed049ca16a0012d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 03 Sep 2023 15:16:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age
2686326
edge-cache-tag
399188960726298103335710303397794594010,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
399188960726298103335710303397794594010,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
343
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://jvpnews.com/
content-length
63466
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200035-IAD, cache-iad-kiad7000077-IAD, cache-chi-klot8100112-CHI, cache-iad-kiad7000105-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 10 Jul 2023 18:00:30 GMT
server
nginx
x-timer
S1693754186.843723,VS0,VE2
etag
"c317022981eae96b91711fdcc49e9a20"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
8b563647ba25060e69e2f71b35297de2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f5113f6fdf912946eb427523777f496019f8b48d318d33db21a61f091d78978

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 03 Sep 2023 15:16:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b563647ba25060e69e2f71b35297de2.png
age
2709169
edge-cache-tag
469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
469380595437447606234874652449541692371,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
258
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
16422
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200105-IAD, cache-iad-kjyo7100020-IAD, cache-lga21931-LGA, cache-iad-kjyo7100167-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 17 Jul 2023 12:53:47 GMT
server
nginx
x-timer
S1693754186.843714,VS0,VE0
etag
"ff39c8a01202a06ef26c0143701091ae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1114, 2
e0b61120-ee74-402d-88ca-ab344c290cee__c7XGtRKW.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e0b61120-ee74-402d-88ca-ab344c290cee__c7XGtRKW.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f10f48e662adc5bb684cdf3573033a5ff49e576db927e51d71666bb683c59b2b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 03 Sep 2023 15:16:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e0b61120-ee74-402d-88ca-ab344c290cee__c7XGtRKW.jpg
age
1876675
edge-cache-tag
567013569353767241717601055745923726982,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
567013569353767241717601055745923726982,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
639
req-referer
https://www.ski-nordique.net/
content-length
20676
x-request-id
e3f1d4d9a6ce3c709c2f4d075046fcfe
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100167-IAD, cache-iad-kjyo7100132-IAD, cache-sna10744-LGB, cache-iad-kcgs7200083-IAD, cache-fra-eddf8230092-FRA
last-modified
Sat, 12 Aug 2023 19:02:48 GMT
server
nginx
x-timer
S1693754186.139122,VS0,VE1
etag
"35c6c8c62fc54fa88b778be1dfca4c36"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8adb21eb9da22c7bcaae3a07eeca836037e57d4047e574581bc7b6457fae73ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Sun, 03 Sep 2023 15:16:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age
2996028
edge-cache-tag
371149999047074580014513752138842485437,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
371149999047074580014513752138842485437,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
208
expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.recettes.qc.ca/
content-length
86944
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100125-IAD, cache-iad-kjyo7100066-IAD, cache-lax10649-LGB, cache-iad-kjyo7100145-IAD, cache-fra-eddf8230092-FRA
last-modified
Wed, 12 Jul 2023 14:03:01 GMT
server
nginx
x-timer
S1693754187.610163,VS0,VE6
etag
"60b7a387a7a43cc80be456b79947f81e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 17, 5835, 1
3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f052a9a5963bfadca448a34f04e1e607b43fc84993033b8467507108476d7069

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 03 Sep 2023 15:16:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age
2635558
edge-cache-tag
399188960726298103335710303397794594010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
399188960726298103335710303397794594010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
807
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.rnada.com/
content-length
78008
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kiad7000056-IAD, cache-lax10645-LGB, cache-iad-kiad7000055-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 10 Jul 2023 18:10:16 GMT
server
nginx
x-timer
S1693754187.629067,VS0,VE1
etag
"78dafeacc64b6b97989b38b48c90a6b1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 0, 1
0d9a7236-fd00-41e2-8719-5eeeb232a040__kpNfILvU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0d9a7236-fd00-41e2-8719-5eeeb232a040__kpNfILvU.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
da6e6d457bbd5d20fd893dc217126ac6da7bbdf34de40c2daa70d208377de031

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 03 Sep 2023 15:16:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0d9a7236-fd00-41e2-8719-5eeeb232a040__kpNfILvU.jpg
age
3044481
edge-cache-tag
378444803743174980718442203329491238811,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
378444803743174980718442203329491238811,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
193
expiration
expiry-date="Mon, 07 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://weightlossgroove.com/
content-length
32984
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000114-IAD, cache-iad-kjyo7100033-IAD, cache-sna10732-LGB, cache-iad-kjyo7100122-IAD, cache-fra-eddf8230092-FRA
last-modified
Fri, 07 Jul 2023 08:07:32 GMT
server
nginx
x-timer
S1693754187.629019,VS0,VE2
etag
"16845415fd03c5d0bdacfc09ca259c22"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
verschwundene-automarken.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.autozeitung.de/assets/field/images/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.autozeitung.de/assets/field/images/verschwundene-automarken.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c97ad98c17f25936377bbfa30ed2d8906e7752b77d4aba4d1d5998dd2fbe147

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 03 Sep 2023 15:16:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.autozeitung.de/assets/field/images/verschwundene-automarken.jpg
age
4295557
edge-cache-tag
336695264982305939426838818038563402923,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
336695264982305939426838818038563402923,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
1996
req-referer
https://24.hu/kultura/2023/07/24/elado-siofok-jokai-villa-braun-david-fekete-vilmos-jokai-mor/?utm_source=projectagora&utm_medium=contentdiscovery
content-length
87266
x-request-id
baa1c82a1a894db1d4474f87a8ce7337
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000103-IAD, cache-iad-kjyo7100100-IAD, cache-lax10670-LGB, cache-iad-kcgs7200171-IAD, cache-fra-eddf8230092-FRA
last-modified
Fri, 30 Jun 2023 16:04:07 GMT
server
nginx
x-timer
S1693754187.629000,VS0,VE2
etag
"28aa585e2a07816d9cb5675bc53c4b43"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 1, 1
bg3.js
cdn.unibotscdn.com/clientdata/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:26 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-168
cdn-cachedat
08/26/2023 12:01:21
cdn-pullzone
873945
last-modified
Sat, 26 Aug 2023 12:00:46 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
660
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e9e96e-57f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
1c79607cd563ebc238a9c23be983d1a0
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-588
cdn-cachedat
08/09/2023 17:49:28
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
6e71cfe6e21c014d1840c915a699c4ae
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-164
cdn-cachedat
08/28/2023 14:43:30
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
c75ffeba68daed1422113cb96572cc73
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-680
cdn-cachedat
08/29/2023 14:59:51
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
393ec8f051312433cf853e3366902d9f
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.css
cdn.unibotscdn.com/clientdata/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/bg3.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
br
cdn-edgestorageid
863
cdn-storageserver
DE-167
cdn-cachedat
08/09/2023 22:25:50
cdn-pullzone
873945
last-modified
Tue, 01 Aug 2023 11:45:19 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64c8f04f-534"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
3bd7be70089e050ceffb2deb961fca92
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
br
cdn-edgestorageid
1054
cdn-storageserver
DE-599
cdn-cachedat
09/03/2023 13:09:27
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 08:08:48 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
647
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e86190-1b06"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
b619dc9232b070cc77c56befaabe6419
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125515
x-xss-protection
0
expires
Sun, 03 Sep 2023 15:16:28 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4CD2 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
966f86fab4846cf34486ae932468b157aa4b432aaca5b6601a07a455e5526318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7901
x-xss-protection
0
server
cafe
etag
15020207462316048907
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:21 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3F18 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
0d676b76c53b833818c6e1a63c1fdfe4cfd1c19798f92705e2813522ef468721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7895
x-xss-protection
0
server
cafe
etag
5064618199515866780
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:21 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame D4F1 		714 B
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
554
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
800ef411aad10e32-AMS
content-encoding
br
content-type
text/html
date
Sun, 03 Sep 2023 15:16:21 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shkJ%2FfrNipO5kLXSXt8vzyqOhtypNRk5b36XFwGHT8rrRDVjB36Jv6xHF3BTvATX%2B5M%2BIa6P2BcCkb%2BMYtRQuQqrffNIPsdE3IaC3u%2BX3RunFmIVunYxYzy%2FP%2FVEIhBPWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9C38
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Sep 2023 15:16:21 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Sep 2023 15:16:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-wMLTKltE2oVCKiAdYvPmgpCIj.JA1HqdW640XgU-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Sun, 03 Sep 2023 15:16:29 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame CB36 		714 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
554
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
800ef411db440e32-AMS
content-encoding
br
content-type
text/html
date
Sun, 03 Sep 2023 15:16:21 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xHsNuXaAEQ9pgaj98YSoTxXZg70BhbGLshzl4G%2FjLy49%2BRRqjunq5fHQBrBAYiyg1ybYryLLyL4PAJQDjGmwwGVMrHlRMxGCAAuWnCYqyv7u9qF2sQv1XEf0%2FVtWlVSFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C7E3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Sep 2023 15:16:21 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Sep 2023 15:16:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A21.381&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=6703&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&lt=rbox-loaf-wtf_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69062
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&lti=rbox-loaf-wtf_var&ri=6ceeb881cc1a60dc792b06cd5a5bccd5&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754181_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1693754181410%7D&tim=17%3A16%3A21.410&id=9323&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44c9e4d6cc84fe235db0800274090c3335ecc1fcb54bbbebc324c278bb50c197

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Sun, 03 Sep 2023 15:16:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age
3550067
edge-cache-tag
486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
315
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
35954
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000071-IAD, cache-iad-kjyo7100118-IAD, cache-sna10735-LGB, cache-iad-kcgs7200136-IAD, cache-fra-eddf8230092-FRA
last-modified
Sat, 15 Jul 2023 22:28:28 GMT
server
nginx
x-timer
S1693754187.253864,VS0,VE6
etag
"f9d7aab2dcdde7833ec39551e6347199"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 25, 1
aban1.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/jv48DMz/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/jv48DMz/aban1.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
43d46ca8ec37f3df134d8374fe75a94d8eed05f56a09c94ce4fbf81e425f18a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 03 Sep 2023 15:16:27 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/jv48DMz/aban1.gif
age
2796608
edge-cache-tag
369131431458741576796747560766529093586,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
369131431458741576796747560766529093586,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT
expiration
expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
20035
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kjyo7100104-IAD, cache-iad-kjyo7100104-IAD, cache-fra-eddf8230092-FRA
last-modified
Thu, 13 Jul 2023 01:05:44 GMT
server
cloudinary
x-timer
S1693754187.312857,VS0,VE1
etag
"6e3934b7838a823c8e41fa329c91e1dc"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 219, 1
5d69cacad5f90ff2904628ba289e7b52.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d69cacad5f90ff2904628ba289e7b52.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
709ba9d905d48370b535afbd6f085f9c7eb64c78c5b8c0fb294ce71fa1f010f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 03 Sep 2023 15:16:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d69cacad5f90ff2904628ba289e7b52.jpeg
age
1564540
edge-cache-tag
526186091371959459182187227990411432680,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
526186091371959459182187227990411432680,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
130
expiration
expiry-date="Wed, 23 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.footmercato.net/
content-length
15370
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100103-IAD, cache-iad-kiad7000063-IAD, cache-iad-kiad7000171-IAD, cache-fra-eddf8230092-FRA
last-modified
Sun, 23 Jul 2023 18:51:52 GMT
server
nginx
x-timer
S1693754188.556627,VS0,VE2
etag
"8f4fa98d7d435597aac30bcae4ebcf0c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 10, 1
brautkleider-royals-2%2Cid%3D2efdba79%2Cb%3Dliebenswert%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.liebenswert-magazin.de/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.liebenswert-magazin.de/brautkleider-royals-2%2Cid%3D2efdba79%2Cb%3Dliebenswert%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
20d883fcdee229a17cbff4e8e79d1e1041dd28aa4273b62b1e9dbe0fc936069b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
11
date
Sun, 03 Sep 2023 15:16:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.liebenswert-magazin.de/brautkleider-royals-2%2Cid%3D2efdba79%2Cb%3Dliebenswert%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
age
770823
edge-cache-tag
366871436072726444483376463122342600673,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
366871436072726444483376463122342600673,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
516
expiration
expiry-date="Sat, 09 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://fern-der-heimat.com/
content-length
52412
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100118-IAD, cache-iad-kiad7000052-IAD, cache-iad-kjyo7100129-IAD, cache-fra-eddf8230092-FRA
last-modified
Wed, 09 Aug 2023 22:11:03 GMT
server
nginx
x-timer
S1693754188.575253,VS0,VE11
etag
"b435226ec59c486d3f4ced8220e391e1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 3, 1
cb2f2b8791823561e4043db1d806293a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2f2b8791823561e4043db1d806293a.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
705e54124459842125a7ef424caf33f8d53227053e7fec5e24dc2676220bd43d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 03 Sep 2023 15:16:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2f2b8791823561e4043db1d806293a.jpg
age
2099970
edge-cache-tag
488490386920394958419180526252434716045,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
488490386920394958419180526252434716045,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
312
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tomaten.de/
content-length
54132
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000055-IAD, cache-iad-kiad7000125-IAD, cache-chi-klot8100022-CHI, cache-iad-kcgs7200035-IAD, cache-fra-eddf8230092-FRA
last-modified
Fri, 21 Jul 2023 11:30:12 GMT
server
nginx
x-timer
S1693754188.662780,VS0,VE2
etag
"713e9e2963c8139bb10e7659f469752f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 8, 1
1e24f810ab7a757ed1c10c8e8c889a3c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e24f810ab7a757ed1c10c8e8c889a3c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2dfe27b88ffa0378bb53d1ad5e1f656d05adb0604b53fdd72ef341160b069c60

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 03 Sep 2023 15:16:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e24f810ab7a757ed1c10c8e8c889a3c.png
age
2780022
edge-cache-tag
553977694258997927529468991631023962030,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
553977694258997927529468991631023962030,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
124
expiration
expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.atlantaleader.com/
content-length
20796
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000092-IAD, cache-iad-kiad7000050-IAD, cache-chi-klot8100129-CHI, cache-iad-kjyo7100037-IAD, cache-fra-eddf8230092-FRA
last-modified
Sun, 16 Jul 2023 18:45:25 GMT
server
nginx
x-timer
S1693754188.694495,VS0,VE0
etag
"62529dff8a1ce422e4f0b7c811a586c9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 1098, 3
360fd688aa592cb149ed24e1841d2d15.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/360fd688aa592cb149ed24e1841d2d15.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
302be377185f1d9c660dad950516501936a7910aa304bcfe5b685fcda6f02dec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 03 Sep 2023 15:16:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/360fd688aa592cb149ed24e1841d2d15.jpg
age
2542139
edge-cache-tag
467034397575831769978129637040287281398,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
467034397575831769978129637040287281398,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
310
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
30874
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100127-IAD, cache-iad-kjyo7100065-IAD, cache-sna10737-LGB, cache-iad-kiad7000169-IAD, cache-fra-eddf8230092-FRA
last-modified
Sat, 15 Jul 2023 04:37:36 GMT
server
nginx
x-timer
S1693754188.806457,VS0,VE2
etag
"925064ec83d3f1f82adfb23b7f19243e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 105, 1
c7c4b18f-8f4f-4f19-97bf-1407dc69d891__MiLoeBft.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c7c4b18f-8f4f-4f19-97bf-1407dc69d891__MiLoeBft.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e90b5fa14fbbf1733a3003f2f3863857c1088062ecc72a9d3c611b9e9295e4c7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 03 Sep 2023 15:16:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c7c4b18f-8f4f-4f19-97bf-1407dc69d891__MiLoeBft.jpg
age
2154208
edge-cache-tag
623981130260430897290527351837852872561,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
623981130260430897290527351837852872561,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
734
req-referer
https://jvpnews.com/
content-length
95380
x-request-id
c2535a8b903b5fc240871b4ffabc52f8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000131-IAD, cache-iad-kjyo7100112-IAD, cache-lga21970-LGA, cache-iad-kjyo7100032-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 07 Aug 2023 19:43:10 GMT
server
nginx
x-timer
S1693754188.835918,VS0,VE3
etag
"4d36b836f6bfabfc96ea891b7a57a12a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
b7fbaeb20a3191dc4112a900da0d09aa.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7fbaeb20a3191dc4112a900da0d09aa.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131791340bcb1e531c2d89c70cacb2b6bf020db8b9e2c6a19a9a15703a37df4e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 03 Sep 2023 15:16:27 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7fbaeb20a3191dc4112a900da0d09aa.png
age
1577180
edge-cache-tag
488766259070982098111583096283783012296,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
488766259070982098111583096283783012296,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
446
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wndu.com/
content-length
67504
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200022-IAD, cache-iad-kiad7000044-IAD, cache-iad-kcgs7200149-IAD, cache-fra-eddf8230092-FRA
last-modified
Fri, 21 Jul 2023 07:25:57 GMT
server
nginx
x-timer
S1693754188.877323,VS0,VE2
etag
"cf177bb1d6b054c33cc250fa1cfa3e9c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D4F1 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
55c98b894a9bc1801be47c0e551ba9ab69e5165d6ecc4d70c7425dbf2c3727a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28953
x-xss-protection
0
server
cafe
etag
31 / 19603 / m202308290101 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CB36 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f91ee6f3c90c231cc271e450f83497a57dcb81b27c84ffd2a920f915234d74bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28965
x-xss-protection
0
server
cafe
etag
671 / 19603 / 31077538 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:22 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4CD2 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
f27b876bc0a492543da011c1fd5588b3381400ad4353ad81e8f032ca48c7e531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51024
x-xss-protection
0
server
cafe
etag
15405478635972567823
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:28 GMT
usync.js
eus.rubiconproject.com/ Frame 9C38 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8ca9d9dd450d8fa63c3f8cc9679e166d928d58f84752e9bc01931bad4bff4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 03:53:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45411
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 03:53:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3F18 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
68d4e924fbe9a1cafb5b9712901e583a73adc2d9d54d9c41982f5f8ec30430b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51028
x-xss-protection
0
server
cafe
etag
4267342759060255951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:28 GMT
usync.js
eus.rubiconproject.com/ Frame C7E3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8ca9d9dd450d8fa63c3f8cc9679e166d928d58f84752e9bc01931bad4bff4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:22 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 03:53:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45410
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 03:53:12 GMT
next-up-widget.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a180c053c4ee87ad1c17f5c79b7227ddb23647b3dadf569679aa60f61a8ca89e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QLTOf2UDBIay41RGJz8Uc0bcikNNRHXE
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:28 GMT
x-amz-request-id
4GXAYTXEAFXNV0TC
age
29
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
4670
x-amz-id-2
pZY+0A1szNsglacCKjQHEgJPEetKje0xeFCVOkq3oj4A+JhVk7s687B4FEP+r7whGLzXD1mUmCc=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:29 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754188.191124,VS0,VE1
etag
"57c0012926eeb64853808807780a8922"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
66
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=rbox-loaf-wtf_var&bulkSize=19
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
191
date
Sun, 03 Sep 2023 15:16:22 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64164
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1693754182.074989,VS0,VE191
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
khaos.jpg
token.rubiconproject.com/ Frame 9C38 		284 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&lti=rbox-loaf-wtf_var&ri=6ceeb881cc1a60dc792b06cd5a5bccd5&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754181_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A7184%7D%22%2C%22eventTime%22%3A1693754181994%7D&tim=17%3A16%3A21.994&id=7696&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
khaos.jpg
token.rubiconproject.com/ Frame C7E3 		284 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ Frame D4F1 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
84558
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129682
x-xss-protection
0
server
cafe
etag
12917394590533080382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 01 Sep 2024 15:47:04 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/ Frame CB36 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
667d77669d19714ac96c979a077c8c1ddeb43e5d9b425bf78da585cb92935dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 21:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
64370
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129791
x-xss-protection
0
server
cafe
etag
6482524881801658577
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 01 Sep 2024 21:23:32 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
af0d502a9a7d67163adf186df31255bc15e9f08004dd1ef115c3145c3657da04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:10 GMT
age
413058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57645
x-xss-protection
0
server
sffe
etag
"2fe8959ce43a8d1d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:10 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:28 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
1812
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1693754189.677545,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
38
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
11086
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:28 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
21295
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754189.781927,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
26
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
41091
ads
securepubads.g.doubleclick.net/gampad/ Frame D4F1 		492 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3782014565020466&correlator=2787327553658200&eid=31076398%2C20222282&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693754183400&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=uqajyzxxp8mv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=850243165.1693754183&ga_sid=1693754183&ga_hid=576418431&ga_fc=false&dlt=1693754181435&idt=1947&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2ec0d882a3581c9c4fc868bc96281b820649d7e7a66ec0d92dbc0a06f010fcf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
68baba596ce3cfbef586a77a9bbbe291.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 32EF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://68baba596ce3cfbef586a77a9bbbe291.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:24 GMT
expires
Mon, 02 Sep 2024 15:16:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CB36 		492 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3701367258465145&correlator=2956772852023067&eid=31077366%2C31077538%2C20222283&output=ldjh&gdfp_req=1&vrg=202308300101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693754184173&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=3gti8b6b0tv8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=131753259.1693754184&ga_sid=1693754184&ga_hid=162052764&ga_fc=false&dlt=1693754181468&idt=2687&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2c7f70f39708dc55cfc12d84eb039481bfa9af3dddc29fa59158573e64a09a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9ba66d73ea74420f78a9d775a11d2e08.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E6D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ba66d73ea74420f78a9d775a11d2e08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:25 GMT
expires
Mon, 02 Sep 2024 15:16:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=IL:IL:V&lti=rbox-loaf-wtf_var&ri=6ceeb881cc1a60dc792b06cd5a5bccd5&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754181_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22305%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A16%3A24.193&id=6194&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A16%3A24.378&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2079&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&lt=rbox-loaf-wtf_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
85990
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-73.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 03 Sep 2023 15:16:29 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1693754189488_388605705_898547551_594_1779_45_0_146";dur=1
content-length
122286
expires
Mon, 02 Sep 2024 15:16:29 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-73.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 03 Sep 2023 15:16:29 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1693754189571_388605705_898547553_188_1567_45_64_146";dur=1
content-length
211
expires
Mon, 02 Sep 2024 15:16:29 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-73.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 03 Sep 2023 15:16:29 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=29, origin; dur=0, ak_p; desc="1693754189571_388605705_898547552_2976_1502_30_0_146";dur=1
content-length
18371
expires
Sun, 03 Sep 2023 16:16:29 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2642e86c8e6ee01a25a6310db829335d2fec1c9d1e7839d0607924886f206f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29325
x-xss-protection
0
server
cafe
etag
222 / 19603 / 31077576 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:29 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM3NTQxODQ2MzAsInBhY2tldElkIjoiMDAwMEE3MDEtNDFiZDEyNTUtY2UzZC00Y2M2LWE0MTMtYzJkN2Y0YzhlM2I0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLWRlLW5hLXNoZW5nLWJ1LWRhby02bW8tamktZGktMjJsdW4teXUteXVlLWppbi13dS1qaWUtemhpLWRpLXNhbi1qaS1mdS16dW8teW9uZy15aS1jaS1rYW4uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=12708
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
st
imprammp.taboola.com/ Frame C70C 		439 B
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&cmcv=&pix=undefined&cb=1693754184699&uv=3329&tms=1693754184699&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=882b3644-534a-4ef9-a17a-ec60541f91e8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb97db4ea4b26960fe8a279acb169514287a1e96d2b22c2fb615f44094b480b9

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 03 Sep 2023 15:16:24 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230092-FRA
x-timer
S1693754185.720282,VS0,VE10
sync
am-match.taboola.com/ Frame B03A 		439 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
fb97db4ea4b26960fe8a279acb169514287a1e96d2b22c2fb615f44094b480b9

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 03 Sep 2023 15:16:25 GMT
machineid
3408
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1693754184708&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1545&pt=-619564402&tz=120&viewable=true&ddast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
976d221a27c609c6b0b839ce2274af35070e410035d47e59fd4e1e79a0084e94

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 03 Sep 2023 15:16:24 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1471
x-cache
MISS
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1693754185.748263,VS0,VE39
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&cmcv=&pix=31589837&cb=1693754184698&uv=3329&tms=1693754184698&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693754171922.8!ts:1693754184698&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:30 GMT
content-length
0
server
nginx
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM3NTQxODQ3MjAsInBhY2tldElkIjoiMDAwMEE3MDEtNDFiZDEyNTUtY2UzZC00Y2M2LWE0MTMtYzJkN2Y0YzhlM2I0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLWRlLW5hLXNoZW5nLWJ1LWRhby02bW8tamktZGktMjJsdW4teXUteXVlLWppbi13dS1qaWUtemhpLWRpLXNhbi1qaS1mdS16dW8teW9uZy15aS1jaS1rYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=12798
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM3NTQxODQ3MjQsInBhY2tldElkIjoiMDAwMEE3MDEtNDFiZDEyNTUtY2UzZC00Y2M2LWE0MTMtYzJkN2Y0YzhlM2I0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLWRlLW5hLXNoZW5nLWJ1LWRhby02bW8tamktZGktMjJsdW4teXUteXVlLWppbi13dS1qaWUtemhpLWRpLXNhbi1qaS1mdS16dW8teW9uZy15aS1jaS1rYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=12802.399997711182
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTM3NTQxODQ3MjYsInBhY2tldElkIjoiMDAwMEE3MDEtNDFiZDEyNTUtY2UzZC00Y2M2LWE0MTMtYzJkN2Y0YzhlM2I0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLWRlLW5hLXNoZW5nLWJ1LWRhby02bW8tamktZGktMjJsdW4teXUteXVlLWppbi13dS1qaWUtemhpLWRpLXNhbi1qaS1mdS16dW8teW9uZy15aS1jaS1rYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=12803.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM3NTQxODQ3MjAsInBhY2tldElkIjoiMDAwMEE3MDEtNDFiZDEyNTUtY2UzZC00Y2M2LWE0MTMtYzJkN2Y0YzhlM2I0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21vLWRlLW5hLXNoZW5nLWJ1LWRhby02bW8tamktZGktMjJsdW4teXUteXVlLWppbi13dS1qaWUtemhpLWRpLXNhbi1qaS1mdS16dW8teW9uZy15aS1jaS1rYW4uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=12809.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 9C38
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM3LICQA-1K-F6X4
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM3LICQA-1K-F6X4
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-wMLTKltE2oVCKiAdYvPmgpCIj.JA1HqdW640XgU-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Sun, 03 Sep 2023 15:16:29 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
block.jpg
delivery.adrecover.com/ 		631 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1693754184749
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-106.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 03 Sep 2023 15:16:30 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Sun, 03 Sep 2023 16:16:30 GMT
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Sep 2023 15:16:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Sep 2023 14:51:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Sep 2023 15:16:25 GMT
spa-detector.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7700225a34f0a1747bde7920bda15daacaf1c7bfb01b73223e0c9b5cff9b2e0c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yKX1xNvWh7yRxPJXTUG0wKmvzvnVrQE8
content-encoding
gzip
via
1.1 varnish
date
Sun, 03 Sep 2023 15:16:30 GMT
x-amz-request-id
Y30SPQHBN56WDGCB
age
13
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
864
x-amz-id-2
Bs3Fr/X3TMcB+sytCgHBUHfRQtSR+3ESGGePpfQIVzhIV00Ps521X+zMzTSuMJnYh8BE1DFCPUk=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Mon, 28 Aug 2023 11:49:36 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693754191.610515,VS0,VE1
etag
"b6517d9e4e913505ac96304458c01726"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
40
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=IL:IL:V&lti=rbox-loaf-wtf_var&ri=6ceeb881cc1a60dc792b06cd5a5bccd5&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754181_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A16%3A24.758&id=3505&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&lti=rbox-loaf-wtf_var&ri=6ceeb881cc1a60dc792b06cd5a5bccd5&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754181_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1693754184759%7D&tim=17%3A16%3A24.759&id=8758&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=IL:IL:V&lti=rbox-loaf-wtf_var&ri=6ceeb881cc1a60dc792b06cd5a5bccd5&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754181_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A16%3A24.761&id=4382&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&lti=rbox-loaf-wtf_var&ri=6ceeb881cc1a60dc792b06cd5a5bccd5&sd=v2_cc871699f3a7621a664d5baa8fdbb51f_2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4_1693754180_1693754181_CNawjgYQ2YJdGIWF99ylMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&pi=/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&wi=2642744668705420055&pt=text&vi=1693754180229&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1693754184763%7D&tim=17%3A16%3A24.763&id=3733&llvl=2&cv=20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
generic
match.adsrvr.org/track/cmf/ Frame C7E3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM3LICXH-1G-7O8T
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM3LICXH-1G-7O8T
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-wMLTKltE2oVCKiAdYvPmgpCIj.JA1HqdW640XgU-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Sun, 03 Sep 2023 15:16:29 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame C70C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&cmcv=&pix=undefined&cb=1693754184699&uv=3329&tms=1693754184699&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=882b3644-534a-4ef9-a17a-ec60541f91e8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4
pr-bh.ybp.yahoo.com/sync/taboola/ Frame C70C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&cmcv=&pix=undefined&cb=1693754184699&uv=3329&tms=1693754184699&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=882b3644-534a-4ef9-a17a-ec60541f91e8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.175.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-175-116.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame C70C 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&cmcv=&pix=undefined&cb=1693754184699&uv=3329&tms=1693754184699&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=882b3644-534a-4ef9-a17a-ec60541f91e8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 9C38
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE0zTElDWEgtMUctN084VA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAoy9oBdkGPscJ_SkLsbEPE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE0zTElDWEgtMUctN084VA==&google_push=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE0zTElDWEgtMUctN084VA==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE0zTElDWEgtMUctN084VA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9C38
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGRiZmM5OTA5YThhY2ZjMDYwY2U2MzE0ZmQ0ZTA5MDhmZDE0YTc4Yw
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGRiZmM5OTA5YThhY2ZjMDYwY2U2MzE0ZmQ0ZTA5MDhmZDE0YTc4Yw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGRiZmM5OTA5YThhY2ZjMDYwY2U2MzE0ZmQ0ZTA5MDhmZDE0YTc4Yw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9C38
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TKnObJDsROWGKbefsqbvVA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TKnObJDsROWGKbefsqbvVA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TKnObJDsROWGKbefsqbvVA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JRSZXTPXAQVPYN13FYR8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TKnObJDsROWGKbefsqbvVA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9C38
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mIhXMwVoZ9OhlyhxV19Q3Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3FXwNF5E2oJ98hB464p2.NytB6y6dRZDwJC3Qw--~A
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3FXwNF5E2oJ98hB464p2.NytB6y6dRZDwJC3Qw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 03 Sep 2023 15:16:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3FXwNF5E2oJ98hB464p2.NytB6y6dRZDwJC3Qw--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 9C38 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 9C38
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aUV1soNhQ6-ak3z5AqE5lg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aUV1soNhQ6-ak3z5AqE5lg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aUV1soNhQ6-ak3z5AqE5lg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0KVGYA9A36DJFS56M5FE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aUV1soNhQ6-ak3z5AqE5lg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 9C38
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM3LICXH-1G-7O8T
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM3LICXH-1G-7O8T
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:26 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7231BB9D1C1F462395FC6ED1D12F6751 Ref B: ZRHEDGE0716 Ref C: 2023-09-03T15:16:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEdeClCos0jJ9JL1FVqw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM3LICXH-1G-7O8T
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9C38
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFaw8nbmLVCd_H5eDUYW9Jg&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFaw8nbmLVCd_H5eDUYW9Jg&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFaw8nbmLVCd_H5eDUYW9Jg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 03 Sep 2023 15:16:30 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
2950
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1693754191.688806,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
34
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1480
sodar
pagead2.googlesyndication.com/getconfig/ Frame D4F1 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
91eda30d02283924810811a4978d9b5c1e16632b1b58692956da59192024f9d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11731
x-xss-protection
0
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_2_9/infra/ 		877 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_9/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
164e19bc17a5e0a82da30fb119b538c1f7e37a64ff1dc500c45cd8242a2473fb

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693645705
date
Sun, 03 Sep 2023 15:16:30 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0BRC0Q93FWACQAFT
age
108337
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693645706
x-amz-meta-mode
33188
content-length
146724
x-amz-id-2
Ml1Ba+Wo+NnVx8ybFry3umUEb0RTo4XJ1ZCEbst4BcHpA/uGBc0OhA1rANN5utyC7ETWA/DVSXI=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Sat, 02 Sep 2023 09:08:27 GMT
server
AmazonS3-br
x-timer
S1693754191.688690,VS0,VE0
etag
"6ddb5b5509b726a47eef530bf8147729"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
37593
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_9/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_9/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693645723
date
Sun, 03 Sep 2023 15:16:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0BRAZPSX1JAY6509
age
108333
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693645724
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
Tbbsjn1uN8CcaxQb2x/+Z6dUVtIppgzBLbZpMgnxVnedwTKTIjdk8HyQtAYDw9g9eRUPss4DJps=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Sat, 02 Sep 2023 09:08:45 GMT
server
AmazonS3-br
x-timer
S1693754186.576495,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
52901
generic
match.adsrvr.org/track/cmf/ Frame B03A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B03A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.175.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-175-116.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame B03A 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar
pagead2.googlesyndication.com/getconfig/ Frame CB36 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
4e144a55904cf3905bc237ef0fe43e376f60e025fedacbee03099e23976eef91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11747
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D4F1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 15:16:26 GMT
perf
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/perf?route=IL%3AIL%3AV&lti=rbox-loaf-wtf_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CB36 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308300101/pubads_impl.js?cb=31077538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 15:16:27 GMT
il95o8vjrn
www.clarity.ms/tag/ 		658 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/il95o8vjrn
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
82a46f5270e2ce0ba5775f7d622e3b05ec9b2caf94d9a183e905951eee9b7cfc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
date
Sun, 03 Sep 2023 15:16:31 GMT
x-azure-ref
0UKP0ZAAAAAAvrCgRbaRcTpdepGg80HQ2WlJIRURHRTA2MTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
658
expires
-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 28DB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
22908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 08:54:39 GMT
expires
Mon, 02 Sep 2024 08:54:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 357E 		829 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
46b21567424b0df531db43d0dcbfdc4b8e99e7c78f101555413b9d89f4fe7590
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NBGQ9esddRdDZkzXBTw9xQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-NBGQ9esddRdDZkzXBTw9xQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:29 GMT
expires
Sun, 03 Sep 2023 15:16:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E31 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
22908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 08:54:39 GMT
expires
Mon, 02 Sep 2024 08:54:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3C91 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
f464b27d978feaaa2dad001581dc04b90e7c6350f90984032c50571fff313fcb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BDRkJf4QOfAOGCcQNUuOOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
539
content-security-policy
script-src 'report-sample' 'nonce-BDRkJf4QOfAOGCcQNUuOOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:29 GMT
expires
Sun, 03 Sep 2023 15:16:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 28DB 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
84562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 15:47:06 GMT
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 2E31 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
84562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 15:47:06 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ Frame 4CD2 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ebf21ade8c463147cc813c24625e0f8bc433161a3e51ae429c6a402b31700791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133294
x-xss-protection
0
server
cafe
etag
3197283795975378450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame F263 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
80749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 16:50:39 GMT
etag
9878862242593084568
expires
Sat, 16 Sep 2023 16:50:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
da45ef32883906bc1a133e0f428131d8ebca6e802de09105a9633657166bdaa9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 03 Sep 2023 15:16:30 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age
3752500
edge-cache-tag
371149999047074580014513752138842485437,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
371149999047074580014513752138842485437,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
43
expiration
expiry-date="Sun, 06 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.koreadaily.com/
content-length
6466
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000165-IAD, cache-iad-kiad7000140-IAD, cache-chi-kigq8000055-CHI, cache-iad-kcgs7200046-IAD, cache-fra-eddf8230092-FRA
last-modified
Thu, 06 Jul 2023 16:31:46 GMT
server
nginx
x-timer
S1693754191.727987,VS0,VE1
etag
"1d977e0cfaadd874c31053db67717886"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1817, 1
3665e80e3b17f3196eb873ea593d7993.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f48201ba7796b64b9b74c2173009a43ffbf4e10af199d73189d366d4956f2e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 03 Sep 2023 15:16:30 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3665e80e3b17f3196eb873ea593d7993.png
age
2308697
edge-cache-tag
399188960726298103335710303397794594010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
399188960726298103335710303397794594010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
230
expiration
expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gadgets360.com/
content-length
7184
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000130-IAD, cache-iad-kcgs7200167-IAD, cache-sna10745-LGB, cache-iad-kiad7000105-IAD, cache-fra-eddf8230092-FRA
last-modified
Thu, 13 Jul 2023 08:49:04 GMT
server
nginx
x-timer
S1693754191.747626,VS0,VE3
etag
"f6113d02fca7e1ee5f6e84932d9ba725"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2, 1
0d9a7236-fd00-41e2-8719-5eeeb232a040__kpNfILvU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0d9a7236-fd00-41e2-8719-5eeeb232a040__kpNfILvU.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6d6d2e56fca86d0b6bb8c116bd0cc223ae7dc2b14029db1edeafef83ab7ea9db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
7
date
Sun, 03 Sep 2023 15:16:30 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0d9a7236-fd00-41e2-8719-5eeeb232a040__kpNfILvU.jpg
age
2094198
edge-cache-tag
378444803743174980718442203329491238811,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
378444803743174980718442203329491238811,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
452
req-referer
https://wandern24.eu/
content-length
4188
x-request-id
a056c235b916afdf9cf2aca01a7acbe6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200128-IAD, cache-iad-kjyo7100049-IAD, cache-lga21969-LGA, cache-iad-kiad7000109-IAD, cache-fra-eddf8230092-FRA
last-modified
Mon, 07 Aug 2023 21:37:03 GMT
server
nginx
x-timer
S1693754191.786452,VS0,VE7
etag
"3fee53f22b1af143dd34a4c069748b36"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
generate_204
tpc.googlesyndication.com/ Frame 28DB 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ttJvhg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ Frame 3F18 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js?bust=31077549
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ebf21ade8c463147cc813c24625e0f8bc433161a3e51ae429c6a402b31700791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133294
x-xss-protection
0
server
cafe
etag
3197283795975378450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:30 GMT
generate_204
tpc.googlesyndication.com/ Frame 2E31 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?W6Z5FA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
video.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		524 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:31 GMT
content-encoding
br
cdn-edgestorageid
860
cdn-storageserver
DE-570
cdn-cachedat
07/06/2023 22:30:42
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:19 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
340
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf623-830a3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
957b48172771d207f7f363b60424097a
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
/
pips.taboola.com/ 		4 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230040-FRA
date
Sun, 03 Sep 2023 15:16:29 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:07 GMT
age
413064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32193
x-xss-protection
0
server
sffe
etag
"473971c650298c2f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:07 GMT
nameframe.html
d-27904427312725089125.ampproject.net/2308181609000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-27904427312725089125.ampproject.net/2308181609000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D4F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=3782014565020466&bg=!2tml2ZbNAAYHwnCgJ8I7ADQBe5WfOA9tEqgMa-H1t1BU5cx0Sip8bXLLxnRuCrPAOPdL5xlOP312u-m-5DQdIEGNNsQ1AgAAAElSAAAACWgBBwoAp8rJGcWLskisznGj5nzVehiGHHiZkrD1YdlR6GSFjC83V5e5xjRa0-DE2FbeAvTwq4Huw_h7DTButK97740AHbcPXocvduUj2IfAP2VyqXQoq8kanV6EqGXERcLW7DAlpS-_HQ44YNplQR9XTbDISEtd430IvK9kHPfJ_gXeoBpDNFwHIN7yWQhnDwWTX7An-_PpEXAnkRvPlmmZI92Po1Wza0e-c4jpmQLXx1DouhOdfGdpYjDNy-itcDL5KecmqJE9Eo6SVjymp_1F0Tj5srhoIrpjWbcNoLgQxkwmTHlVkqb2glZWPu7mr-ZKxnct4EQDuMq0kiwZOfnqrtPDHRjMswhqzwaUrvI2mGyDCtRh-aF0D36h2AelNIB1J95Hculu87Wosqmo828UelqRWOXDl6bOU_eq2Yzt-HyFHff6MY36E-GDTXpqdc4rSOH_V40GWfpWKFdKmKC77zuwGc-vF41cFU6V5sImoZapuVhSjJ6RUizGqw1VTtHhFCylgAvX5ogbZliu8NgBa7WM70ht7rT-KR6jqfB-W5bPMDMGgBE26wHrO5IR0YdzgOf-Opwwy9_qGFgy4vVXsKKhE9ALsT6sTytSk0bPrA2odsSSn-XIkBWnixp4Q_As1KH57dbu3I4PGaM_y3EAoabMkN-q367UcTKtG-kkKxju7A3kTuRPZ1MuQd9YS1EZqhZ5MbT_ymRZISWPb6lRys2qj9LEiTFA8LMFX3_nxa7F3Bv-1rTF2-Zl6hEJZPAI4X9AFyeofH0hOr-N35Sb1deQDILJ4aEfjUuJaVWu63-TRDewbwGpp59CCwtpBW_U2VfrPYzx806EySvAysbFpmpkZWQn6qDLwCsmEOqVzwjnPWPD-PPlN5ZF335io-ty970trdMDBo23-4lZtTkGAJCwlEalI3_VOfyae8nKK4k9-8eieW74-JwAcwuVa_gBLdxGNwzl52ADfYIvNHx0M6Pu6hbd6ab5T-LVJekM68D_VbFtFbb1ulv8CphH6HbvFvCCcePSppZ9kWSz9E6ZouYqQqRllJXt7iC20HC0a8v-pp33K9VBjreAQmvOtkmuJg6QAAe7I9VIhC8VeWoDjlGLGmq9ezScUSF1URwQgBiaTo_z17FpxzU0mnG_vmC9UMSOC7wIqJzarESyI8o_mi_g3m8Wf7RkaxilS02gV7Oby2q3ZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C91 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308300101&jk=3701367258465145&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 357E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=3782014565020466&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 14:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1087
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 02 Sep 2024 14:58:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CB36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308300101&jk=3701367258465145&bg=!09Cl0J_NAAYHwnCgJ8I7ADQBe5WfOPp_4WMV0r64goYRQVw50mtUG1xMDe7dMaH0pEHvD6Ktr7K7mTzU5FKMtj-suJbhAgAAAFNSAAAACGgBBwoAiNWJRNEdWljvHzq7jHFguIB89y29_CyENJd26p7IJkYxoc04BzOx0IYi8ewk4-IcqwgEDAP3iDJflzrw1lOvaBkucZvr0ncmIXFuQTr6jr7ZthctKNUzGdUovcJdldhEKSZ_xvu7r7qS9KznH32eSkBXHAlr-96ILL4WuUTLbWWEC7RKkCscOC2ZAtcKLHN87JC2ewaN8AEEl3E95uzCKukxRSOVE78d4dbrggYdpJCz-7xUXvx46Op1RqY1pZmGbBuvZcdNU1lY-PcCjLornp0Jur9ean6rSAFCzjNEm_rZ7UUvT8oKnI94uu1QKnEb2zgZ9szlxA8dF6Bz_C4ZSaFySGWav5JKixEdArig7yymyHJz7jmJiTkVOPX_RlYa3E0gA2Bh0ncJF3FI6Bgfd73LuNr5ciYv5EFTXqqC-vzQ3c1ncMA_Lz1DXgC4hNV0p-ZzNhGWD3r3-lyXNspRmwN-WIhuykP-aEAQ8esI6H12g-A24i4E6XT0u3KRWRri7xaLOPDCKhDTtxIJueH7dfpNv1TynJAF_RRdvU2VJcueeDiK577qqwVO8iLvK5GAUwJG0dXvx2VDZxUD2QvxEebHfaF4s9jDt3tIk9GeGjeabaNvCZAyWVdp6RLXSYfz6DMq1wgKxy7dZwDJlPAFNVqXk-21Xx5WLxGUIjNJp_i86qcj8f62Ffx90fH5wdDnTdQZWYPcQC5OS-gkmDbogWfQXvwMhCGQzXD0TrbAdIGKMGhblqdFBpMLJwmI0lz_A4-bXYr1IkYwteIzQZHDMXNNUbOCGvZRxzSnY4NwpUaj99S24hrWKU_Er8Y0CL4c0eWq8_7_Y1lac8ZvA00I1NFRcToeMm_REfvLBXgIVPZM7JL8P7jfum53vwmuCweMFtidS7g1jQq7yktVCLRvEYHZfgsGT0aJHXyfMHtjWL_-SUGjqlfctYBRa2UmtuQBeN1U1M9ysuPzPYk1-YWAz4LCCTRZufaRfjkliLpvQJ2ZLSkeHdLm2bsovriZW-WNOfvP10973hkKqcKtyQCZF0l2vZ4bHYkNcs6V1cG0WvkNb--pRvJb90Gptdda_IgqAzpMViFmfkYcxfFbojxWEX-xMt8PRQz-kkoNwSsVzfZ98Q4Yl0h9D10jS5AI9JWFowM1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:32 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 10 Sep 2023 15:16:32 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 123E 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-29307978831445629073&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2843&oid=2&is_amp=5&amp_v=2308181609000&d_imp=1&c=43000509&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&ga_hid=509&dt=1693754189689&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&bdt=14877&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230903
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfa85b94d5f3a84a83f47de22483880a0396a6ccb0ea8b549abba5c4c3fe016e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Sep 2023 15:16:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
40539
x-jsd-version
1.0.1801
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-bma1661-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"63d-4ic6qxTTe0URLUsn9xQHDUK9H8w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jhfn1avGTcp9QWNR4uoXRjIjyMVCPttLVxYdGTSom4Uw7f%2BooJWXiAyy0sP6D%2FPOeWK%2FV7JuCtEhyN7GdRL3dENiBAntIZqYBIDUNqmsh3cgoHDGAkbd8Rl2Jvu3kwDINFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
800ef4491902bac7-MXP
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 03 Sep 2023 15:16:30 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a202f8c3fd59ee34269c94a945d3507d8bf21f361698b49424e579961854a492

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=d7cba6b1-992a-4483-b721-a2ceb0745bb5%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E8%8E%AB%E5%BE%B7%E7%B4%8D%E5%89%A9%E4%B8%8D%E5%88%B06%E8%90%AC%E5%8A%91%EF%BC%81%E7%AC%AC22%E8%BC%AA%E9%A0%90%E7%B4%84%E4%BB%8A%E5%8D%88%E6%88%AA%E6%AD%A2%E7%AC%AC%E4%B8%89%E5%8A%91%E5%89%AF%E4%BD%9C%E7%94%A8%E4%B8%80%E6%AC%A1%E7%9C%8B&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=9405f66a-8238-4f27-959e-ebfa68d96683%3B48198480-068f-48d7-925c-c03e46a06a37&l_pb_bid_id=14d9e1d2ef9b306%3B15c08153dde2ccc&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9405f66a-8238-4f27-959e-ebfa68d96683%3B48198480-068f-48d7-925c-c03e46a06a37&rp_maxbids=1&slots=2&rand=0.5528857415505255
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.21 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e065d14ad997dde67ea517edca17f17790ca60a31926d8586ce62df4d114f05f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Sep 2023 15:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
800ef44768efbb7d-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Sep 2023 15:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
800ef44768f2bb7d-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 03 Sep 2023 15:16:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
adreq
ads.servenobid.com/ 		981 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2004
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Sep 2023 15:16:30 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
79b4e3f2b4f09ae147114648d01d44080725f0ab3334f1ef6cb4ffea41e8ea06

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 03 Sep 2023 15:16:29 GMT
prebidjs
rtb.openx.net/openrtbb/ 		13 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ce822175e81a40db3f3fe570e418063a7658d9fd87ded42fe50aa0ce375019e1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Sep 2023 15:16:30 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 03 Sep 2023 15:16:29 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 03 Sep 2023 15:16:29 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
hbjson
grid.bidswitch.net/ 		38 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.115.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-115-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1c3c7da5d6e9ac7c224be230acdeba001abd5c6d4ddad2e60276a819287b6aea

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 03 Sep 2023 15:16:30 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
17472
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=81926148504&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 03 Sep 2023 15:16:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		250 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1cb1b8c33e9c915676a2e38fdf730eaa7df8be4eb01a04b79bc44b5994e5c64a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
an-x-request-uuid
4a66360e-0bcf-4a93-95a8-b69f475e23bc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
158.181.111.68; 158.181.111.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8919596c7d2d31e3611ee7c1f53a57d317da40aa3e83a560e952984369b89e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jI68aMVeaB2st92d9qGS24tIi01QbJlWTbrNZLU%2B7wXaA1p4WmP9797CkCTNiYTb4kScOtlnKPlFOGZrheFLWUp%2Fl2FbZ6jAAbXp%2BYsXUfPWEg0fRtO9VdY83u2h%2FbfW4rTFlph"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
800ef4475ed6020d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8919596c7d2d31e3611ee7c1f53a57d317da40aa3e83a560e952984369b89e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hy506Rw43Pno2%2BV2WLHUka2bJ9uHnaMWgQXPxAU33uLQrzBxliXycVVrcW%2FZ0T8TiKpmo81ClNTDFqixnI3CZpHXrl%2FiTTH%2FVAZFNZ4ny4ysPBAtmcWpRqa7vQlDVNnHxxs91iX5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
800ef4475ed8020d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8919596c7d2d31e3611ee7c1f53a57d317da40aa3e83a560e952984369b89e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ24qmfFB6iCcrEC5XrTPm5uc39ng5Uvx07itt74fJBJ6EqcEcZI%2FOCEQlYxbB6Jwcxj3%2BbNEL0lnwOTKnMLRCvJsHDxiBmq2Y4EQpjSA7HS8AHXGGQMdjymUPDzLoPGr60kbWTZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
800ef4475ed9020d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Sep 2023 15:16:29 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
16
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
tlx.3lift.com/header/ 		19 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.32.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-32-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:30 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
x-auction-status
29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=IL%3AIL%3AV&lti=rbox-loaf-wtf_var&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
66
date
Sun, 03 Sep 2023 15:16:29 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
65015
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1693754190.892506,VS0,VE66
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 03 Sep 2023 15:16:30 GMT
cache-control
no-store
server
nginx
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tby1kZS1uYS1zaGVuZy1idS1kYW8tNm1vLWppLWRpLTIybHVuLXl1LXl1ZS1qaW4td3UtamllLXpoaS1kaS1zYW4tamktZnUtenVvLXlvbmcteWktY2kta2FuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS00MWJkMTI1NS1jZTNkLTRjYzYtYTQxMy1jMmQ3ZjRjOGUzYjQiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYzlmNzUxNTktMDE2NC00NWI2LTgzNGUtNmJlZDkwMzM4YTBjIiwidGltZU9mQXVjdGlvbiI6MTY5Mzc1NDE4OTgxNywiYmlkcyI6W3siY3BtIjowLCJhZElkIjoiNzU2YTdkYzk1NjA0NDFhIiwib3JpZ2luYWxDcG0iOjAuMDEsImJpZGRlciI6Im9wZW54IiwicmV2ZW51ZSI6MC4wMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzE5LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5Mzc1NDE5MDE1NX0seyJjcG0iOjAuMDQ0MzE1LCJhZElkIjoiNzdiZjJkYjllYWYyYzY1Iiwib3JpZ2luYWxDcG0iOjAuMDYzOSwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDU0MzE1MDAwMDAwMDAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1NjMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzNzU0MTkwNDAwfSx7ImNwbSI6MC4wNCwiYWRJZCI6Ijc5ZWVjODVjOWRiNTkwZiIsIm9yaWdpbmFsQ3BtIjowLjA1LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NzAwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5Mzc1NDE5MDUyNX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhZGxpdmV0ZWNoIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3N2JmMmRiOWVhZjJjNjUiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDU0MzE1MDAwMDAwMDAwMDA0fSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJjOWY3NTE1OS0wMTY0LTQ1YjYtODM0ZS02YmVkOTAzMzhhMGMiLCJ0aW1lT2ZBdWN0aW9uIjoxNjkzNzU0MTg5ODE3LCJiaWRzIjpbeyJjcG0iOjAuMDQ0MzE1LCJhZElkIjoiNzYyMDI5MzZiNTIwYWFmIiwib3JpZ2luYWxDcG0iOjAuMDYzOSwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDU0MzE1MDAwMDAwMDAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1NjMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjkzNzU0MTkwNDAwfSx7ImNwbSI6MC4wNCwiYWRJZCI6Ijc4MWYzZjdkMDA3NzdiZSIsIm9yaWdpbmFsQ3BtIjowLjA1LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NzAwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5Mzc1NDE5MDUyNX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhZGxpdmV0ZWNoIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NjIwMjkzNmI1MjBhYWYiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDU0MzE1MDAwMDAwMDAwMDA0fV0sImNvdW50cnkiOiJDSCJ9&c_b=18606.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:32 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
L2EvbW8tZGUtbmEtc2hlbmctYnUtZGFvLTZtby1qaS1kaS0yMmx1bi15dS15dWUtamluLXd1LWppZS16aGktZGktc2FuLWppLWZ1LXp1by15b25nLXlpLWNpLWthbi5odG1s.json
cdn.adpushup.com/42753/ 		555 B
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvbW8tZGUtbmEtc2hlbmctYnUtZGFvLTZtby1qaS1kaS0yMmx1bi15dS15dWUtamluLXd1LWppZS16aGktZGktc2FuLWppLWZ1LXp1by15b25nLXlpLWNpLWthbi5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-73.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 03 Sep 2023 15:16:31 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=9, origin; dur=369, ak_p; desc="1693754190876_388605705_898549321_37863_1700_54_0_219";dur=1
content-length
555
expires
Sun, 03 Sep 2023 16:16:31 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_9/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:32 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1529060
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1693754193.611189,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
67118
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.5/ 		448 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.5/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_9/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ef7e0e0f5607be19e1435d5c2a116506def82a9e801a9eb4ebc6b6b6d97202cf

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693386434
date
Sun, 03 Sep 2023 15:16:32 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
JSZPT86M0E8D2ZQZ
age
367700
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693386448
x-amz-meta-mode
33188
content-length
86206
x-amz-id-2
AfzRpS2aMtAGhIna3wqcpMb8XOXuPEiHgEchXlf1F/b4AOrsOj+IC4eHg0dQvUdYaHE3g/1kASw=
x-served-by
cache-fra-eddf8230040-FRA
last-modified
Wed, 30 Aug 2023 09:07:29 GMT
server
AmazonS3-br
x-timer
S1693754193.611299,VS0,VE0
etag
"0043a8c66bf3bdb891bdd77cc16f821f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
377531
sync
am-match.taboola.com/ Frame DA4A 		422 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_9/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
de1b8f522333e9d9fc19e7d6f6a8f038b8e86eb9d4d85f85a8e26696e4b02665

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 03 Sep 2023 15:16:31 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&cmcv=&pix=31579697&cb=1693754191139&uv=3329&tms=1693754191139&su=3&abt=lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:32 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sun, 03 Sep 2023 15:16:32 GMT
via
1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MRS52-C1
age
996453
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1693754193.982253,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
IIclY0Hd02bh9imcq0tMJSCTDo5LewOaeFyq25cNLCQUuYWH0yvLeA==
x-cache-hits
273770
cookie.js
partner.googleadservices.com/gampad/ Frame 4CD2 		379 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
fafa32db240c2b29d7f7860d78cd5e9ed753759e44a63cb12794a40e09c6c42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2708 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2e650636c28e7a8762acae233653b2b001d5082dc94514096dd1b7a8d84920c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11900
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 3F18 		379 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js?bust=31077549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
fc5d754265103042e0732096eb598585e42a957f176a9909fdbe7421deb69434
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
adx.holmesmind.com/adx-file/20230617/ Frame 68D8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16937...
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
459 B
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js?bust=31077549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-12.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
386
content-length
459
content-type
text/html
date
Sun, 03 Sep 2023 15:16:34 GMT
etag
"b488597db51c4a25cc169c0690d8eea0"
last-modified
Sat, 17 Jun 2023 07:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 777f1d1b9036eab1bd4b9cdaea74f798.cloudfront.net (CloudFront)
x-amz-cf-id
5jrr7Dm3l1iJ6lHjgTp-FTI7f06YkJgcwKr2jqbFT1f-d65yeBQRIQ==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:33 GMT
location
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
googleanalytics.json
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/ 		2 KB
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:04 GMT
age
413068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"0fc0eb4a65ca6481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:04 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.102.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75302
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 02 Sep 2023 18:21:30 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BArlyhLqWXHtM%2FNPH8QCGuChMtqt2IEz5I%2BvwNY31kuzfIE0%2BMZ7uL5Nqw4LpveeFznFH8SHh17u4oTaygXUb8DQS2aozd2Pr6NP%2FiPm3RvgwbboZE8K1ah088BbZfC6LQ5a2D%2F4unl4fyXNbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
800ef45998ff1952-FRA
gtag.json
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:10 GMT
age
413062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"d9a6653d564716b0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:10 GMT
generic
match.adsrvr.org/track/cmf/ Frame DA4A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame DA4A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-PtgW4yhE2oQNBcvdYLGFuyg5SOCKlfO.zGTuZA--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-PtgW4yhE2oQNBcvdYLGFuyg5SOCKlfO.zGTuZA--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33237

Redirect headers

date
Sun, 03 Sep 2023 15:16:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-PtgW4yhE2oQNBcvdYLGFuyg5SOCKlfO.zGTuZA--~A
content-length
0
sync
x.bidswitch.net/ Frame DA4A 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.122.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-122-173.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
08/09/2023 21:21:30
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
68431996966b7614655f910eb03c9cbf
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-165
cdn-cachedat
07/07/2023 01:07:44
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
bcea72d3cbeef70a925b3bb8ebbc18fd
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-164
cdn-cachedat
08/28/2023 19:09:21
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
99b934c12c6202d4b41cf311586db905
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-167
cdn-cachedat
08/29/2023 17:57:29
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
4d30c6358f4d54cf68e11df96ba79c40
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		263 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
06be8cceb4156f3015fb1706d7518b79be1c129a055533a97667cb17d66a8ba8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89328
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Sep 2023 15:16:34 GMT
3243a28f-26c7-44f6-be52-058d6f908d15
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/3243a28f-26c7-44f6-be52-058d6f908d15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.187.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-187-108.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
Date
Sun, 03 Sep 2023 05:08:18 GMT
Via
1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P1
Age
36498
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
srbvmRXGrLj4Fd_G178yQMmdlwMdrK7zLHPTrZsDi0SrdGZSO9OjtQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		0
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		0
0
publishertag.ids.js
static.criteo.net/js/ld/ 		0
0
esp.js
oa.openxcdn.net/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
868 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086587182962104&correlator=3471926530324738&eid=31076398%2C31076475%2C31077576%2C31075593%2C31077189&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693754192613&lmt=1693746992&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1349050420.1693754193&ga_sid=1693754193&ga_hid=509&ga_fc=false&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&dlt=1693754174812&idt=17756&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_8_0_pv%26cluster_reporting%3Dchrome_DESKTOP_8_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c%26faid%3Dfalse&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
05eccc1688a2b51ebf2cb8540da29d1258c25ac24513deefbdcb07bdb1566460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		183 KB
54 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086587182962104&correlator=3767641863630309&eid=31076398%2C31076475%2C31077576%2C31075593%2C31077189&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693754192628&lmt=1693746992&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=1349050420.1693754193&ga_sid=1693754193&ga_hid=509&ga_fc=false&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&dlt=1693754174812&idt=17756&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_8_0%26cluster_reporting%3Dchrome_DESKTOP_8_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.04%26hb_ap_adid%3D76202936b520aaf%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_8_0%26cluster_reporting%3Dchrome_DESKTOP_8_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.04%26hb_ap_adid%3D77bf2db9eaf2c65%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c%26faid%3Dfalse&adks=1420297610%2C2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7f7e5f8155897d0da1cc12119c7de1b9f65e82cce96ba1a14f51be459159c1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55309
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F55 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:32 GMT
expires
Mon, 02 Sep 2024 15:16:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl_page_level_ads.js?cb=31077576
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 14:58:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
1081
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13570
x-xss-protection
0
server
cafe
etag
8322348364393239614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 02 Sep 2024 14:58:35 GMT
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		0
0
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1693754192874&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1545&pt=809117588&tz=120&viewable=true&ddast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ffc61c6b74c39fda7fa81530c9038e0b12cfb9b19672587e5f4abb4953059e9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 03 Sep 2023 15:16:32 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1476
x-cache
MISS
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1693754193.892883,VS0,VE30
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		0
0
web-performance.js
www.clarity.ms/s/0.7.10/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.10/web-performance.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/il95o8vjrn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d1256f2cd32de7174e7dd9cf32057a2db884df5f3978e125f9a8263106785abb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
content-encoding
br
last-modified
Sat, 02 Sep 2023 00:02:16 GMT
x-azure-ref-originshield
0v97zZAAAAAC2t23SbgrNT6sq4HZT9CEBRlJBMjMxMDUwNDE4MDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DBAB47DE6DB351"
x-azure-ref
0VKP0ZAAAAAADukhJj5xlRbJ2yK3OdG1jWlJIRURHRTA2MTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0dac7589-b01e-0043-2304-dec887000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=509&cid=amp-LceXZSHsxjNJ4c_roYL3VA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dr=&dt=%E8%8E%AB%E5%BE%B7%E7%B4%8D%E5%89%A9%E4%B8%8D%E5%88%B06%E8%90%AC%E5%8A%91%EF%BC%81%E7%AC%AC22%E8%BC%AA%E9%A0%90%E7%B4%84%E4%BB%8A%E5%8D%88%E6%88%AA%E6%AD%A2%20%E7%AC%AC%E4%B8%89%E5%8A%91%E5%89%AF%E4%BD%9C%E7%94%A8%E4%B8%80%E6%AC%A1%E7%9C%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1693754193&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2708 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DL0GLhT0RwEehyW81UONq0gxPFuWMr-jaAb77YJ0tdoEJ1pTRRQplUXAqK79e4YNiFyzzT78VSlwm6Xua90SnbI8ijKGOePX59vkTyv1w5U9qJ8JQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2708 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3120932960450283784&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DFB8 		478 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXPimUSGowy8mP-hGMh4gdXoo8uEq6qp581HtOKZCLtvdhMf86IkId4Bvy9KwGTruwwhjmMY226UiZrVhYkQI2ugUfzlA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2708 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 2708 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 08:54:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
22914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 08:54:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 2708 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:19 GMT
l
www.google.com/ads/measurement/ Frame 2708 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvOHmFj2vpooYlOVxyz-MKQPPE741bQMaT-oibk3fgtBY415DKrnEeWIVK6q-OMw2uH1uBYMYb-aA8CaZtWHvGwLFvcA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2708 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:33 GMT
container.html
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E009 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:32 GMT
expires
Mon, 02 Sep 2024 15:16:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-245.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame DD78 		267 B
121 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWptNZMZzFInI-gtNJV8UFZKNYqwGC4QceEiKoez19m76D0RUMZDQtXsnae_M836b6y1adEVuv6P_RbSGpwhPRQtZpp5Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9B11 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:33 GMT
r62eglto.js
ad4m.at/ Frame 9B11 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
427565
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7ChCOtQdwjR6Z%2Ft1pjckJIzV%2Fv7GU0MkONDWsGtGWkzxPeQOjFLu%2BvE199X%2FD%2BfUQ10lxTkaImz3av16dUXp0Wb5D8vAzYnhhJRsKuCbtZWasmGuROPLhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
800ef4613d601db0-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 29 Aug 2023 16:30:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B11 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSyiZ0lW4lZZ59jvs5pmw9Tqg5IiLZJWFTn3qQ_NcU-XWuzXRq_6ARQGpC-e_TNqJUZfVAfCFilrc6VZpY_yftc6abl8r30G4Uz30cDJ2faexjV6U
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B11 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3937291791478476943&x=8&ct=77
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eb1c90ca-4229-4dbe-a44a-890dd586bf19
beacon-ams3.rubiconproject.com/beacon/d/ Frame 9B11 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/eb1c90ca-4229-4dbe-a44a-890dd586bf19?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=15&e=6A1E40E384DA563B1A4F4896054CD2DFCBE7633B1BF419E71E03332E6F2359BB1778E86355A91B643E6190B6E95D9B18B8B520C6696685693ABF3438F37602481C1DCCC95DB4883E9D433DB3EBF167A67A8136C33BC5AD45FFB9BB4D57315F267A3F885870C272396EB02C081BB460D03F29D25B98C670CBFAF3949FBB81C0B54E6FC96756E5E571DA32B88D1645535D2E0A5266BB8EFC318A7CC300D2633C0A93CF2326382FBCC4729FF6B39B8AEAB82B590199EA023FDE535FAF19C84C12DE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.37 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-245.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tby1kZS1uYS1zaGVuZy1idS1kYW8tNm1vLWppLWRpLTIybHVuLXl1LXl1ZS1qaW4td3UtamllLXpoaS1kaS1zYW4tamktZnUtenVvLXlvbmcteWktY2kta2FuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS00MWJkMTI1NS1jZTNkLTRjYzYtYTQxMy1jMmQ3ZjRjOGUzYjQiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNSwicmVzcG9uc2VUaW1lIjo3MDAsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InJ1Ymljb24iLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDA1LCJ3aW5uZXJBZFVuaXRJZCI6Ijc4MWYzZjdkMDA3NzdiZSIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjMwMHgyNTAiLCJwcmViaWRBdWN0aW9uSWQiOiJjOWY3NTE1OS0wMTY0LTQ1YjYtODM0ZS02YmVkOTAzMzhhMGMiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=21313.89999771118
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
container.html
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C7A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:32 GMT
expires
Mon, 02 Sep 2024 15:16:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1749 		478 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVdNbkgdcrf1ZX9A9hcx7mcj02Qfj6pluVADSuJtVrDeRAaeaOVENj4h-yIR1nif2gjbsuVg1G0JjMG6MIiFRPjvgcOUA
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E009 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E009 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5LFFeLEQgj_Vq6wjpCd0YssRPCf56t3PWKag3Z2QZSAtz3vTekRS_G313iMILD4HIoHdEkKXCAA2AxodV0l5OMySP6aZD4aC_9HYc2PzjAvhAzUE
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E009 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14302820663279221607&x=1&ct=77
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame E009 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame E009 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CPYHXUKP0ZIPzKpaPgAeK75GoAq3wpd5yn57osYgR2rbi75o4EAEguoTAM2D1hYCA3ATIAQmpApgq7ZfxFbI-qAMByAObBKoEjgJP0EgHi9XSX1D_dsAhBwclnD5tl7YtsE1AwcWmfuUy0paizrw0hI7vxXeVVaDiSv9OA104d75GMmzE5f9vCmacsCzYQxpqNQ1co0mRFZ7UFFCesBSWi4Gres53p_Xi0Z_cICFnudn79BmbCk1YW15-bdXqwpelsYa3UvF1kDNa3MHh3BXLU1_csc8YJ849uKZ6W_3y5kQSJezbwgsA7XVTs5QcQifdVuq_YYK8VYXP2nJjlAoIfVyQLw5FYcPyi-3-7scUrtfYz2kTu23eoFTByB37S2H6y4Ka3k3cpVLy6vh9VeuOOZois2sO3sIZYnNUNUS2YIJNFjhrytWywU_Htrlgs9TBSIu_BZqUJ0_ABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE&ae=1&gclid=EAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD_BwE&num=1&cid=CAQSPABpAlJWsaxQw0DE864h7aSm2baS_PH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE-1xgB&sig=AOD64_0pIWoNQ2zcjaPScDPAnJmGkxeaEg&client=ca-pub-8933329999391104&dbm_c=AKAmf-Cj3eb1AYz-IbHSr01ipLive8MDohGv3BbbCo4WCXgva35vo-fU5-4sT9wqGwCAxKTfXsn3ht5rCbgyeNcf3EEveH3sMXL0pVLFUOZ1bnVSEqVtOg9Vh3moTetF--dLlekJrw4M_ZUdIUgt_ahoaw50arN0ZD40zxvUcg_ZGVzvU-lpVuU&cry=1&dbm_d=AKAmf-CC_Ew3eCpLC9VyUxZr4FQOExocX1-Dl0O4gU8lDs7rXSpoiP3M2lIOT6YSQ6bX9_XNqz_8TAcwQ_quscX6YtAgQ5KL47DI1txzYHwTj7YS9nX-vQjiCMWzfdCr0WxulwbGDw5e-MeWFf1YBTy-07ZLUjcq4mhnCGMvb0sqS5nDSqjEnJWlULiFUHSxJHIk2y1maZWDJqCbISLfoIWeWcxumrMEEWwWMk3dqnGDpElwFJWpgPW8MUSlRP5vezNv2pB2SV2_zZGM2nPGdedQrt-HbN1L-J4O_ebNj-wMXGueroOxVnwjgSORj31jYYAEreC96bTm15Cv93BQv2J840pHawD4YjbN47Pfakb9mNU-HVYiYaj4343MckoB4bfuOBAfNaVw70hWnf8t5iPT36yaXIVGAuK22ULGEMdtsZ6b0UXLIO9BjBLwtym_C8rquFO-9Yp_GzIPVJnZmnRKLbn_oeQ-l7t4pcjKTrBrhZ43NJOdDdeOUUxIRAd8BwzUn1Ejq_onsp8CpDw29-01Zmlldz0n5vaukKFsraCZ27PSYPm6WMoZlloGMSvvjh3Pl3iuJpCNT0AcXHK8rSABYDeh124E-frLyX84halx1OAM1YqMXUiYCDXsgIMYlWWdWYjnywGdoHM3brynDxW--Tv97GaJzSR_ZyizvJ0LmuJSuD_QI1o&adurl=
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
454efc2a7a789fd6efe3766391240bfbad5c08e8346810cd0d5a65f8418b2b8f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sun, 03 Sep 2023 17:16:34 +0200
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame E009 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 08:54:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
22914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 08:54:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame E009 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:19 GMT
l
www.google.com/ads/measurement/ Frame E009 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8Dtb90X49nPB-TNGX7Rg_P4Nn80YtEJtbmuum9mZBvOmRSUXwGJM_tFC-T4YPxyNoSL1pDY1gjkJ98zbQvx4WG2t10w
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E009 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2708 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9557609030447&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2708 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9557609030447&version=m202307240101&ct=77&x=1&cor=3120932960450284000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2708 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFQcul388hxB5qPBC0UCXza_IINFd1yj7Th0sKRO6LyvTq-oXsXSgvWlvtkC8LRibkSPwfZSoSTJqgaap8LAQl7zsjWJaJnIAjcyvM1JSAN2XzleiAZN4GLXpIIr4G0oD-pzi38_8qHu7rSB6KVoUjaZKJWatGrJbx5jk9Xj15pn0cs-w&cry=1&dbm_d=AKAmf-AJ3ShMc_IKxLSr_wDF0-0H6PQ-fUTUePpYJUKk74kwlcESUPaSq-gcrnlmgO7DwwEM-yWKK1f4DiUDx-LUmYPN10jKkppr7JZ1GBU3O2R3jQI9xh8btd-6nVR7rrhuFGjjSTTPJW56RqMDRzT4b0dmW8PAWsVZpDMVL8xicD6MghQ_tWK0pXlK0EZKMAZmlnUncxEagYleqXgOFB2WuYx7q9QtcTnUJEbouOUFhuDlGJeXzrzEQh77XpepO5c6PkYOlk6_UZxnUZLGLotum2wVRaHyc-Rjj_kxQ89_cu5v02K_ah7Dcp3mxmnjGOp6I5YFiWOpH_fuJjkCCcVoEFug5mMKK7rM6Kgw0J7F9xLhjuXltwQJma6L4KfQiUg2AUsdlYLEYJ7Y8xHXVpRoYYbRg0438xGhxIzWCJ4u1xfun5cEXzBmJM9FiQmnQCyweIYD4Ze0a5gpjAxqcvzIz49S_uPOxWh3XJ-d-GpJWckbVnhshPEhUdgmRQRNcF71YNgDBz3L-fei7jx-0GijZsJOlcGUCLcHh74MGTuLstw3A6YqXahSCd2nWMUVAi9lgJcZ47HpYlT2vB19jCS2xf3oLEq8vjC00403XgP3FSpYG94U4VMQhGAufsZNVo2c6pLVOxxMozJNeT1CV-ap5_8YleL3t1IJp6hAUoxejCR0izIaLLtx4_XRnfgD62XpxaaBE3AvKPjl0COPu9EDUcOcBFXRNq_MKm-9_5wW17kcRfbHtOvt_gH9NbXMi4k-fHPEXZRcH3NkCsLMpHtUYQ-iinaU0uoGAMkI6mH9QeGzPStXO6qBXUBTudLoity9kmXHUZX-qepTA3wYMtfX0TDaIZfY2TLaKTGFXm-qpToZH_1Wud-eP3misXMZjfvwmoHr0EGbEovDm3rt1GkqarZkliKI0UvQ1I563hxxt8hRGYjJfU51-DJgH87FmZt9Hs0TIojvakie42OR15yx8_rwRlfTXvJHxgI6z45lMZWTEML0LGCsiJpWMe8qKQ6io9OkQiV1SEaQR8xkQ8AbBshChIemtv_oT18ciWDGklv_26o2rHSzXZ3_PXW1ff8SdKapJFg7oyHEMZ-oiVtbrh-3Jxj1ndgtoc1m9IUHZWhdFbFgMlK2N4Ge913Hrv2RNYykhd-edihd-VRVQ4sKfOFyVkV7EdqtW7BlvmNyzyCbQoVv_lFUHI-d54wy0wiAJ0-nq5DX7TX6whCb93sZlElbsAILlyi5XxwReBQEFbYnz5aDqw2JbLfHOtJzRbmWSJc_50ajotYPqIYrsLUsFxBeG6uM1NCfQYqvEixXHqmPQM4YGarPPoqnGRGLX8MTry80JoKLmW1DNQfcWod0JX__3wBjU9oxIbBFuns7xFz1YI2GoKMsHTc0JobKObVRkErGqVH-RVUJu3s_zyeIo3bkJeEeMd9ugWGAz2rI5MbdkXTejpQ6SkxtOJtzltXCAEHHgOvtFZ5xmulHYYSIi92FfMmek8qRxfOVDLJISXMz4_2Lmy4oCr5-zbUTDfh0G1tKPKvq3qBeuQo2gxpN6xXwkS4mC5E1F66v6_oVSaXOViK-dvQgjr70PtQp5hxB4D-FiUo-54s98fdC3-IDokd6Kq18Epj8DTZxWgQJs7b01iEWQbD8Dm_5hIjGGziR4Khp8B9yfE0Z-LrEhG5Cte-e862ivQUedpKvBvJwXlaS8Rn5z3oB_ocUqjtJyTbwMYNAm-KpGZ7e6Jsa9yDTAUSARcXpxsMVF2BtZZZfHb3jBc9HBkUYNPtJ_rQdHuJJ26uO7JKlUCdRYhnZnk6GKcVoKn0v8fMVwQrNYtnWxDjJs-wd79u0kjOK64BBMKkDjuDrm56QbfNLlt5Z4Jq3DIRzYam1Dq8ACHHH0caytoTqvvpFAWxvR0HzWVh_rYxy96xigRsNGKXFgJAao5LV2154GJ-kb3bbYSn3TqyfLqFJ0zQwmp4Azu3fkT2wwqEkzjCIeLFMlltKokStX6oWi2RQmTj-SPKb7-clFeShl1s4ZcGRkNTN-KigTLGo_Cp0BT4HjQ78sE8br4hcUS7R6AZWSocLAzA7W9Qdhk4LD-weaLsE6WdVrig-xTXIKUhFdH3upkQPdB1s_o_UqdoC4OZdqG6FwAVzg_bP0ADszb-hf1AN66fBPNsQpEp6hs_FvXGoy8wJJg2Rx_TlxCmfR2dpYRauc2Akl9QBUcfCSFiM6kBzVDpRmyldSkEOGmz9u864vbd7EYcw6cFCJFkg-2L3WJQd3qhoK3Cwy_hM1EZur6hqb-CytOlQamfGhGqY2iWroDaB30w5Q3prlwKoU0YLyjLlTqCLoypXtFda1WiYI24FswR1iutNG_Vv7xuvzWCCUK8UScV7OfBy6POS5sI-9jDDMeLq3ZyjaDl7vJn0xLGZfJa1RX-czbCO0dwKpjNSnBWk7EfECABUWvCJN9NueMtQA9gcb8pvZ89vIPka2CalgS5ObioVBqVYJsKH-mhGUzdnqCXNr4FexRRGZSmHH8E7aOw6p8ehrv9lYMqTzEFRGCM3ZcZaR75SuElFK0VtqHn0kHFbpTjx-1g4kRlunHZBWn-r8ijhDoR19OucnyTF1Om8UllsfB73jarEqEXuljk5NLNTvhIejTzvMQMEvnDY37suCPz16A83JrDYoaLQW7GwTGjK9hR2jSM_Kz81Kec6ONL7bOUc_XSCouTFi6HUJHLZCyDGqHsxKiZsZkD4_lMW2IToR5tJPM5kR71JNPt171dS74c7I7zfaulGiW9Bih2kINcLmwvG7Y6KBrTOd7NgGpjiuuyi4qD37frh3iAwnwLHYSt2EBmTWJx3TSXJ2PJgzW1xNXLFddbqPlrdEWVgergM1P9YdWnJjwRZgxbfysrJ3YEMzJgCQwwJYbVsRB68VBMwg2kNOHPImg92gilpRVIASdf7DdAOfZOjJlTLrh8jLIOScgyye2T2FpxmM-QueQ3-YvqZ_peg-A4sWEjvsvhT-vwmHoCDrc5e3an9rHlkGuT2Waq-VW2MgqUN8fuZBQDyFRWC0IjRs8ygoR0JwJChoCWWrZSPHKzQ9bHMvCitchNl_Ec0YMiq8VMLHxP8rgz7T5cwtlPsa7hhhncao_SF6_zGt4x5uM7SvCCrwbVN4gtLnvS_nUonIDb5V6pxP98WNaXjT2r9AisACmXxxqajO6-Y_t6gMg8roQlkdyZH0ReaCu9_XGg1Zwyi4E45XsygHe2D9lHcMZDnxnOKAOFRUw9Z4CGqvUGTFD-KRMlsXj1WTCg6OoTwt68cBC0UKVJtQqkDHDI-5Lat7znTC5scf6L_xQK32FuZ1f7diwyl28EXQRx1xsZnBiiarlylQ_a-hedwBv--305CDKL6M--me3BeGNOZ3yyAW1nXBCaPHqQxPvYsNhl3lJSljKWcAl9YpqgXG6Zbl02t9iguwjAmRhtP553kvXhYQjhIymq6PAvO2CBthbQe7ZZhMbgc5EwtaQ9-NvnG_Pn9Y-_AxmyKG3IQM6QxiiVN1tIgeWJ4vA385COZUuMzwYcZIeSKS9huVZwTwLK9mYY1nOhdBWODWwK1LrMuxjupPlK0z0QIgnpprCbUsYsNZheyhhmBQu5hJPBOs0dzaNzZE7XYYLm7Pp4fBKgws_30Agdwr26Tx_OPQwMwDAVmrAelbAa8MFUTNGbhheMRXDC4rHGekHDoyk-YoRzV2c3cBt2J02U8DUY-FXVxe53qD6lRTjcrXr9rbIXHmQX7LHdFyBhKeX0g1GO5Hb-WYdn7XrUFSDbpfikwDJzSst-dY_UOTU0caRHASeTITW1tcKeobzwQg4EjyNYbtCaN5J_cRetzH7y4FcwflFOe-g6CB_X2tcUKBMvubcQ8vwb3YG7N950n2nalGvL4oiTfyJUW8o_iJxNX-Nl9ohfTP4Vnqzzn_g&cid=CAQSKQBpAlJWKwWS-BGVZTcubZdTpqz9eySVoKl6VJezz32pUK3g0NhZ7-vdGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3120932960450284000&adk=627576174&idt=255&cac=0&dtd=30
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
54ac42444cb9d1f288b4cc88224bc17d2e6a25e8c128b1c502cb53048961e050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11910
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DFB8 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXPimUSGowy8mP-hGMh4gdXoo8uEq6qp581HtOKZCLtvdhMf86IkId4Bvy9KwGTruwwhjmMY226UiZrVhYkQI2ugUfzlA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DFB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXPimUSGowy8mP-hGMh4gdXoo8uEq6qp581HtOKZCLtvdhMf86IkId4Bvy9KwGTruwwhjmMY226UiZrVhYkQI2ugUfzlA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame DFB8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPSjUvUhxp3GT8zay8eZTwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXPimUSGowy8mP-hGMh4gdXoo8uEq6qp581HtOKZCLtvdhMf86IkId4Bvy9KwGTruwwhjmMY226UiZrVhYkQI2ugUfzlA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3C7A 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Sep 2023 15:00:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Sep 2023 15:16:33 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 3C7A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 3C7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 08:54:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
22914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 08:54:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 98FB 		1 KB
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
22786
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Mon, 04 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 3C7A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:19 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 3C7A 		225 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 21:21:09 GMT
x-content-type-options
nosniff
server
cafe
age
64524
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Sun, 03 Sep 2023 21:21:09 GMT
l
www.google.com/ads/measurement/ Frame 3C7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHj7jaIXyXXJrTzpNmmS3O0akBleH62bY5koQDrcWSpJrivWuLnPMSquAdWjLv2vT9-GZqbFrpFCtb1sgBQIZADgj0zQ
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C7A 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:33 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 3C7A 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 01:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 01:09:15 GMT
16294773435132459245
tpc.googlesyndication.com/simgad/ Frame 3C7A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16294773435132459245?w=100&h=100
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
7729a99ae109aebcffab9c55889313fdf09bb2298d29143e2901f42738668062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 10:28:57 GMT
x-content-type-options
nosniff
age
449256
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1662
x-xss-protection
0
last-modified
Wed, 28 Dec 2022 15:06:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Aug 2024 10:28:57 GMT
truncated
/ Frame 3C7A 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C7A 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/r/ 		0
0
generic
match.adsrvr.org/track/cmf/ Frame DD78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEJwZt2JJkMWfVdSAGXXbfBY&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJwZt2JJkMWfVdSAGXXbfBY&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=b131bdeaccd375b8e8fbf4bfed202da2&uid=b131bdeaccd375b8e8fbf4bfed202...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWptNZMZzFInI-gtNJV8UFZKNYqwGC4QceEiKoez19m76D0RUMZDQtXsnae_M836b6y1adEVuv6P_RbSGpwhPRQtZpp5Q
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Last-Modified
Sun, 03 Sep 2023 15:16:36 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DD78 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNWptNZMZzFInI-gtNJV8UFZKNYqwGC4QceEiKoez19m76D0RUMZDQtXsnae_M836b6y1adEVuv6P_RbSGpwhPRQtZpp5Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 03 Sep 2023 15:16:33 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
253014
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
198242
expires
0
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e5cab324eb432c308074fbafc71de8497bab20f27d2916d9d973e82266bc69b0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 03 Oct 2023 15:16:33 GMT
sync
eb2.3lift.com/ Frame 76E0 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 03 Sep 2023 15:16:34 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame BA3F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
849
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
800ef4611b532397-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:34 GMT
expires
Sun, 03 Sep 2023 19:16:34 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 4D06 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e79e61d32a80f696ccdaeadc794f2f7bf13163d3d624f1496a86d1933e109fdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8473
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:34 GMT
expires
Tue, 05 Sep 2023 15:16:34 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame D0E5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 03 Sep 2023 15:16:34 GMT
ETag
"623de86a-cf34"
Expires
Mon, 04 Sep 2023 15:16:36 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame 0DD9
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
789ebb18ecddc331642dbe38ebc08f3358dac0efa66fd74ac43b448dc2859a48

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
413
content-type
text/html
date
Sun, 03 Sep 2023 15:16:34 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 03 Sep 2023 15:16:34 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
sync.html
public.servenobid.com/ Frame AA7D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-2.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
61454
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 02 Sep 2023 22:12:21 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 f4d15e906467f56692c7fc70be861e04.cloudfront.net (CloudFront)
x-amz-cf-id
25WuCwqSvAhunnfBLI1AV0O1JrQOxqEJEH_I6TwnI92tFcH8xDEmlA==
x-amz-cf-pop
MUC50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 85CB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1693754190045
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
8f3bbe1bdfa4ce2a6d244f7873f2a6e38d4da2a777280db0309ca66517386e46
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1377
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 996A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Sep 2023 15:16:33 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame A6C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sun, 03 Sep 2023 15:16:32 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
csync.smilewanted.com/ Frame 4DE6 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
800ef45e4addbb7d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:33 GMT
server
cloudflare
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B11 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1573491175892&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B11 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1573491175892&version=m202307240101&ct=77&x=8&cor=3937291791478477000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9B11 		31 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWn6ccyS_seELAQ1r353Ob7GOSEXADdYnTdO3KoDhf6PCWt-Hd_1XoU_j1e5XlnZ5VFXXUf7Z79cbxPGw623khoZbU1TL4Y5ujfTCMoAtQ963bdwaiwgsrzza_Kydm8LzQSbz9x-8z0Bher6me8zYeTYBobyB96oMa0bO90k7mqmo1IA4&cry=1&dbm_d=AKAmf-Aa75DRSDjjY7f7RzejW3zOXQZR-lMdsJVNfFv24LfIX88dH2A-KWE5R3mbqmI8pG2XOGIdeFFjQE2Vva1AI-0yxOeaoQz_cLgS452haa1mqLlUWf5oZRT6bHz0BgtmGsxPzICExx42-Dg4WDRs_PFyBvCbyg6K0g2X244inha_PMteXy8_ZuFz6GTH-pya7DLh6hieSmUj3YN7VfT3zVLBZxkJmRcrzVzeOAe9SuTnNyQqMvD_iPi5rP8T2VnO_-b6bf36fcYnfUli8BIZ1t2g74qdmkjFkLj_-4yk6g2wI9nsikpOjYgw2C1r7GTNZJFR_H_lCcAXHcnPk8BB7JQi6pZE0fyg_AmR0I21G1l7U1GZHOs-uAXU8aMyrIjED943I2cOZCLRpXa5zdNTFn9FU7PKh9kEqKD4xgFsocRLsvrnhoeNEVVEdWyP6RGW3myikSIBtC_4adpyGSZQ8qAMjjuWhDDaeVX5zd-b3Whq7ooEVZnCUuz50OrHjWFA4vgfYaoyy13mv1_qNOKi4fv6QnTGN7_r_b0zvH1MghNAvFMg90PmVThna_9AUpzD2V2d7GjaRHQKWg1jQSD3n_eZiXaYrFNMOF1fyn7PfZIkvd-988GSRV7hAEZJkC24AfDAIGYTYvroQ7KaTTywJ6FU83zWRWJiEd-9k2wUetZsvRzAjwBF4Bl9mRE8oq_6f_yKdV938fyXlAAiwaFsisMAxEzZVuD5mD6N_33VKcP3rrXeGFfXba_HTt41O44xUrcYgYs4PdCc-goH23766IOJRmYB7vHJu3z5LrdTP1ygYXJqUSD2dMvzluS8g_7xK94cCEcyjOGLyqzHKuCXbeTDpxfRtcnrY50wKMB7Mauv6Ln6JDfKFBdk6uIgF1x-Mlh6SG14ELYkndweWtSkBhk2nZ5H3UFf5DnrdMiDMMBA28kv_YwjQhjkiEGrrxzWoGn_-lh9L8OXAWTVhZz-XHdKQpCbXMBUyQHtSvS6C30-Cpexi3fr2LRciV8v3XcxvAjVa5hH7E8edLvb1DrLHN7TF0E_tDTb4rydFLSvJJX6W_ToMs3XNKT0diiPw8mSoeC-eskyCxIwmAj_rAp2goqFZ7mEoJWG0gh1ljN6A0TMg9iQIG-SXRPVZaTZnnsTOjlqQQ0Gpi1cusydcMLFagA_E8iHIiK6Z5wgqxKTw0dq6VbHgpldSQdQiqPFq1XU8rObN72PQdk7WSHnGDb3xFGk9a1OSWpLwTLqdMCXed-uYFvG89T4nmn05AbYS7hO9q0uq7r-EC89ytq5WYM2ACgQsem5upNvNgv0qFlHWy9rDG4INLicD5jaViSooh5HVxfAeSLMGXCgoVcMgVHy0NRYTQz8JV381A9GM2mXW9OI5QgPoMD4YjAw_t3mTsc3yrfGqwMcagbckr8_ieHcK3E_GKsmNcn1Sdhkqy1XoNghQBXZLqKtky-sUCsIjGwIc6JXULoetqhJb2xYZ6PQszfjpLk8_QRcX8EL8oE_zzw0ldjXwINhDS-ma0YKWnAK1HoHbGSpKqipcvXip34-k2m6g79msYGb2jM9cNPz7kCYjRqNT7_RmnhhCdlP3y0_uMr_hvj9166K2Isqw4Loppz_QYNkd_TakeOUw4L1NPb6L9dv4E75GKYdvaDj-pP6t7B8C6Blj1bS60BIjRrD3T-8jFLViukOMn3zhc65fqRUy-cwHwIk91w5bpJfEe2RrOWxTnebaCOKbGnSc9q3qkQTzBkGY2wJFzTykvoVj4WCkUeh6VAcsi-0xwe5SMxJp5wQKGRk4_BoflpJq0I7-1Cp2SM08lIpmIPLDFdAqFbCzm-SROmi9LP46lSwzT8haHXdRX8jijeF6WpBeY_w6KNGg4KJmcxClvM3sReezeAl8DKyHWuCgqY-TvWfqv8LiSIoZPLdnq2epBz15gSpFPj5adpvM64rJENSmXVSDmFBeWghqPYJIZspGCuWy00N5qNrU24Ea5_EUHn2fhM8jks_Z5Q-JV4FssUWgK7EHyyG1mn1zIjl6tdzc2ydAdwsP9OHU4LT8keTWwqZIKGYTssXm80mtjPFVg6HRDAvWwqyvNSyBJ70OvVbKshQHbdv2zhFU3GWzZBFJ-1POYTMFAJojc3SiDaf516DzzCeK6HSyOXm_KD2kP62-B0tcxDqfE4JSAFOO7DnyCFncMMAQQRuUNhptQaW1UZaP2EYXPUi0H9TgjymI3Y1Jb2LRwm0HDVfLsozJhJBi40XPIrrOgpGjextxO8MZE7TkYU8x8HDghheUiq16I6iFYra8KsPdTFOs6idhJwlQm7gDFsZLvpaU6xRRyIArP1kBoyGnMBsCMs0z3BX-3NAWjQ0gk9g3KCjIwS7xkXSs5sjFZIaPnOTSOMntb_swlTDGgkuEzssHcEJztxViAnwih1YyF6uaQ69656S5sLdNkvnHhg8RGD3_w-HnZb6tij0hlFv6Uk25AhNqDu1S8dwUC7ilrYPr0fQyB4FsYU0qPXgXs6gv-e2HJpmOuJrQWxvJTwE2ueuWqx2uhN6YTrar7fwNNb1cBiSFsksIeFF9hEtGj_yLWzqPBMFMOwp_mfa3bq-CgiVrsvY4UNMppCq-zF20U5TD6WRo0is_0ETdimG4dXCq3b_ysid0JasSb-LTuAe-5hOsn2lhxTUH66llXLFt4UAfIS8vshItkfD9POYa3j1fnDvHGdQTI-ipdhOKGoHter1QIYRYsQV4YuYp8dRchH4kdPxqykh1WXjsyfVhfyZgxdyH7hfuqWrNKc8ZA-lsym2WBFNYtnQMyIfDB965BtuSb6uGXzs9hlQqEWOzMTAv2iqhKizR2DJ7zYEqoLMqY7txkpGm9N6ajsLGzhUw9UwzJXVAecwaTi01zBMm4I8f2uFasEMuLGBnS4RQSHhR9CUFIx8OsGiwxgblRmXBxq1jGsFBt8oBYeGZRYryQlWgtFR-n89bvRrxv1mbs2MehR23P2XOUwzMKt1M2P0lwTYKrAJswhAkiWo06MCj3p5-k9qu8ztN-AjYp0Q4DH0pOMFcMycTV4KnVo231sjoZ1NA1Jpl7RTry1NEdPEMhHI71wviZO1hDOFgr7oJZ5mDUft3JzSEj40lT0sUXBPzBalMI2gS60m_DHmY6E3PMMDT8jYH1gsDw2tLhfs3nTQaM_v6HfoVWSIFPbY3tjP5qk6wFKF7W4PLiHt2i3hK_FysQPSCjX5LQuVCxTJ9HqMoV6yF1LieUTEED5YXPYu1QVhgdDP0Jn5jh4KrSA8MCcGxlZSYIpnwg4dEqwyJf-9eE1C97cXb3IHwPv263DkJDXtr9gybHa4s9044I23bYi4taT1wkzydkXkOMotrZbofHEKbpRoh2LdGjYR6SryzgO2stJTgSUmUc3Lr7ZKGlvmDTaEjujK-IZ5h1ZCj7HKrGeNHokgdZ9giGNvI0XpPC8BI2Cl8rwbIvmL3mPDJZTW0fWPvVW0PPo7_nd-5jS_HSQ554CMg0MBbMswIzKIJR9huCd36DHHeBXLtQ2eWpGI1qBjXr2LFX6y3o4stcvKqE2PjQvA-ThGgL96nNq4MEtYCv9HAKtn1PvS1A8gphcVWHhR9mD_J26UVXJvv7D5IRRxxRAnHhZcX4d3ONPDeXXug74kEgVW&pr=8%3AC99551E019C665B4&cid=CAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ds=l&xdt=0&iif=1&cor=3937291791478477000&adk=1645240580&idt=352&cac=0&dtd=41
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7c6021258fef51566462d7b1eead8d9abfc4d31c7a11b5a782c4dbac24e48e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18746
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E009 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=779351633677&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E009 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=779351633677&version=m202307240101&ct=77&x=1&cor=14302820663279220000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E009 		29 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLZOqcrX9xEclxF-9iZi25XOXDa3XogR2MzunTqxsFOoMVpKt0X5RpkUO4i9EAZldwvbZtUNIIzYFR3TCQyXaHgvScc80u-1vpc4I9dVIReoA6IlMX8ZtI9j9cG_iYExcXKMcmZbAzNxks5pkEkwIYP5JSIFfD_O3b_FOcDfv8bpFv2Bc&cry=1&dbm_d=AKAmf-D1YSV6jcwqGWwkqheLAe_8stjxyvXOBMDbLsk4HU7F80EtmqFXxTWWN8RkVkqnwgQhHL2o4l9Thd4Fe60hYKev9upRuwdL9kMAvSfBrtNQV16Eb0RCvHMWqm3FHKxr4xyHkRrkmmAQ3QbN_tPzA4yqfE3CRJyuLFaS08lEGFsMDA-FsC83fQrVLfvSFLmMLmG86GuOcLOGSniFVdHGg9NDklBnQOWwFNxfGd69KdfUlw_9eSbOjB5jBjvKA30BvEHPNBusk0jaxSAINpmnCgZ3cbjlHrXX2ADvt_ju2WBaouwrS8kicsq8WgvcwYtg-hWi4msD7PXp5nhNvu2gcZ7TUqQ0K_69NxWEAjr7zTaNxWC_UjpIDZTmYwoRVdJwJOpyzVQ3tCh5073aoAVounHUPLFzzoEGRnwNu0b5SDT4_BVWWFR7Dj1myImfQUH5V-d0T_77dm63Beh3h6MnSLcRYh9gNFDh1-5ofsrhY4YRt2vxSd_MDk056mHXNXF-NZzo34vhPOgbDmtrBApbKluNhknWjW0CjoofNbOfdWYH6Txe3c0Dc-1IbXi_SXmS6tPfOApUdeqvy1gdEy47YA1ZtF9uE8ws2I1rGUazOULZlx1o7MpAYUk1shOedEX7OgBYIxmc457l9LfX49p5P-SZAausKxGT7vYw1HQQ1z89Uy8pKvBBPv7r_iQ8GlUFeyFm-5mC5QHDmLjdIFP-43-yPyPQlNB07wWI6IdCc8YA2fFWknJrbburTdDEBnR3Pn1ZuekkabED3CZLAyfJZG5IuF5m2GGaUX2LnFa4nrmtryckTx-G7dgzF9g5FhkeeZtZ8h9yJNdjFKf8Z-UVDY_n-uq8-_qmSkL9ppyfKOJLb-e-x2sDNos9OPU_GufwAf9lejQ4qHziHysQ_uldbtSDPOiv0wxADZNmTNgYwvuQAvuS9GOeafmSy46gQb8rHxlxTmMAl9lIFP9tSoCJhzw2UrOGyOCmgkvkNfuk3QFOdJi1wKBuPfMTMP5heTF4XBr57HOJInW9SMejUTcrQnhWiOokoYFKM0tKwWBTIm7pItEZKTcALN2cXkDSgiwTo4i6SBjKbGnA_USbBSToPBTdd-NjQo5fiPD8I_BQQ2Qhuos4W88XWgYfCFX6AofYkAB2yyN_h6zC8Y1fumTJvjLVk-OcA5cgRW_7xKu5kMvZ4xGeHTBEuKbRm2X6pnpxCQkc7AcMMTsGvmGOqHfL8F08Kltc6HRzqaUkRd_jAtJZLFu1NDTyt-O6UJHnInDAKsoUJMr327J26B8VCXST9f2xhPlCJ53V2FSoIVn7rZbROKJcSCOsAxb_MnJa4ELhISimq9Z3xKaVOmVRGU9OqYsx16zNlrx8k8uOHypGFirg15lCN946xWgeRJ93jlz0FePyYR1xDPR9gREmNL6YWTqTL7CdBOG4xjcVrTaCmXi9NaI6h3_j2ZjtlPC9sr1cXn25u7i4Wt8lU_X5GNbtxK0z91QjlvUXAVmv55KDcYC3IB5d3MqYtaE4YnLFwPup9cmIyqgUhp4PQiuds9NMUz3DXv0-ayEwBAC8OwM9MY04iraivHKPeBhfatGWTT5V_LRA5AKeS4nBqcOy2HrLktuVwnmY9eTuWv61dfH5ekFDwgc9-1Y2T0TgVMmjWA4VwyCcSfHzT8HCcfA98gxR4qCGD6ewB__JPFi8kljwjVHEz9b7h-Ez6YfuyBn16mJS1sDpWQBmUk5UFwaA5Wm2mdkJfdFX-4j98TCsjKWy5TCovqkQPYQzNeAIOtgKTKgHpwG3dB8C38BZRt97TKuvZjGti-tllY4kWOVogQKrWIQXb38dqraaKU1uYJPX9L52hDw4mSpIvEL3R9wKBUgr2h9H_E83Z4CiDFMIiYsxMYLbzjCKMCBsaMJ0B1SOWzslOlklw6XhUCKjEXbK6gRVv76nJE8j9Xwswv_zHwZ8lBh8eRPsXtb2yr5h7XpnWKXxsA0_hzoFHrM1mumvVrl2jtAsEDGvp6U4dt0u3lLYTlrFYbRgJMw175oI9aw3msNfGhQ-p9kLV1cmNdai_7azAwoLgrxcqn3F1C2eb32jA4MpUdeqSEviUFHo2Hq0faV9RA3RFp5n9k8huSXwgGLMrZj7TpJ4Z9_Ubv4iOw_z8NUeKPvFIS_THpzurOkEi0bjMW_k36ra7IZPyGM1gjDWTn7SyNhp7xbs74VkSXVKEGWqAgOb-wQR2S5ci-AVwRWIPUy7bwhE3eI3EYNaIWsA2Rki83-KspwC_xws0ZPk1p3fa_y-yep7ds_mQu82evjVk-9pav-IBjjKTtgYqn4Jug0TQy2RPVukx5Pat8yXjeUVPEMiGH_rMJoZYiqGA2FIOQY6bRgbcmdUxyf3jLXSiebXPrF0J9TBViQu8jXbDQsyh2JqlKZe7H_GueVXeQkyAs7EnHFwsxci629gxcwAXbOvlkX9YEpLMDyQGrTYKqv1YynzAuIpmeJQ_3JSFoFeS0yy18jUkwHEk1cicbCbBcK6pPGBI6a6SWQqSkmBFy-dBx7VsDfZlHAg9wdP6v9b0SfWuMfmQUSXzYlEKvdZuAVrNkB0RdmEEkQRAwib6KsE3WdJTbtSXeQOvOK7QrJ-YnSWgyybCPisZ_652CIQVofckgu-WeVirnlMWWRKZBZgb1VM9UinZX5BEpYF7KFnJmWegLrYDEAblorSanCRuOGPZ-XRzznQW4fUH-2W75F87YvpIa7JmD_7PCdR0GaXqVSaah4U3dgtzAxUN7SgsvSaCM4AIx9dv0WEwXZolc-EAqhWx3X6xde4S4fFfk50ml-DGfIj9Ma-p5diDJdl0pnOds0ME-zPRjk03sduZqZxEC4AZIf3GXQ_7WGy5xJLxS6VUCZqjwufn2GF3rZeko_xghw-0cM7giYngMcHVQyW7JTvqoCv6x3hAjPQCSE4_yisd6cYd6MnIGBqqGctoLpNjJX7uitIUZX-ZkbsR2aHtUhV2S66IUcsUlftWUxveoxnLFAk_zwGk8Sy1PcHoO2Wkbn-FoAiyGOt78OrgyxQKzFyQ1RfjgGEUzJlSVRrO4fNdQW7Wk2LxtI0pIQt--CyBSscjDvV4md0_lBVCQsvQfjaKyDgO98HfLD0GA5zctCx5ZM7vmOmZvshm4ER4uUtjjEreElbmv6R7yObbekPZqhc_gJ5X9OMPIZSngh94ZT3mF6U9YCRvIrCaFhOirS--D0I-BfLsxqNc9v-mu9iwXtt_wsLt8EgRRli9O5FAgF-TSMNZBlL0v-f1XyxCAh0S6lM_58nAhrpDIg3pdYhMh55pWewH-LoW8ce5U_dPESbCn0Wtsa_aVoQayKZjn0MibWPxh0-P2ykoJiQ0FTisaqQRnvoxwFGomG9BW0pciM1HgD8z1ON0NVDeqYtxvrF3ksxR0070KkHkW7BNnrJslW3bcCYbjXZpg_tKchH8viBDxCWtIbHYlCnFH43_BjTwQS1kj5a7ekBaK7Z0jvSqjfHZYO5XzCrId1LqjN4rYruPtHTBPFsCUm6RCYYufbWKfXbra1J291efoQCnk7mvo43wiLz_CIb9G4jq0lJambY-iFp3VNlyBW3z1MsmEDOlxhdkc4rxBHuvR8fwN_6uycy27Tj3hzKz2stCxazElgrPnMTI6slFlCkrSO2PdxUxcTSeKetStY6bgIew5myWG7UURfZvImO0wahqtTmrtOvlsNlkFemOCyeqAddTUGkjwiBqevcBoXoCKRWAZ7UvHdkXoLRR5Hek60sMj5dxGmAw2ntme930VTJiuSq96b3rExFSsowFJiSEh9JCZx8xCChhRTf3Xzp840Njs7y1rYkPgIb7Mb8Y2GGL5k7Lqi3iZa-rfSdTiqCLrhAMz-tOv8JcuA&cid=CAQSPABpAlJWsaxQw0DE864h7aSm2baS_PH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE-1xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=14302820663279220000&adk=3690638929&idt=533&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a8fe459f4e5422a4aeb53622d8296eafe14f9c45f5f5427eb8d9f314ba559a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18052
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 98FB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDvm8TstbfGwkqtBkmemha4&google_cver=1&google_push=AXcoOmQKq6qLKJtiJs8tDP5cFE8gQuoCJg9zr7ZkeyfgmMFStEEtxGeRpwABclbtMGytvuREJqilj61hoOcTjGljHuLG4zz2FM8
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 98FB
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEHO7NpsD3Coah4tWWKfJ2m4&google_cver=1&google_push=AXcoOmS6AivxrI1ytivgc-4UOJsO0EEkBLvjIZapmfDmHVKbLyu1KTw4IVSBwTnNhLoH_KPL3mAAewm-z81dGyVfRKzC5X5TvM2T
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=822682057993
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=822682057993
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=822682057993
content-length
0
pixel
cm.g.doubleclick.net/ Frame 98FB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENn7SjxpzjGjfNlS-7Bgs0E&google_cver=1&google_push=AXcoOmSYaoROSrIZSaRghkP6bGWqcbjKH-PhpVrwu3Qie4CNqkkdVRqYVLV1mlJXijFS59YOsl3jATKcDceyOaGyQ8UhQLS...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSYaoROSrIZSaRghkP6bGWqcbjKH-PhpVrwu3Qie4CNqkkdVRqYVLV1mlJXijFS59YOsl3jATKcDceyOaGyQ8UhQLSCGNAI&google_hm=eS1NMFRPbXJWRTJwRXlwNE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSYaoROSrIZSaRghkP6bGWqcbjKH-PhpVrwu3Qie4CNqkkdVRqYVLV1mlJXijFS59YOsl3jATKcDceyOaGyQ8UhQLSCGNAI&google_hm=eS1NMFRPbXJWRTJwRXlwNEt0a2hSaWdZUTRMcVIwVEprWX5B
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Sep 2023 15:16:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSYaoROSrIZSaRghkP6bGWqcbjKH-PhpVrwu3Qie4CNqkkdVRqYVLV1mlJXijFS59YOsl3jATKcDceyOaGyQ8UhQLSCGNAI&google_hm=eS1NMFRPbXJWRTJwRXlwNEt0a2hSaWdZUTRMcVIwVEprWX5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 98FB 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTuPm-BzsXKCDlXLzkMZvLPF9uHNsm91w7gCewn6ok9XrZ64YBvHwHBN0NPIgifwPUcfJxRADbCbTJUZsgJZQR3OINJBU5g&google_gid=CAESENREC1z26X5nmbbF_12-D64&google_cver=1
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:33 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
268756
expires
Sun, 03 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 98FB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECaVA--s5Fuk-oSb8YkN4iQ&google_cver=1&google_push=AXcoOmRz6LvXtPlDcm3NHarPuTsy1HII25BFMhoOSbfjH6kdvNWybG9nMiTkK-nB1jbNvwZn8NyvapA5...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECaVA--s5Fuk-oSb8YkN4iQ&google_cver=1&google_push=AXcoOmRz6LvXtPlDcm3NHarPuTsy1HII25BFMhoOSbfjH6kdvNWybG9nMiTkK-nB1jbNvwZn8Ny...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAyMDYwMjEwNjI0NTMzNDkzNg&google_push=AXcoOmRz6LvXtPlDcm3NHarPuTsy1HII25BFMhoOSbfjH6kdvNWybG9nMiTkK-nB1jbNvwZn8Nyvap...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAyMDYwMjEwNjI0NTMzNDkzNg&google_push=AXcoOmRz6LvXtPlDcm3NHarPuTsy1HII25BFMhoOSbfjH6kdvNWybG9nMiTkK-nB1jbNvwZn8NyvapA5umpInKlRl6rbx0AicCk4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAyMDYwMjEwNjI0NTMzNDkzNg&google_push=AXcoOmRz6LvXtPlDcm3NHarPuTsy1HII25BFMhoOSbfjH6kdvNWybG9nMiTkK-nB1jbNvwZn8NyvapA5umpInKlRl6rbx0AicCk4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 98FB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ImmH4c_o-hkzAjiNb9bke3jCPyBeaRpjCkxlQMoZTsJ_48YIfd5E_uIh4
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3C7A 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options
nosniff
age
381726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 05:14:28 GMT
truncated
/ Frame 3C7A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea8d6d0ea7cc1117fb5c99cdcb841fa1828ea90975794b95a7a83c00cc3be146

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 1749 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVdNbkgdcrf1ZX9A9hcx7mcj02Qfj6pluVADSuJtVrDeRAaeaOVENj4h-yIR1nif2gjbsuVg1G0JjMG6MIiFRPjvgcOUA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1749
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVdNbkgdcrf1ZX9A9hcx7mcj02Qfj6pluVADSuJtVrDeRAaeaOVENj4h-yIR1nif2gjbsuVg1G0JjMG6MIiFRPjvgcOUA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1749
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPSjUvUhxp3GT8zay8eZUAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGJqf49wBMAE&v=APEucNVdNbkgdcrf1ZX9A9hcx7mcj02Qfj6pluVADSuJtVrDeRAaeaOVENj4h-yIR1nif2gjbsuVg1G0JjMG6MIiFRPjvgcOUA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 996A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8ca9d9dd450d8fa63c3f8cc9679e166d928d58f84752e9bc01931bad4bff4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:33 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 03:53:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45399
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 03:53:12 GMT
img
sync.mathtag.com/sync/ Frame 85CB 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:34 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Sun, 03 Sep 2023 15:16:33 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 85CB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 85CB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3756744799350472698
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3756744799350472698
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
an-x-request-uuid
daf558b1-3704-447c-b7a1-d5023e7e25bf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3756744799350472698
x-proxy-origin
158.181.111.68; 158.181.111.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 85CB 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=9_3Z2fpANiUMEKIpy4yI66Eu61XsjAXwxPbHUWnv81I
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 85CB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-FtFe6PYDkkqPuhKL0USRkXxyC6NPw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-FtFe6PYDkkqPuhKL0USRkXxyC6NPw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-FtFe6PYDkkqPuhKL0USRkXxyC6NPw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 85CB 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 85CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 85CB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q671EJS874SB8H1X7P62
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 85CB 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-length
0
/
onetag-sys.com/match/ Frame 85CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 85CB 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 85CB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame 85CB 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693754190045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.122.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-122-173.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 4DE6 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
181381
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
800ef460ae8cbb7d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2708 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFQcul388hxB5qPBC0UCXza_IINFd1yj7Th0sKRO6LyvTq-oXsXSgvWlvtkC8LRibkSPwfZSoSTJqgaap8LAQl7zsjWJaJnIAjcyvM1JSAN2XzleiAZN4GLXpIIr4G0oD-pzi38_8qHu7rSB6KVoUjaZKJWatGrJbx5jk9Xj15pn0cs-w&cry=1&dbm_d=AKAmf-AJ3ShMc_IKxLSr_wDF0-0H6PQ-fUTUePpYJUKk74kwlcESUPaSq-gcrnlmgO7DwwEM-yWKK1f4DiUDx-LUmYPN10jKkppr7JZ1GBU3O2R3jQI9xh8btd-6nVR7rrhuFGjjSTTPJW56RqMDRzT4b0dmW8PAWsVZpDMVL8xicD6MghQ_tWK0pXlK0EZKMAZmlnUncxEagYleqXgOFB2WuYx7q9QtcTnUJEbouOUFhuDlGJeXzrzEQh77XpepO5c6PkYOlk6_UZxnUZLGLotum2wVRaHyc-Rjj_kxQ89_cu5v02K_ah7Dcp3mxmnjGOp6I5YFiWOpH_fuJjkCCcVoEFug5mMKK7rM6Kgw0J7F9xLhjuXltwQJma6L4KfQiUg2AUsdlYLEYJ7Y8xHXVpRoYYbRg0438xGhxIzWCJ4u1xfun5cEXzBmJM9FiQmnQCyweIYD4Ze0a5gpjAxqcvzIz49S_uPOxWh3XJ-d-GpJWckbVnhshPEhUdgmRQRNcF71YNgDBz3L-fei7jx-0GijZsJOlcGUCLcHh74MGTuLstw3A6YqXahSCd2nWMUVAi9lgJcZ47HpYlT2vB19jCS2xf3oLEq8vjC00403XgP3FSpYG94U4VMQhGAufsZNVo2c6pLVOxxMozJNeT1CV-ap5_8YleL3t1IJp6hAUoxejCR0izIaLLtx4_XRnfgD62XpxaaBE3AvKPjl0COPu9EDUcOcBFXRNq_MKm-9_5wW17kcRfbHtOvt_gH9NbXMi4k-fHPEXZRcH3NkCsLMpHtUYQ-iinaU0uoGAMkI6mH9QeGzPStXO6qBXUBTudLoity9kmXHUZX-qepTA3wYMtfX0TDaIZfY2TLaKTGFXm-qpToZH_1Wud-eP3misXMZjfvwmoHr0EGbEovDm3rt1GkqarZkliKI0UvQ1I563hxxt8hRGYjJfU51-DJgH87FmZt9Hs0TIojvakie42OR15yx8_rwRlfTXvJHxgI6z45lMZWTEML0LGCsiJpWMe8qKQ6io9OkQiV1SEaQR8xkQ8AbBshChIemtv_oT18ciWDGklv_26o2rHSzXZ3_PXW1ff8SdKapJFg7oyHEMZ-oiVtbrh-3Jxj1ndgtoc1m9IUHZWhdFbFgMlK2N4Ge913Hrv2RNYykhd-edihd-VRVQ4sKfOFyVkV7EdqtW7BlvmNyzyCbQoVv_lFUHI-d54wy0wiAJ0-nq5DX7TX6whCb93sZlElbsAILlyi5XxwReBQEFbYnz5aDqw2JbLfHOtJzRbmWSJc_50ajotYPqIYrsLUsFxBeG6uM1NCfQYqvEixXHqmPQM4YGarPPoqnGRGLX8MTry80JoKLmW1DNQfcWod0JX__3wBjU9oxIbBFuns7xFz1YI2GoKMsHTc0JobKObVRkErGqVH-RVUJu3s_zyeIo3bkJeEeMd9ugWGAz2rI5MbdkXTejpQ6SkxtOJtzltXCAEHHgOvtFZ5xmulHYYSIi92FfMmek8qRxfOVDLJISXMz4_2Lmy4oCr5-zbUTDfh0G1tKPKvq3qBeuQo2gxpN6xXwkS4mC5E1F66v6_oVSaXOViK-dvQgjr70PtQp5hxB4D-FiUo-54s98fdC3-IDokd6Kq18Epj8DTZxWgQJs7b01iEWQbD8Dm_5hIjGGziR4Khp8B9yfE0Z-LrEhG5Cte-e862ivQUedpKvBvJwXlaS8Rn5z3oB_ocUqjtJyTbwMYNAm-KpGZ7e6Jsa9yDTAUSARcXpxsMVF2BtZZZfHb3jBc9HBkUYNPtJ_rQdHuJJ26uO7JKlUCdRYhnZnk6GKcVoKn0v8fMVwQrNYtnWxDjJs-wd79u0kjOK64BBMKkDjuDrm56QbfNLlt5Z4Jq3DIRzYam1Dq8ACHHH0caytoTqvvpFAWxvR0HzWVh_rYxy96xigRsNGKXFgJAao5LV2154GJ-kb3bbYSn3TqyfLqFJ0zQwmp4Azu3fkT2wwqEkzjCIeLFMlltKokStX6oWi2RQmTj-SPKb7-clFeShl1s4ZcGRkNTN-KigTLGo_Cp0BT4HjQ78sE8br4hcUS7R6AZWSocLAzA7W9Qdhk4LD-weaLsE6WdVrig-xTXIKUhFdH3upkQPdB1s_o_UqdoC4OZdqG6FwAVzg_bP0ADszb-hf1AN66fBPNsQpEp6hs_FvXGoy8wJJg2Rx_TlxCmfR2dpYRauc2Akl9QBUcfCSFiM6kBzVDpRmyldSkEOGmz9u864vbd7EYcw6cFCJFkg-2L3WJQd3qhoK3Cwy_hM1EZur6hqb-CytOlQamfGhGqY2iWroDaB30w5Q3prlwKoU0YLyjLlTqCLoypXtFda1WiYI24FswR1iutNG_Vv7xuvzWCCUK8UScV7OfBy6POS5sI-9jDDMeLq3ZyjaDl7vJn0xLGZfJa1RX-czbCO0dwKpjNSnBWk7EfECABUWvCJN9NueMtQA9gcb8pvZ89vIPka2CalgS5ObioVBqVYJsKH-mhGUzdnqCXNr4FexRRGZSmHH8E7aOw6p8ehrv9lYMqTzEFRGCM3ZcZaR75SuElFK0VtqHn0kHFbpTjx-1g4kRlunHZBWn-r8ijhDoR19OucnyTF1Om8UllsfB73jarEqEXuljk5NLNTvhIejTzvMQMEvnDY37suCPz16A83JrDYoaLQW7GwTGjK9hR2jSM_Kz81Kec6ONL7bOUc_XSCouTFi6HUJHLZCyDGqHsxKiZsZkD4_lMW2IToR5tJPM5kR71JNPt171dS74c7I7zfaulGiW9Bih2kINcLmwvG7Y6KBrTOd7NgGpjiuuyi4qD37frh3iAwnwLHYSt2EBmTWJx3TSXJ2PJgzW1xNXLFddbqPlrdEWVgergM1P9YdWnJjwRZgxbfysrJ3YEMzJgCQwwJYbVsRB68VBMwg2kNOHPImg92gilpRVIASdf7DdAOfZOjJlTLrh8jLIOScgyye2T2FpxmM-QueQ3-YvqZ_peg-A4sWEjvsvhT-vwmHoCDrc5e3an9rHlkGuT2Waq-VW2MgqUN8fuZBQDyFRWC0IjRs8ygoR0JwJChoCWWrZSPHKzQ9bHMvCitchNl_Ec0YMiq8VMLHxP8rgz7T5cwtlPsa7hhhncao_SF6_zGt4x5uM7SvCCrwbVN4gtLnvS_nUonIDb5V6pxP98WNaXjT2r9AisACmXxxqajO6-Y_t6gMg8roQlkdyZH0ReaCu9_XGg1Zwyi4E45XsygHe2D9lHcMZDnxnOKAOFRUw9Z4CGqvUGTFD-KRMlsXj1WTCg6OoTwt68cBC0UKVJtQqkDHDI-5Lat7znTC5scf6L_xQK32FuZ1f7diwyl28EXQRx1xsZnBiiarlylQ_a-hedwBv--305CDKL6M--me3BeGNOZ3yyAW1nXBCaPHqQxPvYsNhl3lJSljKWcAl9YpqgXG6Zbl02t9iguwjAmRhtP553kvXhYQjhIymq6PAvO2CBthbQe7ZZhMbgc5EwtaQ9-NvnG_Pn9Y-_AxmyKG3IQM6QxiiVN1tIgeWJ4vA385COZUuMzwYcZIeSKS9huVZwTwLK9mYY1nOhdBWODWwK1LrMuxjupPlK0z0QIgnpprCbUsYsNZheyhhmBQu5hJPBOs0dzaNzZE7XYYLm7Pp4fBKgws_30Agdwr26Tx_OPQwMwDAVmrAelbAa8MFUTNGbhheMRXDC4rHGekHDoyk-YoRzV2c3cBt2J02U8DUY-FXVxe53qD6lRTjcrXr9rbIXHmQX7LHdFyBhKeX0g1GO5Hb-WYdn7XrUFSDbpfikwDJzSst-dY_UOTU0caRHASeTITW1tcKeobzwQg4EjyNYbtCaN5J_cRetzH7y4FcwflFOe-g6CB_X2tcUKBMvubcQ8vwb3YG7N950n2nalGvL4oiTfyJUW8o_iJxNX-Nl9ohfTP4Vnqzzn_g&cid=CAQSKQBpAlJWKwWS-BGVZTcubZdTpqz9eySVoKl6VJezz32pUK3g0NhZ7-vdGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3120932960450284000&adk=627576174&idt=255&cac=0&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
39246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:22:28 GMT
8w7qrx09r0fs
hal9000.redintelligence.net/zone/ Frame 2708 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC2uHUKP0ZKH8KrCyvcAP_L-N4AKRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCA3ATIAQmpApgq7ZfxFbI-qAMByAObBKoEigJP0LviAm4-swriZ8q-khzQmok0Iw9F1Ef0AaTfOwiNs34PPvlyeDZ0FxFac0OzfwGu4Am0-uWIhNwHl7D5FJmG96uGaDFJCdNOQtuZpLq-7Y4JQtxT4VDbhhGDyxcHqyQdgep4F2qBNo5unweNSAAq0keTm45d3fEQjdSpzG03lONW9E-29VY9ApJ3hhOZBoyIqoI6uM_R9kQoi1Lb52a6VDtxV86fkq5_goXxWSdQmU3Owchv_ankntwxcwhifiCH6m-iUx7r4HRm5MVNLWG7hjlgbb10mhV9uJfgqnwG1juLrB1RQjsTY6dlZk66y73yFoS4Z5cmLzh2MNP35G00Vc6lRnCLRLDgB8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIoeT4h96OgQMVMFkPAh38XwMsEAEYASAAEgKtZvD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWKwWS-BGVZTcubZdTpqz9eySVoKl6VJezz32pUK3g0NhZ7-vdGAE%26sig%3DAOD64_2VRZnuq8iGBuF8up1NnDFtZW_Scg%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-AWbd6ElTCn7DnV7BeIH1xt2CXAaFNWTSr4BemF_4D1byOcxornWNQZIGdKxzJ9MBoE4n8y-Rz_8JgYA56zVKAbdjiGmBKKsbIIHOLjoeQtY9Cr2aiJvxER85ZndFF_Jd6cji2IM7pwuG0QRddBcTiSfkZZIrsgnJSAx0uanHaWmk7cmIU%26cry%3D1%26dbm_d%3DAKAmf-CKd_91LV8KfBG2YhLpkAda-vv4oEAwWuyGQsMlGpAsu564YVgXmnIK87eH861MfcLjAelozbkqjr-plcZbHIYcX5KRpTfX4aY65pzbJG2maeY8wAPSJdC8KjH916-P45I7NqOvKRIn4n5Zzodbmox7aPPITnrWjQhdSqpaZoMozEN79a-XbwA-FhNVjgNlbB51Ke0rqtfSS4rFgzKG4C739HA795T-I2jX_Oci2ZGUqS7p2tc15kxgp6h0CF35AwfAHqP_3cjyZXfRVG9a02YfOekD6DT7KJBSF7HvMtLVAHLfkBuV7BBvetXneCGM-x3L4HvYQa9luu5fqCbhRM5PzvLcLT0SQqssHrpwAQ-nlhwW88lPzxgv940fYg4MIqbMT6LhEkNg5JtLdjMhpTtn6TJ0PaVOk61180b7dtLjT3l7FlmGPgnvrizq-0kI9tgIZuoxOwnjZWXivhrraJnjW8J61a7GtkWOjt50kUePwszZplXEJJBfWz7Rd_A5Pj6TczRDKilzYMuTqlV8hFavLpIqDeTYf3cPRE9va6xZDRv1SwFgokXBVS9KbE9a3G6vly5fCXm7VPTLg0eA89afrJXZK6nJIwWXn37njSTbQJuhBDLQzAAIkekHWiWz2BzkEYGw_oCS4gAiJWnkU2WFrXA3ADxP5npSOnW4qlIfo9vcciw%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
d24c82d75a13e45cc8a88be550e1d3ee7d93ca63e4f39acf602b3e6ef7c1cda9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4273
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
drop_cookie_sw.php
csync.smilewanted.com/ Frame 2A2F 		0
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
800ef46238b8bb7d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:34 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 4C44 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
3c402a2ea2ef1af5184a38a37d14f7c9b5cd50565195e9578e560b8afe762028
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1416
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 597B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
20814
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 09:29:40 GMT
expires
Mon, 02 Sep 2024 09:29:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
ap.lijit.com/ Frame C4B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 03 Sep 2023 15:16:34 GMT
X-Sovrn-Pod
ad_ap1ams1
usermatch
ssum-sec.casalemedia.com/ Frame F3FD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
dcc487e6534d2f9e1e42685d87437291affd13d77406f296008cb2ca5f02b686

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1668
Content-Type
text/html
Date
Sun, 03 Sep 2023 15:16:35 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 03 Sep 2023 15:16:34 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/ Frame F0FA
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=38cfa9ccb77fa5d1ecbf05ec151d88f0
95 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=38cfa9ccb77fa5d1ecbf05ec151d88f0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Sun, 03 Sep 2023 15:16:31 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
800ef491bd40bb7d-FRA
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:41 GMT
location
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=38cfa9ccb77fa5d1ecbf05ec151d88f0
server
cloudflare
13926
g2.gumgum.com/usync/ Frame 4D24 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.3.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-3-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5324ae97b99e312be80a9a62d46026e81c76f7b65d9ce80730cd538639d77db2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 03 Sep 2023 15:16:35 GMT
etag
W/"0cd80cd3ec7dfc8aed19e12fc5235ffd0"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 3FAF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
60d847494a8f1f6899ce09578dff5895ec740cf9f8eb6484b1aa170ab394d211
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1398
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 1F87 		957 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3075fa4c4840cb26f3cd3e053b2185586bc36399af4690cb4e1e6adf146ff214

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
957
content-type
text/html
date
Sun, 03 Sep 2023 15:16:34 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4A12 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
258e3e93b6874b0ec78d6008915a4e47237c540f9e8022a79e875572e5930dbe

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1706
Content-Type
text/html
Date
Sun, 03 Sep 2023 15:16:34 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 3C1D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Sep 2023 15:16:34 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Sep 2023 15:16:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 27D2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141740
content-encoding
gzip
content-length
5636
content-type
text/html
date
Sun, 03 Sep 2023 15:16:34 GMT
expires
Tue, 05 Sep 2023 06:38:54 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame DCB6 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-77.muc50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
bbadc44e3f45869e5a3292aa6ad37555b447b21a1189795fb92305d1f43f2afc

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Sun, 03 Sep 2023 15:16:35 GMT
server
istio-envoy
via
1.1 7e5808188f3301eda7b952b4c6dfa208.cloudfront.net (CloudFront)
x-amz-cf-id
CBl4IjXk1R6SxQ53omTbck1oEhLc-w10u8Pt3Q1a0a9BEDM9N8XOEA==
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
user-sync
sync.adkernel.com/ Frame 9D04 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 03 Sep 2023 15:16:34 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0EED 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.193.104.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-104-224.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
be07c749f5b8bb13d6afa0e7ebc498ebb670a48666ae26be8b800854590faafd

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Sun, 03 Sep 2023 15:16:35 GMT
server
istio-envoy
x-envoy-upstream-service-time
7
sync
ads.servenobid.com/ Frame AA7D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3756744799350472698
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3756744799350472698
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
an-x-request-uuid
792b1821-88ce-4695-8057-4cd3fb400527
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=3756744799350472698
x-proxy-origin
158.181.111.68; 158.181.111.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame AA7D
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HQo0pRZHSTrO5TO2SZmI79TD
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HQo0pRZHSTrO5TO2SZmI79TD
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HQo0pRZHSTrO5TO2SZmI79TD
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame AA7D 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 03 Sep 2023 15:16:34 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
sync.targeting.unrulymedia.com/csync/ Frame AA7D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1693754194981
  • https://ad.turn.com/r/cs?pid=45&rndcb=5530673588
  • https://sync.1rx.io/usersync/turn/4577964332765081410?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
0
0
sync
ads.servenobid.com/ Frame AA7D
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5140084927014901744
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5140084927014901744
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5140084927014901744
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame AA7D
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=deed0c55-e9a9-493e-8fbb-24a7b48823f4
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=deed0c55-e9a9-493e-8fbb-24a7b48823f4
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-29
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=deed0c55-e9a9-493e-8fbb-24a7b48823f4
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame AA7D
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Sun, 03 Sep 2023 15:16:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame AA7D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
date
Sun, 03 Sep 2023 15:16:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame AA7D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz...
  • https://ssp.disqus.com/match?bidder=14&buyeruid=3756744799350472698&r=Cid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnV...
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzl...
0
0
sync
ads.servenobid.com/ Frame AA7D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
date
Sun, 03 Sep 2023 15:16:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame AA7D 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.1.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-1-69.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
sync
ads.servenobid.com/ Frame AA7D
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 03 Sep 2023 15:16:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 03 Sep 2023 15:16:35 GMT
sync
ads.servenobid.com/ Frame AA7D
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
  • https://ads.servenobid.com/sync?pid=328&uid=2b8ae527-d393-45ee-876f-8849acdee581
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=2b8ae527-d393-45ee-876f-8849acdee581
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=2b8ae527-d393-45ee-876f-8849acdee581
Date
Sun, 03 Sep 2023 15:16:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
sync.targeting.unrulymedia.com/csync/ Frame 9226
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1693754194981
  • https://ad.turn.com/r/cs?pid=45&rndcb=1940660461
  • https://sync.1rx.io/usersync/turn/4361791550651297602?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
0
0
async_usersync
ib.adnxs.com/ Frame D0E5 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
an-x-request-uuid
04819816-45cc-428a-a718-aea2cb8aa565
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
158.181.111.68; 158.181.111.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
3f14bfce-84f6-52f6-90ef-28fbf41b8ba9
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 7458
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-1742152708604427771
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/3f14bfce-84f6-52f6-90ef-28fbf41b8ba9
0
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/3f14bfce-84f6-52f6-90ef-28fbf41b8ba9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
800ef46c1f2abb7d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:35 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/3f14bfce-84f6-52f6-90ef-28fbf41b8ba9
ysm_bg3.js
ad.sitemaji.com/ Frame 68D8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 18:48:32 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:30 GMT
server
nginx/1.12.1 (Ubuntu)
age
73682
etag
W/"6499300e-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Sun, 03 Sep 2023 18:48:32 GMT
a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame D2D5
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
0
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
800ef46bff0fbb7d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:35 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 03 Sep 2023 15:16:35 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
cookie
cm.adform.net/ Frame 45F8 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Sun, 03 Sep 2023 15:16:35 GMT
server
nginx
img
sync.mathtag.com/sync/ Frame 4C44 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:34 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Sun, 03 Sep 2023 15:16:33 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4C44 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 4C44
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3756744799350472698
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3756744799350472698
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
an-x-request-uuid
12ee8709-9cfa-4959-a02f-56bc79109cb9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3756744799350472698
x-proxy-origin
158.181.111.68; 158.181.111.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C44
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-rDfcyLgAxoAc8vW9sYXULh37gkGig
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-rDfcyLgAxoAc8vW9sYXULh37gkGig
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-rDfcyLgAxoAc8vW9sYXULh37gkGig
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 4C44 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:34 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 4C44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 4C44
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TmvFCfvR8aoLv8eTBjGbVontFNqV4GNQy4wzr_RQdIU
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TmvFCfvR8aoLv8eTBjGbVontFNqV4GNQy4wzr_RQdIU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A5JD92ECJT7N4PNZWP4S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TmvFCfvR8aoLv8eTBjGbVontFNqV4GNQy4wzr_RQdIU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 4C44 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:33 GMT
content-length
0
/
onetag-sys.com/match/ Frame 4C44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 4C44 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 4C44 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame 4C44 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.122.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-122-173.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 4C44 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 4C44 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
800ef46a8d22bb7d-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
806be4bb7b0be258506a34a3a85ade
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 6826
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/806be4bb7b0be258506a34a3a85ade?gdpr_consent=&gdpr=0
0
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/806be4bb7b0be258506a34a3a85ade?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
800ef46c3f57bb7d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:35 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 03 Sep 2023 15:16:35 GMT
Expires
Sun, 03 Sep 2023 15:16:35 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/806be4bb7b0be258506a34a3a85ade?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1693754195718005-389
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 597B 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
84568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 15:47:06 GMT
v1
match.sharethrough.com/universal/ Frame CA41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.1.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-1-69.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
sd
us-u.openx.net/w/1.0/ Frame 0DD9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UZtkbAacN2pKzmFuXp4va1WWMGhKnGFtBp_rm1a0
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UZtkbAacN2pKzmFuXp4va1WWMGhKnGFtBp_rm1a0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UZtkbAacN2pKzmFuXp4va1WWMGhKnGFtBp_rm1a0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0DD9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4209624951218091518
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4209624951218091518
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4209624951218091518
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0DD9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8804198f-a60f-8a41-9026-a358644be7fc
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
34MXFEX01Z8FWGG080G5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 0DD9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d0d265f2-baa5-31bb-5028-21cf0c782c1c&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0DD9 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmNiZGI2MzgtNzNkMi02ZjFmLTQ1YzgtN2I3NmM2OWFlMjdj
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0DD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL6anRsA0jGH1ejTl1mkEMI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL6anRsA0jGH1ejTl1mkEMI&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL6anRsA0jGH1ejTl1mkEMI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 9B11 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWn6ccyS_seELAQ1r353Ob7GOSEXADdYnTdO3KoDhf6PCWt-Hd_1XoU_j1e5XlnZ5VFXXUf7Z79cbxPGw623khoZbU1TL4Y5ujfTCMoAtQ963bdwaiwgsrzza_Kydm8LzQSbz9x-8z0Bher6me8zYeTYBobyB96oMa0bO90k7mqmo1IA4&cry=1&dbm_d=AKAmf-Aa75DRSDjjY7f7RzejW3zOXQZR-lMdsJVNfFv24LfIX88dH2A-KWE5R3mbqmI8pG2XOGIdeFFjQE2Vva1AI-0yxOeaoQz_cLgS452haa1mqLlUWf5oZRT6bHz0BgtmGsxPzICExx42-Dg4WDRs_PFyBvCbyg6K0g2X244inha_PMteXy8_ZuFz6GTH-pya7DLh6hieSmUj3YN7VfT3zVLBZxkJmRcrzVzeOAe9SuTnNyQqMvD_iPi5rP8T2VnO_-b6bf36fcYnfUli8BIZ1t2g74qdmkjFkLj_-4yk6g2wI9nsikpOjYgw2C1r7GTNZJFR_H_lCcAXHcnPk8BB7JQi6pZE0fyg_AmR0I21G1l7U1GZHOs-uAXU8aMyrIjED943I2cOZCLRpXa5zdNTFn9FU7PKh9kEqKD4xgFsocRLsvrnhoeNEVVEdWyP6RGW3myikSIBtC_4adpyGSZQ8qAMjjuWhDDaeVX5zd-b3Whq7ooEVZnCUuz50OrHjWFA4vgfYaoyy13mv1_qNOKi4fv6QnTGN7_r_b0zvH1MghNAvFMg90PmVThna_9AUpzD2V2d7GjaRHQKWg1jQSD3n_eZiXaYrFNMOF1fyn7PfZIkvd-988GSRV7hAEZJkC24AfDAIGYTYvroQ7KaTTywJ6FU83zWRWJiEd-9k2wUetZsvRzAjwBF4Bl9mRE8oq_6f_yKdV938fyXlAAiwaFsisMAxEzZVuD5mD6N_33VKcP3rrXeGFfXba_HTt41O44xUrcYgYs4PdCc-goH23766IOJRmYB7vHJu3z5LrdTP1ygYXJqUSD2dMvzluS8g_7xK94cCEcyjOGLyqzHKuCXbeTDpxfRtcnrY50wKMB7Mauv6Ln6JDfKFBdk6uIgF1x-Mlh6SG14ELYkndweWtSkBhk2nZ5H3UFf5DnrdMiDMMBA28kv_YwjQhjkiEGrrxzWoGn_-lh9L8OXAWTVhZz-XHdKQpCbXMBUyQHtSvS6C30-Cpexi3fr2LRciV8v3XcxvAjVa5hH7E8edLvb1DrLHN7TF0E_tDTb4rydFLSvJJX6W_ToMs3XNKT0diiPw8mSoeC-eskyCxIwmAj_rAp2goqFZ7mEoJWG0gh1ljN6A0TMg9iQIG-SXRPVZaTZnnsTOjlqQQ0Gpi1cusydcMLFagA_E8iHIiK6Z5wgqxKTw0dq6VbHgpldSQdQiqPFq1XU8rObN72PQdk7WSHnGDb3xFGk9a1OSWpLwTLqdMCXed-uYFvG89T4nmn05AbYS7hO9q0uq7r-EC89ytq5WYM2ACgQsem5upNvNgv0qFlHWy9rDG4INLicD5jaViSooh5HVxfAeSLMGXCgoVcMgVHy0NRYTQz8JV381A9GM2mXW9OI5QgPoMD4YjAw_t3mTsc3yrfGqwMcagbckr8_ieHcK3E_GKsmNcn1Sdhkqy1XoNghQBXZLqKtky-sUCsIjGwIc6JXULoetqhJb2xYZ6PQszfjpLk8_QRcX8EL8oE_zzw0ldjXwINhDS-ma0YKWnAK1HoHbGSpKqipcvXip34-k2m6g79msYGb2jM9cNPz7kCYjRqNT7_RmnhhCdlP3y0_uMr_hvj9166K2Isqw4Loppz_QYNkd_TakeOUw4L1NPb6L9dv4E75GKYdvaDj-pP6t7B8C6Blj1bS60BIjRrD3T-8jFLViukOMn3zhc65fqRUy-cwHwIk91w5bpJfEe2RrOWxTnebaCOKbGnSc9q3qkQTzBkGY2wJFzTykvoVj4WCkUeh6VAcsi-0xwe5SMxJp5wQKGRk4_BoflpJq0I7-1Cp2SM08lIpmIPLDFdAqFbCzm-SROmi9LP46lSwzT8haHXdRX8jijeF6WpBeY_w6KNGg4KJmcxClvM3sReezeAl8DKyHWuCgqY-TvWfqv8LiSIoZPLdnq2epBz15gSpFPj5adpvM64rJENSmXVSDmFBeWghqPYJIZspGCuWy00N5qNrU24Ea5_EUHn2fhM8jks_Z5Q-JV4FssUWgK7EHyyG1mn1zIjl6tdzc2ydAdwsP9OHU4LT8keTWwqZIKGYTssXm80mtjPFVg6HRDAvWwqyvNSyBJ70OvVbKshQHbdv2zhFU3GWzZBFJ-1POYTMFAJojc3SiDaf516DzzCeK6HSyOXm_KD2kP62-B0tcxDqfE4JSAFOO7DnyCFncMMAQQRuUNhptQaW1UZaP2EYXPUi0H9TgjymI3Y1Jb2LRwm0HDVfLsozJhJBi40XPIrrOgpGjextxO8MZE7TkYU8x8HDghheUiq16I6iFYra8KsPdTFOs6idhJwlQm7gDFsZLvpaU6xRRyIArP1kBoyGnMBsCMs0z3BX-3NAWjQ0gk9g3KCjIwS7xkXSs5sjFZIaPnOTSOMntb_swlTDGgkuEzssHcEJztxViAnwih1YyF6uaQ69656S5sLdNkvnHhg8RGD3_w-HnZb6tij0hlFv6Uk25AhNqDu1S8dwUC7ilrYPr0fQyB4FsYU0qPXgXs6gv-e2HJpmOuJrQWxvJTwE2ueuWqx2uhN6YTrar7fwNNb1cBiSFsksIeFF9hEtGj_yLWzqPBMFMOwp_mfa3bq-CgiVrsvY4UNMppCq-zF20U5TD6WRo0is_0ETdimG4dXCq3b_ysid0JasSb-LTuAe-5hOsn2lhxTUH66llXLFt4UAfIS8vshItkfD9POYa3j1fnDvHGdQTI-ipdhOKGoHter1QIYRYsQV4YuYp8dRchH4kdPxqykh1WXjsyfVhfyZgxdyH7hfuqWrNKc8ZA-lsym2WBFNYtnQMyIfDB965BtuSb6uGXzs9hlQqEWOzMTAv2iqhKizR2DJ7zYEqoLMqY7txkpGm9N6ajsLGzhUw9UwzJXVAecwaTi01zBMm4I8f2uFasEMuLGBnS4RQSHhR9CUFIx8OsGiwxgblRmXBxq1jGsFBt8oBYeGZRYryQlWgtFR-n89bvRrxv1mbs2MehR23P2XOUwzMKt1M2P0lwTYKrAJswhAkiWo06MCj3p5-k9qu8ztN-AjYp0Q4DH0pOMFcMycTV4KnVo231sjoZ1NA1Jpl7RTry1NEdPEMhHI71wviZO1hDOFgr7oJZ5mDUft3JzSEj40lT0sUXBPzBalMI2gS60m_DHmY6E3PMMDT8jYH1gsDw2tLhfs3nTQaM_v6HfoVWSIFPbY3tjP5qk6wFKF7W4PLiHt2i3hK_FysQPSCjX5LQuVCxTJ9HqMoV6yF1LieUTEED5YXPYu1QVhgdDP0Jn5jh4KrSA8MCcGxlZSYIpnwg4dEqwyJf-9eE1C97cXb3IHwPv263DkJDXtr9gybHa4s9044I23bYi4taT1wkzydkXkOMotrZbofHEKbpRoh2LdGjYR6SryzgO2stJTgSUmUc3Lr7ZKGlvmDTaEjujK-IZ5h1ZCj7HKrGeNHokgdZ9giGNvI0XpPC8BI2Cl8rwbIvmL3mPDJZTW0fWPvVW0PPo7_nd-5jS_HSQ554CMg0MBbMswIzKIJR9huCd36DHHeBXLtQ2eWpGI1qBjXr2LFX6y3o4stcvKqE2PjQvA-ThGgL96nNq4MEtYCv9HAKtn1PvS1A8gphcVWHhR9mD_J26UVXJvv7D5IRRxxRAnHhZcX4d3ONPDeXXug74kEgVW&pr=8%3AC99551E019C665B4&cid=CAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ds=l&xdt=0&iif=1&cor=3937291791478477000&adk=1645240580&idt=352&cac=0&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:57:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
4726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:57:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B11 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWn6ccyS_seELAQ1r353Ob7GOSEXADdYnTdO3KoDhf6PCWt-Hd_1XoU_j1e5XlnZ5VFXXUf7Z79cbxPGw623khoZbU1TL4Y5ujfTCMoAtQ963bdwaiwgsrzza_Kydm8LzQSbz9x-8z0Bher6me8zYeTYBobyB96oMa0bO90k7mqmo1IA4&cry=1&dbm_d=AKAmf-Aa75DRSDjjY7f7RzejW3zOXQZR-lMdsJVNfFv24LfIX88dH2A-KWE5R3mbqmI8pG2XOGIdeFFjQE2Vva1AI-0yxOeaoQz_cLgS452haa1mqLlUWf5oZRT6bHz0BgtmGsxPzICExx42-Dg4WDRs_PFyBvCbyg6K0g2X244inha_PMteXy8_ZuFz6GTH-pya7DLh6hieSmUj3YN7VfT3zVLBZxkJmRcrzVzeOAe9SuTnNyQqMvD_iPi5rP8T2VnO_-b6bf36fcYnfUli8BIZ1t2g74qdmkjFkLj_-4yk6g2wI9nsikpOjYgw2C1r7GTNZJFR_H_lCcAXHcnPk8BB7JQi6pZE0fyg_AmR0I21G1l7U1GZHOs-uAXU8aMyrIjED943I2cOZCLRpXa5zdNTFn9FU7PKh9kEqKD4xgFsocRLsvrnhoeNEVVEdWyP6RGW3myikSIBtC_4adpyGSZQ8qAMjjuWhDDaeVX5zd-b3Whq7ooEVZnCUuz50OrHjWFA4vgfYaoyy13mv1_qNOKi4fv6QnTGN7_r_b0zvH1MghNAvFMg90PmVThna_9AUpzD2V2d7GjaRHQKWg1jQSD3n_eZiXaYrFNMOF1fyn7PfZIkvd-988GSRV7hAEZJkC24AfDAIGYTYvroQ7KaTTywJ6FU83zWRWJiEd-9k2wUetZsvRzAjwBF4Bl9mRE8oq_6f_yKdV938fyXlAAiwaFsisMAxEzZVuD5mD6N_33VKcP3rrXeGFfXba_HTt41O44xUrcYgYs4PdCc-goH23766IOJRmYB7vHJu3z5LrdTP1ygYXJqUSD2dMvzluS8g_7xK94cCEcyjOGLyqzHKuCXbeTDpxfRtcnrY50wKMB7Mauv6Ln6JDfKFBdk6uIgF1x-Mlh6SG14ELYkndweWtSkBhk2nZ5H3UFf5DnrdMiDMMBA28kv_YwjQhjkiEGrrxzWoGn_-lh9L8OXAWTVhZz-XHdKQpCbXMBUyQHtSvS6C30-Cpexi3fr2LRciV8v3XcxvAjVa5hH7E8edLvb1DrLHN7TF0E_tDTb4rydFLSvJJX6W_ToMs3XNKT0diiPw8mSoeC-eskyCxIwmAj_rAp2goqFZ7mEoJWG0gh1ljN6A0TMg9iQIG-SXRPVZaTZnnsTOjlqQQ0Gpi1cusydcMLFagA_E8iHIiK6Z5wgqxKTw0dq6VbHgpldSQdQiqPFq1XU8rObN72PQdk7WSHnGDb3xFGk9a1OSWpLwTLqdMCXed-uYFvG89T4nmn05AbYS7hO9q0uq7r-EC89ytq5WYM2ACgQsem5upNvNgv0qFlHWy9rDG4INLicD5jaViSooh5HVxfAeSLMGXCgoVcMgVHy0NRYTQz8JV381A9GM2mXW9OI5QgPoMD4YjAw_t3mTsc3yrfGqwMcagbckr8_ieHcK3E_GKsmNcn1Sdhkqy1XoNghQBXZLqKtky-sUCsIjGwIc6JXULoetqhJb2xYZ6PQszfjpLk8_QRcX8EL8oE_zzw0ldjXwINhDS-ma0YKWnAK1HoHbGSpKqipcvXip34-k2m6g79msYGb2jM9cNPz7kCYjRqNT7_RmnhhCdlP3y0_uMr_hvj9166K2Isqw4Loppz_QYNkd_TakeOUw4L1NPb6L9dv4E75GKYdvaDj-pP6t7B8C6Blj1bS60BIjRrD3T-8jFLViukOMn3zhc65fqRUy-cwHwIk91w5bpJfEe2RrOWxTnebaCOKbGnSc9q3qkQTzBkGY2wJFzTykvoVj4WCkUeh6VAcsi-0xwe5SMxJp5wQKGRk4_BoflpJq0I7-1Cp2SM08lIpmIPLDFdAqFbCzm-SROmi9LP46lSwzT8haHXdRX8jijeF6WpBeY_w6KNGg4KJmcxClvM3sReezeAl8DKyHWuCgqY-TvWfqv8LiSIoZPLdnq2epBz15gSpFPj5adpvM64rJENSmXVSDmFBeWghqPYJIZspGCuWy00N5qNrU24Ea5_EUHn2fhM8jks_Z5Q-JV4FssUWgK7EHyyG1mn1zIjl6tdzc2ydAdwsP9OHU4LT8keTWwqZIKGYTssXm80mtjPFVg6HRDAvWwqyvNSyBJ70OvVbKshQHbdv2zhFU3GWzZBFJ-1POYTMFAJojc3SiDaf516DzzCeK6HSyOXm_KD2kP62-B0tcxDqfE4JSAFOO7DnyCFncMMAQQRuUNhptQaW1UZaP2EYXPUi0H9TgjymI3Y1Jb2LRwm0HDVfLsozJhJBi40XPIrrOgpGjextxO8MZE7TkYU8x8HDghheUiq16I6iFYra8KsPdTFOs6idhJwlQm7gDFsZLvpaU6xRRyIArP1kBoyGnMBsCMs0z3BX-3NAWjQ0gk9g3KCjIwS7xkXSs5sjFZIaPnOTSOMntb_swlTDGgkuEzssHcEJztxViAnwih1YyF6uaQ69656S5sLdNkvnHhg8RGD3_w-HnZb6tij0hlFv6Uk25AhNqDu1S8dwUC7ilrYPr0fQyB4FsYU0qPXgXs6gv-e2HJpmOuJrQWxvJTwE2ueuWqx2uhN6YTrar7fwNNb1cBiSFsksIeFF9hEtGj_yLWzqPBMFMOwp_mfa3bq-CgiVrsvY4UNMppCq-zF20U5TD6WRo0is_0ETdimG4dXCq3b_ysid0JasSb-LTuAe-5hOsn2lhxTUH66llXLFt4UAfIS8vshItkfD9POYa3j1fnDvHGdQTI-ipdhOKGoHter1QIYRYsQV4YuYp8dRchH4kdPxqykh1WXjsyfVhfyZgxdyH7hfuqWrNKc8ZA-lsym2WBFNYtnQMyIfDB965BtuSb6uGXzs9hlQqEWOzMTAv2iqhKizR2DJ7zYEqoLMqY7txkpGm9N6ajsLGzhUw9UwzJXVAecwaTi01zBMm4I8f2uFasEMuLGBnS4RQSHhR9CUFIx8OsGiwxgblRmXBxq1jGsFBt8oBYeGZRYryQlWgtFR-n89bvRrxv1mbs2MehR23P2XOUwzMKt1M2P0lwTYKrAJswhAkiWo06MCj3p5-k9qu8ztN-AjYp0Q4DH0pOMFcMycTV4KnVo231sjoZ1NA1Jpl7RTry1NEdPEMhHI71wviZO1hDOFgr7oJZ5mDUft3JzSEj40lT0sUXBPzBalMI2gS60m_DHmY6E3PMMDT8jYH1gsDw2tLhfs3nTQaM_v6HfoVWSIFPbY3tjP5qk6wFKF7W4PLiHt2i3hK_FysQPSCjX5LQuVCxTJ9HqMoV6yF1LieUTEED5YXPYu1QVhgdDP0Jn5jh4KrSA8MCcGxlZSYIpnwg4dEqwyJf-9eE1C97cXb3IHwPv263DkJDXtr9gybHa4s9044I23bYi4taT1wkzydkXkOMotrZbofHEKbpRoh2LdGjYR6SryzgO2stJTgSUmUc3Lr7ZKGlvmDTaEjujK-IZ5h1ZCj7HKrGeNHokgdZ9giGNvI0XpPC8BI2Cl8rwbIvmL3mPDJZTW0fWPvVW0PPo7_nd-5jS_HSQ554CMg0MBbMswIzKIJR9huCd36DHHeBXLtQ2eWpGI1qBjXr2LFX6y3o4stcvKqE2PjQvA-ThGgL96nNq4MEtYCv9HAKtn1PvS1A8gphcVWHhR9mD_J26UVXJvv7D5IRRxxRAnHhZcX4d3ONPDeXXug74kEgVW&pr=8%3AC99551E019C665B4&cid=CAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ds=l&xdt=0&iif=1&cor=3937291791478477000&adk=1645240580&idt=352&cac=0&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9B11 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWn6ccyS_seELAQ1r353Ob7GOSEXADdYnTdO3KoDhf6PCWt-Hd_1XoU_j1e5XlnZ5VFXXUf7Z79cbxPGw623khoZbU1TL4Y5ujfTCMoAtQ963bdwaiwgsrzza_Kydm8LzQSbz9x-8z0Bher6me8zYeTYBobyB96oMa0bO90k7mqmo1IA4&cry=1&dbm_d=AKAmf-Aa75DRSDjjY7f7RzejW3zOXQZR-lMdsJVNfFv24LfIX88dH2A-KWE5R3mbqmI8pG2XOGIdeFFjQE2Vva1AI-0yxOeaoQz_cLgS452haa1mqLlUWf5oZRT6bHz0BgtmGsxPzICExx42-Dg4WDRs_PFyBvCbyg6K0g2X244inha_PMteXy8_ZuFz6GTH-pya7DLh6hieSmUj3YN7VfT3zVLBZxkJmRcrzVzeOAe9SuTnNyQqMvD_iPi5rP8T2VnO_-b6bf36fcYnfUli8BIZ1t2g74qdmkjFkLj_-4yk6g2wI9nsikpOjYgw2C1r7GTNZJFR_H_lCcAXHcnPk8BB7JQi6pZE0fyg_AmR0I21G1l7U1GZHOs-uAXU8aMyrIjED943I2cOZCLRpXa5zdNTFn9FU7PKh9kEqKD4xgFsocRLsvrnhoeNEVVEdWyP6RGW3myikSIBtC_4adpyGSZQ8qAMjjuWhDDaeVX5zd-b3Whq7ooEVZnCUuz50OrHjWFA4vgfYaoyy13mv1_qNOKi4fv6QnTGN7_r_b0zvH1MghNAvFMg90PmVThna_9AUpzD2V2d7GjaRHQKWg1jQSD3n_eZiXaYrFNMOF1fyn7PfZIkvd-988GSRV7hAEZJkC24AfDAIGYTYvroQ7KaTTywJ6FU83zWRWJiEd-9k2wUetZsvRzAjwBF4Bl9mRE8oq_6f_yKdV938fyXlAAiwaFsisMAxEzZVuD5mD6N_33VKcP3rrXeGFfXba_HTt41O44xUrcYgYs4PdCc-goH23766IOJRmYB7vHJu3z5LrdTP1ygYXJqUSD2dMvzluS8g_7xK94cCEcyjOGLyqzHKuCXbeTDpxfRtcnrY50wKMB7Mauv6Ln6JDfKFBdk6uIgF1x-Mlh6SG14ELYkndweWtSkBhk2nZ5H3UFf5DnrdMiDMMBA28kv_YwjQhjkiEGrrxzWoGn_-lh9L8OXAWTVhZz-XHdKQpCbXMBUyQHtSvS6C30-Cpexi3fr2LRciV8v3XcxvAjVa5hH7E8edLvb1DrLHN7TF0E_tDTb4rydFLSvJJX6W_ToMs3XNKT0diiPw8mSoeC-eskyCxIwmAj_rAp2goqFZ7mEoJWG0gh1ljN6A0TMg9iQIG-SXRPVZaTZnnsTOjlqQQ0Gpi1cusydcMLFagA_E8iHIiK6Z5wgqxKTw0dq6VbHgpldSQdQiqPFq1XU8rObN72PQdk7WSHnGDb3xFGk9a1OSWpLwTLqdMCXed-uYFvG89T4nmn05AbYS7hO9q0uq7r-EC89ytq5WYM2ACgQsem5upNvNgv0qFlHWy9rDG4INLicD5jaViSooh5HVxfAeSLMGXCgoVcMgVHy0NRYTQz8JV381A9GM2mXW9OI5QgPoMD4YjAw_t3mTsc3yrfGqwMcagbckr8_ieHcK3E_GKsmNcn1Sdhkqy1XoNghQBXZLqKtky-sUCsIjGwIc6JXULoetqhJb2xYZ6PQszfjpLk8_QRcX8EL8oE_zzw0ldjXwINhDS-ma0YKWnAK1HoHbGSpKqipcvXip34-k2m6g79msYGb2jM9cNPz7kCYjRqNT7_RmnhhCdlP3y0_uMr_hvj9166K2Isqw4Loppz_QYNkd_TakeOUw4L1NPb6L9dv4E75GKYdvaDj-pP6t7B8C6Blj1bS60BIjRrD3T-8jFLViukOMn3zhc65fqRUy-cwHwIk91w5bpJfEe2RrOWxTnebaCOKbGnSc9q3qkQTzBkGY2wJFzTykvoVj4WCkUeh6VAcsi-0xwe5SMxJp5wQKGRk4_BoflpJq0I7-1Cp2SM08lIpmIPLDFdAqFbCzm-SROmi9LP46lSwzT8haHXdRX8jijeF6WpBeY_w6KNGg4KJmcxClvM3sReezeAl8DKyHWuCgqY-TvWfqv8LiSIoZPLdnq2epBz15gSpFPj5adpvM64rJENSmXVSDmFBeWghqPYJIZspGCuWy00N5qNrU24Ea5_EUHn2fhM8jks_Z5Q-JV4FssUWgK7EHyyG1mn1zIjl6tdzc2ydAdwsP9OHU4LT8keTWwqZIKGYTssXm80mtjPFVg6HRDAvWwqyvNSyBJ70OvVbKshQHbdv2zhFU3GWzZBFJ-1POYTMFAJojc3SiDaf516DzzCeK6HSyOXm_KD2kP62-B0tcxDqfE4JSAFOO7DnyCFncMMAQQRuUNhptQaW1UZaP2EYXPUi0H9TgjymI3Y1Jb2LRwm0HDVfLsozJhJBi40XPIrrOgpGjextxO8MZE7TkYU8x8HDghheUiq16I6iFYra8KsPdTFOs6idhJwlQm7gDFsZLvpaU6xRRyIArP1kBoyGnMBsCMs0z3BX-3NAWjQ0gk9g3KCjIwS7xkXSs5sjFZIaPnOTSOMntb_swlTDGgkuEzssHcEJztxViAnwih1YyF6uaQ69656S5sLdNkvnHhg8RGD3_w-HnZb6tij0hlFv6Uk25AhNqDu1S8dwUC7ilrYPr0fQyB4FsYU0qPXgXs6gv-e2HJpmOuJrQWxvJTwE2ueuWqx2uhN6YTrar7fwNNb1cBiSFsksIeFF9hEtGj_yLWzqPBMFMOwp_mfa3bq-CgiVrsvY4UNMppCq-zF20U5TD6WRo0is_0ETdimG4dXCq3b_ysid0JasSb-LTuAe-5hOsn2lhxTUH66llXLFt4UAfIS8vshItkfD9POYa3j1fnDvHGdQTI-ipdhOKGoHter1QIYRYsQV4YuYp8dRchH4kdPxqykh1WXjsyfVhfyZgxdyH7hfuqWrNKc8ZA-lsym2WBFNYtnQMyIfDB965BtuSb6uGXzs9hlQqEWOzMTAv2iqhKizR2DJ7zYEqoLMqY7txkpGm9N6ajsLGzhUw9UwzJXVAecwaTi01zBMm4I8f2uFasEMuLGBnS4RQSHhR9CUFIx8OsGiwxgblRmXBxq1jGsFBt8oBYeGZRYryQlWgtFR-n89bvRrxv1mbs2MehR23P2XOUwzMKt1M2P0lwTYKrAJswhAkiWo06MCj3p5-k9qu8ztN-AjYp0Q4DH0pOMFcMycTV4KnVo231sjoZ1NA1Jpl7RTry1NEdPEMhHI71wviZO1hDOFgr7oJZ5mDUft3JzSEj40lT0sUXBPzBalMI2gS60m_DHmY6E3PMMDT8jYH1gsDw2tLhfs3nTQaM_v6HfoVWSIFPbY3tjP5qk6wFKF7W4PLiHt2i3hK_FysQPSCjX5LQuVCxTJ9HqMoV6yF1LieUTEED5YXPYu1QVhgdDP0Jn5jh4KrSA8MCcGxlZSYIpnwg4dEqwyJf-9eE1C97cXb3IHwPv263DkJDXtr9gybHa4s9044I23bYi4taT1wkzydkXkOMotrZbofHEKbpRoh2LdGjYR6SryzgO2stJTgSUmUc3Lr7ZKGlvmDTaEjujK-IZ5h1ZCj7HKrGeNHokgdZ9giGNvI0XpPC8BI2Cl8rwbIvmL3mPDJZTW0fWPvVW0PPo7_nd-5jS_HSQ554CMg0MBbMswIzKIJR9huCd36DHHeBXLtQ2eWpGI1qBjXr2LFX6y3o4stcvKqE2PjQvA-ThGgL96nNq4MEtYCv9HAKtn1PvS1A8gphcVWHhR9mD_J26UVXJvv7D5IRRxxRAnHhZcX4d3ONPDeXXug74kEgVW&pr=8%3AC99551E019C665B4&cid=CAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ds=l&xdt=0&iif=1&cor=3937291791478477000&adk=1645240580&idt=352&cac=0&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
39249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:22:28 GMT
usync.html
eus.rubiconproject.com/ Frame 620D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Sep 2023 15:16:34 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
r62eglto.js
ad4m.at/ Frame 9B11 		0
0
frame.html
ad4m.at/ Frame 1E19 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2145117
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
800ef4651a591db0-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 03 Sep 2023 15:16:34 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXgpsAgndx83uWSEb65nF89H1XvquWA6d%2Fk2BZWiU3WU6kfct%2BLzTeM7sTCFxqCsSvlKBX%2BFfJHEvrLxRqBwB8ki5tzHnjiAkanpHBH1E7DV9Lfp0H2dLnc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame 3FAF 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3FAF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-zjfVX_PZe_4eGRws1BDP5KkK-7Xew
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-zjfVX_PZe_4eGRws1BDP5KkK-7Xew
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilud-zjfVX_PZe_4eGRws1BDP5KkK-7Xew
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 3FAF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame 3FAF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame 3FAF 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Sun, 03 Sep 2023 15:16:34 GMT
/
onetag-sys.com/match/ Frame 3FAF
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LM3LICXH-1G-7O8T&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LM3LICXH-1G-7O8T&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LM3LICXH-1G-7O8T&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
onetag-sys.com/match/ Frame 3FAF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3756744799350472698
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3756744799350472698
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:34 GMT
an-x-request-uuid
7b06f9bf-7c96-4ab3-9112-12ea906917bf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3756744799350472698
x-proxy-origin
158.181.111.68; 158.181.111.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 3FAF
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6549451280056235199
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6549451280056235199
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=6549451280056235199
date
Sun, 03 Sep 2023 15:16:34 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 3FAF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yVgiNjluyroAUbk67vpFQ9L60wpYRtdVrsGLEQpgWuU
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yVgiNjluyroAUbk67vpFQ9L60wpYRtdVrsGLEQpgWuU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JHDT4CHPXKE2NA7G75SP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yVgiNjluyroAUbk67vpFQ9L60wpYRtdVrsGLEQpgWuU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
sync.bumlam.com/ Frame 3FAF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjA4NjEwMDItRjVGMi00QjRGLUExMEItQjU0QzNBNjgwMzJG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame 3FAF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
date
Sun, 03 Sep 2023 15:16:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 3FAF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
onetag-sys.com/match/ Frame 3FAF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=fa5c6e48-6cf7-49b8-94fc-fa0df4bb4cd1&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 03 Sep 2023 15:16:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame 3FAF 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame 4FA2
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
0
594 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
800ef46d2877bb7d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 03 Sep 2023 15:16:35 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame E009 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLZOqcrX9xEclxF-9iZi25XOXDa3XogR2MzunTqxsFOoMVpKt0X5RpkUO4i9EAZldwvbZtUNIIzYFR3TCQyXaHgvScc80u-1vpc4I9dVIReoA6IlMX8ZtI9j9cG_iYExcXKMcmZbAzNxks5pkEkwIYP5JSIFfD_O3b_FOcDfv8bpFv2Bc&cry=1&dbm_d=AKAmf-D1YSV6jcwqGWwkqheLAe_8stjxyvXOBMDbLsk4HU7F80EtmqFXxTWWN8RkVkqnwgQhHL2o4l9Thd4Fe60hYKev9upRuwdL9kMAvSfBrtNQV16Eb0RCvHMWqm3FHKxr4xyHkRrkmmAQ3QbN_tPzA4yqfE3CRJyuLFaS08lEGFsMDA-FsC83fQrVLfvSFLmMLmG86GuOcLOGSniFVdHGg9NDklBnQOWwFNxfGd69KdfUlw_9eSbOjB5jBjvKA30BvEHPNBusk0jaxSAINpmnCgZ3cbjlHrXX2ADvt_ju2WBaouwrS8kicsq8WgvcwYtg-hWi4msD7PXp5nhNvu2gcZ7TUqQ0K_69NxWEAjr7zTaNxWC_UjpIDZTmYwoRVdJwJOpyzVQ3tCh5073aoAVounHUPLFzzoEGRnwNu0b5SDT4_BVWWFR7Dj1myImfQUH5V-d0T_77dm63Beh3h6MnSLcRYh9gNFDh1-5ofsrhY4YRt2vxSd_MDk056mHXNXF-NZzo34vhPOgbDmtrBApbKluNhknWjW0CjoofNbOfdWYH6Txe3c0Dc-1IbXi_SXmS6tPfOApUdeqvy1gdEy47YA1ZtF9uE8ws2I1rGUazOULZlx1o7MpAYUk1shOedEX7OgBYIxmc457l9LfX49p5P-SZAausKxGT7vYw1HQQ1z89Uy8pKvBBPv7r_iQ8GlUFeyFm-5mC5QHDmLjdIFP-43-yPyPQlNB07wWI6IdCc8YA2fFWknJrbburTdDEBnR3Pn1ZuekkabED3CZLAyfJZG5IuF5m2GGaUX2LnFa4nrmtryckTx-G7dgzF9g5FhkeeZtZ8h9yJNdjFKf8Z-UVDY_n-uq8-_qmSkL9ppyfKOJLb-e-x2sDNos9OPU_GufwAf9lejQ4qHziHysQ_uldbtSDPOiv0wxADZNmTNgYwvuQAvuS9GOeafmSy46gQb8rHxlxTmMAl9lIFP9tSoCJhzw2UrOGyOCmgkvkNfuk3QFOdJi1wKBuPfMTMP5heTF4XBr57HOJInW9SMejUTcrQnhWiOokoYFKM0tKwWBTIm7pItEZKTcALN2cXkDSgiwTo4i6SBjKbGnA_USbBSToPBTdd-NjQo5fiPD8I_BQQ2Qhuos4W88XWgYfCFX6AofYkAB2yyN_h6zC8Y1fumTJvjLVk-OcA5cgRW_7xKu5kMvZ4xGeHTBEuKbRm2X6pnpxCQkc7AcMMTsGvmGOqHfL8F08Kltc6HRzqaUkRd_jAtJZLFu1NDTyt-O6UJHnInDAKsoUJMr327J26B8VCXST9f2xhPlCJ53V2FSoIVn7rZbROKJcSCOsAxb_MnJa4ELhISimq9Z3xKaVOmVRGU9OqYsx16zNlrx8k8uOHypGFirg15lCN946xWgeRJ93jlz0FePyYR1xDPR9gREmNL6YWTqTL7CdBOG4xjcVrTaCmXi9NaI6h3_j2ZjtlPC9sr1cXn25u7i4Wt8lU_X5GNbtxK0z91QjlvUXAVmv55KDcYC3IB5d3MqYtaE4YnLFwPup9cmIyqgUhp4PQiuds9NMUz3DXv0-ayEwBAC8OwM9MY04iraivHKPeBhfatGWTT5V_LRA5AKeS4nBqcOy2HrLktuVwnmY9eTuWv61dfH5ekFDwgc9-1Y2T0TgVMmjWA4VwyCcSfHzT8HCcfA98gxR4qCGD6ewB__JPFi8kljwjVHEz9b7h-Ez6YfuyBn16mJS1sDpWQBmUk5UFwaA5Wm2mdkJfdFX-4j98TCsjKWy5TCovqkQPYQzNeAIOtgKTKgHpwG3dB8C38BZRt97TKuvZjGti-tllY4kWOVogQKrWIQXb38dqraaKU1uYJPX9L52hDw4mSpIvEL3R9wKBUgr2h9H_E83Z4CiDFMIiYsxMYLbzjCKMCBsaMJ0B1SOWzslOlklw6XhUCKjEXbK6gRVv76nJE8j9Xwswv_zHwZ8lBh8eRPsXtb2yr5h7XpnWKXxsA0_hzoFHrM1mumvVrl2jtAsEDGvp6U4dt0u3lLYTlrFYbRgJMw175oI9aw3msNfGhQ-p9kLV1cmNdai_7azAwoLgrxcqn3F1C2eb32jA4MpUdeqSEviUFHo2Hq0faV9RA3RFp5n9k8huSXwgGLMrZj7TpJ4Z9_Ubv4iOw_z8NUeKPvFIS_THpzurOkEi0bjMW_k36ra7IZPyGM1gjDWTn7SyNhp7xbs74VkSXVKEGWqAgOb-wQR2S5ci-AVwRWIPUy7bwhE3eI3EYNaIWsA2Rki83-KspwC_xws0ZPk1p3fa_y-yep7ds_mQu82evjVk-9pav-IBjjKTtgYqn4Jug0TQy2RPVukx5Pat8yXjeUVPEMiGH_rMJoZYiqGA2FIOQY6bRgbcmdUxyf3jLXSiebXPrF0J9TBViQu8jXbDQsyh2JqlKZe7H_GueVXeQkyAs7EnHFwsxci629gxcwAXbOvlkX9YEpLMDyQGrTYKqv1YynzAuIpmeJQ_3JSFoFeS0yy18jUkwHEk1cicbCbBcK6pPGBI6a6SWQqSkmBFy-dBx7VsDfZlHAg9wdP6v9b0SfWuMfmQUSXzYlEKvdZuAVrNkB0RdmEEkQRAwib6KsE3WdJTbtSXeQOvOK7QrJ-YnSWgyybCPisZ_652CIQVofckgu-WeVirnlMWWRKZBZgb1VM9UinZX5BEpYF7KFnJmWegLrYDEAblorSanCRuOGPZ-XRzznQW4fUH-2W75F87YvpIa7JmD_7PCdR0GaXqVSaah4U3dgtzAxUN7SgsvSaCM4AIx9dv0WEwXZolc-EAqhWx3X6xde4S4fFfk50ml-DGfIj9Ma-p5diDJdl0pnOds0ME-zPRjk03sduZqZxEC4AZIf3GXQ_7WGy5xJLxS6VUCZqjwufn2GF3rZeko_xghw-0cM7giYngMcHVQyW7JTvqoCv6x3hAjPQCSE4_yisd6cYd6MnIGBqqGctoLpNjJX7uitIUZX-ZkbsR2aHtUhV2S66IUcsUlftWUxveoxnLFAk_zwGk8Sy1PcHoO2Wkbn-FoAiyGOt78OrgyxQKzFyQ1RfjgGEUzJlSVRrO4fNdQW7Wk2LxtI0pIQt--CyBSscjDvV4md0_lBVCQsvQfjaKyDgO98HfLD0GA5zctCx5ZM7vmOmZvshm4ER4uUtjjEreElbmv6R7yObbekPZqhc_gJ5X9OMPIZSngh94ZT3mF6U9YCRvIrCaFhOirS--D0I-BfLsxqNc9v-mu9iwXtt_wsLt8EgRRli9O5FAgF-TSMNZBlL0v-f1XyxCAh0S6lM_58nAhrpDIg3pdYhMh55pWewH-LoW8ce5U_dPESbCn0Wtsa_aVoQayKZjn0MibWPxh0-P2ykoJiQ0FTisaqQRnvoxwFGomG9BW0pciM1HgD8z1ON0NVDeqYtxvrF3ksxR0070KkHkW7BNnrJslW3bcCYbjXZpg_tKchH8viBDxCWtIbHYlCnFH43_BjTwQS1kj5a7ekBaK7Z0jvSqjfHZYO5XzCrId1LqjN4rYruPtHTBPFsCUm6RCYYufbWKfXbra1J291efoQCnk7mvo43wiLz_CIb9G4jq0lJambY-iFp3VNlyBW3z1MsmEDOlxhdkc4rxBHuvR8fwN_6uycy27Tj3hzKz2stCxazElgrPnMTI6slFlCkrSO2PdxUxcTSeKetStY6bgIew5myWG7UURfZvImO0wahqtTmrtOvlsNlkFemOCyeqAddTUGkjwiBqevcBoXoCKRWAZ7UvHdkXoLRR5Hek60sMj5dxGmAw2ntme930VTJiuSq96b3rExFSsowFJiSEh9JCZx8xCChhRTf3Xzp840Njs7y1rYkPgIb7Mb8Y2GGL5k7Lqi3iZa-rfSdTiqCLrhAMz-tOv8JcuA&cid=CAQSPABpAlJWsaxQw0DE864h7aSm2baS_PH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE-1xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=14302820663279220000&adk=3690638929&idt=533&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:57:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
4724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:57:50 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E009 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLZOqcrX9xEclxF-9iZi25XOXDa3XogR2MzunTqxsFOoMVpKt0X5RpkUO4i9EAZldwvbZtUNIIzYFR3TCQyXaHgvScc80u-1vpc4I9dVIReoA6IlMX8ZtI9j9cG_iYExcXKMcmZbAzNxks5pkEkwIYP5JSIFfD_O3b_FOcDfv8bpFv2Bc&cry=1&dbm_d=AKAmf-D1YSV6jcwqGWwkqheLAe_8stjxyvXOBMDbLsk4HU7F80EtmqFXxTWWN8RkVkqnwgQhHL2o4l9Thd4Fe60hYKev9upRuwdL9kMAvSfBrtNQV16Eb0RCvHMWqm3FHKxr4xyHkRrkmmAQ3QbN_tPzA4yqfE3CRJyuLFaS08lEGFsMDA-FsC83fQrVLfvSFLmMLmG86GuOcLOGSniFVdHGg9NDklBnQOWwFNxfGd69KdfUlw_9eSbOjB5jBjvKA30BvEHPNBusk0jaxSAINpmnCgZ3cbjlHrXX2ADvt_ju2WBaouwrS8kicsq8WgvcwYtg-hWi4msD7PXp5nhNvu2gcZ7TUqQ0K_69NxWEAjr7zTaNxWC_UjpIDZTmYwoRVdJwJOpyzVQ3tCh5073aoAVounHUPLFzzoEGRnwNu0b5SDT4_BVWWFR7Dj1myImfQUH5V-d0T_77dm63Beh3h6MnSLcRYh9gNFDh1-5ofsrhY4YRt2vxSd_MDk056mHXNXF-NZzo34vhPOgbDmtrBApbKluNhknWjW0CjoofNbOfdWYH6Txe3c0Dc-1IbXi_SXmS6tPfOApUdeqvy1gdEy47YA1ZtF9uE8ws2I1rGUazOULZlx1o7MpAYUk1shOedEX7OgBYIxmc457l9LfX49p5P-SZAausKxGT7vYw1HQQ1z89Uy8pKvBBPv7r_iQ8GlUFeyFm-5mC5QHDmLjdIFP-43-yPyPQlNB07wWI6IdCc8YA2fFWknJrbburTdDEBnR3Pn1ZuekkabED3CZLAyfJZG5IuF5m2GGaUX2LnFa4nrmtryckTx-G7dgzF9g5FhkeeZtZ8h9yJNdjFKf8Z-UVDY_n-uq8-_qmSkL9ppyfKOJLb-e-x2sDNos9OPU_GufwAf9lejQ4qHziHysQ_uldbtSDPOiv0wxADZNmTNgYwvuQAvuS9GOeafmSy46gQb8rHxlxTmMAl9lIFP9tSoCJhzw2UrOGyOCmgkvkNfuk3QFOdJi1wKBuPfMTMP5heTF4XBr57HOJInW9SMejUTcrQnhWiOokoYFKM0tKwWBTIm7pItEZKTcALN2cXkDSgiwTo4i6SBjKbGnA_USbBSToPBTdd-NjQo5fiPD8I_BQQ2Qhuos4W88XWgYfCFX6AofYkAB2yyN_h6zC8Y1fumTJvjLVk-OcA5cgRW_7xKu5kMvZ4xGeHTBEuKbRm2X6pnpxCQkc7AcMMTsGvmGOqHfL8F08Kltc6HRzqaUkRd_jAtJZLFu1NDTyt-O6UJHnInDAKsoUJMr327J26B8VCXST9f2xhPlCJ53V2FSoIVn7rZbROKJcSCOsAxb_MnJa4ELhISimq9Z3xKaVOmVRGU9OqYsx16zNlrx8k8uOHypGFirg15lCN946xWgeRJ93jlz0FePyYR1xDPR9gREmNL6YWTqTL7CdBOG4xjcVrTaCmXi9NaI6h3_j2ZjtlPC9sr1cXn25u7i4Wt8lU_X5GNbtxK0z91QjlvUXAVmv55KDcYC3IB5d3MqYtaE4YnLFwPup9cmIyqgUhp4PQiuds9NMUz3DXv0-ayEwBAC8OwM9MY04iraivHKPeBhfatGWTT5V_LRA5AKeS4nBqcOy2HrLktuVwnmY9eTuWv61dfH5ekFDwgc9-1Y2T0TgVMmjWA4VwyCcSfHzT8HCcfA98gxR4qCGD6ewB__JPFi8kljwjVHEz9b7h-Ez6YfuyBn16mJS1sDpWQBmUk5UFwaA5Wm2mdkJfdFX-4j98TCsjKWy5TCovqkQPYQzNeAIOtgKTKgHpwG3dB8C38BZRt97TKuvZjGti-tllY4kWOVogQKrWIQXb38dqraaKU1uYJPX9L52hDw4mSpIvEL3R9wKBUgr2h9H_E83Z4CiDFMIiYsxMYLbzjCKMCBsaMJ0B1SOWzslOlklw6XhUCKjEXbK6gRVv76nJE8j9Xwswv_zHwZ8lBh8eRPsXtb2yr5h7XpnWKXxsA0_hzoFHrM1mumvVrl2jtAsEDGvp6U4dt0u3lLYTlrFYbRgJMw175oI9aw3msNfGhQ-p9kLV1cmNdai_7azAwoLgrxcqn3F1C2eb32jA4MpUdeqSEviUFHo2Hq0faV9RA3RFp5n9k8huSXwgGLMrZj7TpJ4Z9_Ubv4iOw_z8NUeKPvFIS_THpzurOkEi0bjMW_k36ra7IZPyGM1gjDWTn7SyNhp7xbs74VkSXVKEGWqAgOb-wQR2S5ci-AVwRWIPUy7bwhE3eI3EYNaIWsA2Rki83-KspwC_xws0ZPk1p3fa_y-yep7ds_mQu82evjVk-9pav-IBjjKTtgYqn4Jug0TQy2RPVukx5Pat8yXjeUVPEMiGH_rMJoZYiqGA2FIOQY6bRgbcmdUxyf3jLXSiebXPrF0J9TBViQu8jXbDQsyh2JqlKZe7H_GueVXeQkyAs7EnHFwsxci629gxcwAXbOvlkX9YEpLMDyQGrTYKqv1YynzAuIpmeJQ_3JSFoFeS0yy18jUkwHEk1cicbCbBcK6pPGBI6a6SWQqSkmBFy-dBx7VsDfZlHAg9wdP6v9b0SfWuMfmQUSXzYlEKvdZuAVrNkB0RdmEEkQRAwib6KsE3WdJTbtSXeQOvOK7QrJ-YnSWgyybCPisZ_652CIQVofckgu-WeVirnlMWWRKZBZgb1VM9UinZX5BEpYF7KFnJmWegLrYDEAblorSanCRuOGPZ-XRzznQW4fUH-2W75F87YvpIa7JmD_7PCdR0GaXqVSaah4U3dgtzAxUN7SgsvSaCM4AIx9dv0WEwXZolc-EAqhWx3X6xde4S4fFfk50ml-DGfIj9Ma-p5diDJdl0pnOds0ME-zPRjk03sduZqZxEC4AZIf3GXQ_7WGy5xJLxS6VUCZqjwufn2GF3rZeko_xghw-0cM7giYngMcHVQyW7JTvqoCv6x3hAjPQCSE4_yisd6cYd6MnIGBqqGctoLpNjJX7uitIUZX-ZkbsR2aHtUhV2S66IUcsUlftWUxveoxnLFAk_zwGk8Sy1PcHoO2Wkbn-FoAiyGOt78OrgyxQKzFyQ1RfjgGEUzJlSVRrO4fNdQW7Wk2LxtI0pIQt--CyBSscjDvV4md0_lBVCQsvQfjaKyDgO98HfLD0GA5zctCx5ZM7vmOmZvshm4ER4uUtjjEreElbmv6R7yObbekPZqhc_gJ5X9OMPIZSngh94ZT3mF6U9YCRvIrCaFhOirS--D0I-BfLsxqNc9v-mu9iwXtt_wsLt8EgRRli9O5FAgF-TSMNZBlL0v-f1XyxCAh0S6lM_58nAhrpDIg3pdYhMh55pWewH-LoW8ce5U_dPESbCn0Wtsa_aVoQayKZjn0MibWPxh0-P2ykoJiQ0FTisaqQRnvoxwFGomG9BW0pciM1HgD8z1ON0NVDeqYtxvrF3ksxR0070KkHkW7BNnrJslW3bcCYbjXZpg_tKchH8viBDxCWtIbHYlCnFH43_BjTwQS1kj5a7ekBaK7Z0jvSqjfHZYO5XzCrId1LqjN4rYruPtHTBPFsCUm6RCYYufbWKfXbra1J291efoQCnk7mvo43wiLz_CIb9G4jq0lJambY-iFp3VNlyBW3z1MsmEDOlxhdkc4rxBHuvR8fwN_6uycy27Tj3hzKz2stCxazElgrPnMTI6slFlCkrSO2PdxUxcTSeKetStY6bgIew5myWG7UURfZvImO0wahqtTmrtOvlsNlkFemOCyeqAddTUGkjwiBqevcBoXoCKRWAZ7UvHdkXoLRR5Hek60sMj5dxGmAw2ntme930VTJiuSq96b3rExFSsowFJiSEh9JCZx8xCChhRTf3Xzp840Njs7y1rYkPgIb7Mb8Y2GGL5k7Lqi3iZa-rfSdTiqCLrhAMz-tOv8JcuA&cid=CAQSPABpAlJWsaxQw0DE864h7aSm2baS_PH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE-1xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=14302820663279220000&adk=3690638929&idt=533&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
39246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:22:28 GMT
banner
ad4.adfarm1.adition.com/ Frame E009 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1487579070&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPYHXUKP0ZIPzKpaPgAeK75GoAq3wpd5yn57osYgR2rbi75o4EAEguoTAM2D1hYCA3ATIAQmpApgq7ZfxFbI%2DqAMByAObBKoEjgJP0EgHi9XSX1D%5FdsAhBwclnD5tl7YtsE1AwcWmfuUy0paizrw0hI7vxXeVVaDiSv9OA104d75GMmzE5f9vCmacsCzYQxpqNQ1co0mRFZ7UFFCesBSWi4Gres53p%5FXi0Z%5FcICFnudn79BmbCk1YW15%2DbdXqwpelsYa3UvF1kDNa3MHh3BXLU1%5Fcsc8YJ849uKZ6W%5F3y5kQSJezbwgsA7XVTs5QcQifdVuq%5FYYK8VYXP2nJjlAoIfVyQLw5FYcPyi%2D3%2D7scUrtfYz2kTu23eoFTByB37S2H6y4Ka3k3cpVLy6vh9VeuOOZois2sO3sIZYnNUNUS2YIJNFjhrytWywU%5FHtrlgs9TBSIu%5FBZqUJ0%5FABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWsaxQw0DE864h7aSm2baS%5FPH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE%2D1xgB%26sig%3DAOD64%5F0pIWoNQ2zcjaPScDPAnJmGkxeaEg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCj3eb1AYz%2DIbHSr01ipLive8MDohGv3BbbCo4WCXgva35vo%2DfU5%2D4sT9wqGwCAxKTfXsn3ht5rCbgyeNcf3EEveH3sMXL0pVLFUOZ1bnVSEqVtOg9Vh3moTetF%2D%2DdLlekJrw4M%5FZUdIUgt%5Fahoaw50arN0ZD40zxvUcg%5FZGVzvU%2DlpVuU%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCC%5FEw3eCpLC9VyUxZr4FQOExocX1%2DDl0O4gU8lDs7rXSpoiP3M2lIOT6YSQ6bX9%5FXNqz%5F8TAcwQ%5FquscX6YtAgQ5KL47DI1txzYHwTj7YS9nX%2DvQjiCMWzfdCr0WxulwbGDw5e%2DMeWFf1YBTy%2D07ZLUjcq4mhnCGMvb0sqS5nDSqjEnJWlULiFUHSxJHIk2y1maZWDJqCbISLfoIWeWcxumrMEEWwWMk3dqnGDpElwFJWpgPW8MUSlRP5vezNv2pB2SV2%5FzZGM2nPGdedQrt%2DHbN1L%2DJ4O%5FebNj%2DwMXGueroOxVnwjgSORj31jYYAEreC96bTm15Cv93BQv2J840pHawD4YjbN47Pfakb9mNU%2DHVYiYaj4343MckoB4bfuOBAfNaVw70hWnf8t5iPT36yaXIVGAuK22ULGEMdtsZ6b0UXLIO9BjBLwtym%5FC8rquFO%2D9Yp%5FGzIPVJnZmnRKLbn%5FoeQ%2Dl7t4pcjKTrBrhZ43NJOdDdeOUUxIRAd8BwzUn1Ejq%5Fonsp8CpDw29%2D01Zmlldz0n5vaukKFsraCZ27PSYPm6WMoZlloGMSvvjh3Pl3iuJpCNT0AcXHK8rSABYDeh124E%2DfrLyX84halx1OAM1YqMXUiYCDXsgIMYlWWdWYjnywGdoHM3brynDxW%2D%2DTv97GaJzSR%5FZyizvJ0LmuJSuD%5FQI1o%26adurl%3D&gclid=EAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%5FBwE
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787111&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CPYHXUKP0ZIPzKpaPgAeK75GoAq3wpd5yn57osYgR2rbi75o4EAEguoTAM2D1hYCA3ATIAQmpApgq7ZfxFbI-qAMByAObBKoEjgJP0EgHi9XSX1D_dsAhBwclnD5tl7YtsE1AwcWmfuUy0paizrw0hI7vxXeVVaDiSv9OA104d75GMmzE5f9vCmacsCzYQxpqNQ1co0mRFZ7UFFCesBSWi4Gres53p_Xi0Z_cICFnudn79BmbCk1YW15-bdXqwpelsYa3UvF1kDNa3MHh3BXLU1_csc8YJ849uKZ6W_3y5kQSJezbwgsA7XVTs5QcQifdVuq_YYK8VYXP2nJjlAoIfVyQLw5FYcPyi-3-7scUrtfYz2kTu23eoFTByB37S2H6y4Ka3k3cpVLy6vh9VeuOOZois2sO3sIZYnNUNUS2YIJNFjhrytWywU_Htrlgs9TBSIu_BZqUJ0_ABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE&ae=1&gclid=EAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD_BwE&num=1&cid=CAQSPABpAlJWsaxQw0DE864h7aSm2baS_PH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE-1xgB&sig=AOD64_0pIWoNQ2zcjaPScDPAnJmGkxeaEg&client=ca-pub-8933329999391104&dbm_c=AKAmf-Cj3eb1AYz-IbHSr01ipLive8MDohGv3BbbCo4WCXgva35vo-fU5-4sT9wqGwCAxKTfXsn3ht5rCbgyeNcf3EEveH3sMXL0pVLFUOZ1bnVSEqVtOg9Vh3moTetF--dLlekJrw4M_ZUdIUgt_ahoaw50arN0ZD40zxvUcg_ZGVzvU-lpVuU&cry=1&dbm_d=AKAmf-CC_Ew3eCpLC9VyUxZr4FQOExocX1-Dl0O4gU8lDs7rXSpoiP3M2lIOT6YSQ6bX9_XNqz_8TAcwQ_quscX6YtAgQ5KL47DI1txzYHwTj7YS9nX-vQjiCMWzfdCr0WxulwbGDw5e-MeWFf1YBTy-07ZLUjcq4mhnCGMvb0sqS5nDSqjEnJWlULiFUHSxJHIk2y1maZWDJqCbISLfoIWeWcxumrMEEWwWMk3dqnGDpElwFJWpgPW8MUSlRP5vezNv2pB2SV2_zZGM2nPGdedQrt-HbN1L-J4O_ebNj-wMXGueroOxVnwjgSORj31jYYAEreC96bTm15Cv93BQv2J840pHawD4YjbN47Pfakb9mNU-HVYiYaj4343MckoB4bfuOBAfNaVw70hWnf8t5iPT36yaXIVGAuK22ULGEMdtsZ6b0UXLIO9BjBLwtym_C8rquFO-9Yp_GzIPVJnZmnRKLbn_oeQ-l7t4pcjKTrBrhZ43NJOdDdeOUUxIRAd8BwzUn1Ejq_onsp8CpDw29-01Zmlldz0n5vaukKFsraCZ27PSYPm6WMoZlloGMSvvjh3Pl3iuJpCNT0AcXHK8rSABYDeh124E-frLyX84halx1OAM1YqMXUiYCDXsgIMYlWWdWYjnywGdoHM3brynDxW--Tv97GaJzSR_ZyizvJ0LmuJSuD_QI1o&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
07c8b04b58fbc866a8a881fb3cf05c5c5549c85c6441adac3e9c947c834459ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 17:16:34 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqYo5UKP0ZITzKpaPgAeK75GoAuOwq5Vu9s_4jekQw56y0esBEAEguoTAM2D1hYCA3ASgAc671dIDyAEJqQKlwlt7P_SyPuACAKgDAcgDywSqBPACT9B9_z04VIPS5qbEJzkWOWkzQtAtvG9GffC6OwO-RrajJcq0LUsfry7hQTx7UUFusJi7_EBT6AAcTciaxu4bHU_UV-KtfHiJN3YxsOyQUpMyKb_Gaq0CWCoO2bRArKNIvko2_RbYLyp_hiupKdS_kjTjOYI0nbtE0OFKj4UYRoPGYPkYTldr3N_30cQj8PGfZRMcj4uRKg__Y3ylkJrASkdPKDcpmeUjz9fb6jKaSRH9THjlJB7DiGdkJhu3SQMiBh0WDVQ1inrhWxhC-FF6IdFx4OfnZ-mvuSa8kUJeSmcSaMMFwAZXbaFEWWd6zpFnpUwKk0fTJrwfy8DCk7zCz2X3algmnODKRvamtRHkw9SUSDmY9d15tbuD_FlDil6IY6FvJ-njaSP66wvIK53yr0tnj4rj5xIPga9XxyFYyrQX9RDc0Oybu_fL8ta1NIkVuohjHEQNE1rHSFuEaw6VYPUzoXUx7Cr_4HsYw90spZ_ABNLV2JaaBOAEAYgFm5zvqEiSBQQIBBgBkgUECAUYBKAGLoAHrKXVNKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOW5BdIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwmgk6aHR0cHM6Ly93d3cub3JlbGxmdWVzc2xpLmNoLz9Qcm92SUQ9MTA5MTc3NDYmZ2Nsc3JjPWF3LmRzJoAKA8gLAZgMq_65pZ4E2gwRCgsQwOOa5Pj87J_jARICAQO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=DtO_ytlTJls&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWsaxQw0DE864h7aSm2baS_PH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE-1xgB&template_id=515&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 3C7A
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CqYo5UKP0ZITzKpaPgAeK75GoAuOwq5Vu9s_4jekQw56y0esBEAEguoTAM2D1hYCA3ASgAc671dIDyAEJqQKlwlt7P_SyPuACAKgDAcgDywSqBPACT9B9_z04VIPS5qbEJzkWOWkzQtAt...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb8148254eb40af3f0000000000000000%22,%222%22:%220xd2e172846a26243f0000000000000000%22,%223%22:%220x51ea06...
0
0
request.php
hal900020.redintelligence.net/ Frame 2708
Redirect Chain
  • https://hal900020.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a6e70a2387&subid=&uid=6a0bba86d6f94e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900020.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a6e70a2387&subid=&uid=6a0bba86d6f94e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900020.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a6e70a2387&subid=&uid=6a0bba86d6f94e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC2uHUKP0ZKH8KrCyvcAP_L-N4AKRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCA3ATIAQmpApgq7ZfxFbI-qAMByAObBKoEigJP0LviAm4-swriZ8q-khzQmok0Iw9F1Ef0AaTfOwiNs34PPvlyeDZ0FxFac0OzfwGu4Am0-uWIhNwHl7D5FJmG96uGaDFJCdNOQtuZpLq-7Y4JQtxT4VDbhhGDyxcHqyQdgep4F2qBNo5unweNSAAq0keTm45d3fEQjdSpzG03lONW9E-29VY9ApJ3hhOZBoyIqoI6uM_R9kQoi1Lb52a6VDtxV86fkq5_goXxWSdQmU3Owchv_ankntwxcwhifiCH6m-iUx7r4HRm5MVNLWG7hjlgbb10mhV9uJfgqnwG1juLrB1RQjsTY6dlZk66y73yFoS4Z5cmLzh2MNP35G00Vc6lRnCLRLDgB8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIoeT4h96OgQMVMFkPAh38XwMsEAEYASAAEgKtZvD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWKwWS-BGVZTcubZdTpqz9eySVoKl6VJezz32pUK3g0NhZ7-vdGAE%26sig%3DAOD64_2VRZnuq8iGBuF8up1NnDFtZW_Scg%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-AWbd6ElTCn7DnV7BeIH1xt2CXAaFNWTSr4BemF_4D1byOcxornWNQZIGdKxzJ9MBoE4n8y-Rz_8JgYA56zVKAbdjiGmBKKsbIIHOLjoeQtY9Cr2aiJvxER85ZndFF_Jd6cji2IM7pwuG0QRddBcTiSfkZZIrsgnJSAx0uanHaWmk7cmIU%26cry%3D1%26dbm_d%3DAKAmf-CKd_91LV8KfBG2YhLpkAda-vv4oEAwWuyGQsMlGpAsu564YVgXmnIK87eH861MfcLjAelozbkqjr-plcZbHIYcX5KRpTfX4aY65pzbJG2maeY8wAPSJdC8KjH916-P45I7NqOvKRIn4n5Zzodbmox7aPPITnrWjQhdSqpaZoMozEN79a-XbwA-FhNVjgNlbB51Ke0rqtfSS4rFgzKG4C739HA795T-I2jX_Oci2ZGUqS7p2tc15kxgp6h0CF35AwfAHqP_3cjyZXfRVG9a02YfOekD6DT7KJBSF7HvMtLVAHLfkBuV7BBvetXneCGM-x3L4HvYQa9luu5fqCbhRM5PzvLcLT0SQqssHrpwAQ-nlhwW88lPzxgv940fYg4MIqbMT6LhEkNg5JtLdjMhpTtn6TJ0PaVOk61180b7dtLjT3l7FlmGPgnvrizq-0kI9tgIZuoxOwnjZWXivhrraJnjW8J61a7GtkWOjt50kUePwszZplXEJJBfWz7Rd_A5Pj6TczRDKilzYMuTqlV8hFavLpIqDeTYf3cPRE9va6xZDRv1SwFgokXBVS9KbE9a3G6vly5fCXm7VPTLg0eA89afrJXZK6nJIwWXn37njSTbQJuhBDLQzAAIkekHWiWz2BzkEYGw_oCS4gAiJWnkU2WFrXA3ADxP5npSOnW4qlIfo9vcciw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=5778715999391&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
HTTP/1.1
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
5c7e7b7d8cf33137b90c47a2e6fd7cc683efa84aff87113050c3e3f619573cbb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
48048000099369204438458012436020
Connection
close
Content-Length
801
Expires
Sun, 03 Sep 2023 16:16:36 +0200

Redirect headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=a6e70a2387&subid=&uid=6a0bba86d6f94e2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCC2uHUKP0ZKH8KrCyvcAP_L-N4AKRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCA3ATIAQmpApgq7ZfxFbI-qAMByAObBKoEigJP0LviAm4-swriZ8q-khzQmok0Iw9F1Ef0AaTfOwiNs34PPvlyeDZ0FxFac0OzfwGu4Am0-uWIhNwHl7D5FJmG96uGaDFJCdNOQtuZpLq-7Y4JQtxT4VDbhhGDyxcHqyQdgep4F2qBNo5unweNSAAq0keTm45d3fEQjdSpzG03lONW9E-29VY9ApJ3hhOZBoyIqoI6uM_R9kQoi1Lb52a6VDtxV86fkq5_goXxWSdQmU3Owchv_ankntwxcwhifiCH6m-iUx7r4HRm5MVNLWG7hjlgbb10mhV9uJfgqnwG1juLrB1RQjsTY6dlZk66y73yFoS4Z5cmLzh2MNP35G00Vc6lRnCLRLDgB8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIoeT4h96OgQMVMFkPAh38XwMsEAEYASAAEgKtZvD_BwE%26num%3D1%26cid%3DCAQSKQBpAlJWKwWS-BGVZTcubZdTpqz9eySVoKl6VJezz32pUK3g0NhZ7-vdGAE%26sig%3DAOD64_2VRZnuq8iGBuF8up1NnDFtZW_Scg%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-AWbd6ElTCn7DnV7BeIH1xt2CXAaFNWTSr4BemF_4D1byOcxornWNQZIGdKxzJ9MBoE4n8y-Rz_8JgYA56zVKAbdjiGmBKKsbIIHOLjoeQtY9Cr2aiJvxER85ZndFF_Jd6cji2IM7pwuG0QRddBcTiSfkZZIrsgnJSAx0uanHaWmk7cmIU%26cry%3D1%26dbm_d%3DAKAmf-CKd_91LV8KfBG2YhLpkAda-vv4oEAwWuyGQsMlGpAsu564YVgXmnIK87eH861MfcLjAelozbkqjr-plcZbHIYcX5KRpTfX4aY65pzbJG2maeY8wAPSJdC8KjH916-P45I7NqOvKRIn4n5Zzodbmox7aPPITnrWjQhdSqpaZoMozEN79a-XbwA-FhNVjgNlbB51Ke0rqtfSS4rFgzKG4C739HA795T-I2jX_Oci2ZGUqS7p2tc15kxgp6h0CF35AwfAHqP_3cjyZXfRVG9a02YfOekD6DT7KJBSF7HvMtLVAHLfkBuV7BBvetXneCGM-x3L4HvYQa9luu5fqCbhRM5PzvLcLT0SQqssHrpwAQ-nlhwW88lPzxgv940fYg4MIqbMT6LhEkNg5JtLdjMhpTtn6TJ0PaVOk61180b7dtLjT3l7FlmGPgnvrizq-0kI9tgIZuoxOwnjZWXivhrraJnjW8J61a7GtkWOjt50kUePwszZplXEJJBfWz7Rd_A5Pj6TczRDKilzYMuTqlV8hFavLpIqDeTYf3cPRE9va6xZDRv1SwFgokXBVS9KbE9a3G6vly5fCXm7VPTLg0eA89afrJXZK6nJIwWXn37njSTbQJuhBDLQzAAIkekHWiWz2BzkEYGw_oCS4gAiJWnkU2WFrXA3ADxP5npSOnW4qlIfo9vcciw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=5778715999391&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sun, 03 Sep 2023 16:16:35 +0200
usync.js
eus.rubiconproject.com/ Frame 620D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8ca9d9dd450d8fa63c3f8cc9679e166d928d58f84752e9bc01931bad4bff4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:34 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 03:53:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45398
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 03:53:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 597B 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk0IvUaP0ZPTJMeS6x_APpNKI8AcAAAAAOAHgBAI&bg=!goGlgc7NAAYHwnCgJ8I7ADQBe5WfOPPKgw4OWcZ_-aKm4Ko7Rp4HRl2x7vIA-QlaDglSHJu9me9y-zpvMNocjaZb2LR8AgAAAE5SAAAABWgBBwoAah4CHRIBbdrqexWozEZNEbooEoypX_VS6XYuHFqFpqz4OHhI2CcqqgW-TCfo29awLgBxD_JV-11lmHCqoFDD04RBQVEu7o3kImidfjz-Xvv5kY9vWPj8dNk6kOzsWfIyLckpQT7lwgoOgKqZAvHwRNqQQ5WfdvrWeJ4xO8bUTOnrBVXaOsy7plBH5pp6YyhbeLbGA7UMjFVhLsWva3w0DjduIhw_D-NZSQWtqtsBi2k_0P8Q41hxeH4PUQ5x-cvCy0JCMlTrNHYpY8jWav0Ta052Ow6KfKHhCb2FcHe6mBRuoaIati7bQIYktze7PJlSuB_E7c6kuU3Zlo6Szi9l82K1DLa_U8acZFkP9qtNIWdakWtKnfKNLk298pvm0RwLjBLw-m1Rcn1AhuoKnKkYbe3HAHBRseBK5XOUOKPirad22DB4YvvQdthfw0IFYrX8fu9KwgM-kpydy3pHRy4Dkp_pbMsx6KDWmJHz9xJnMz8z_qZAewbLG_-t0G9Whv-lpFpCWDkNZ8BPEgpFVX6cVEjPbsoodNxc0QFiT6OgHRtiqmFBnMuOcK8jYuoLHga5-f8aGxZW97qYHoMiHbXkzABTqwswKAxXBGNP1I06-MRJgN3k4grPbYQRtdf_-ZFj_qH_s2SLCyl6EN1FIaX2UY3twIjA62Bw2O08-CKVmSoAPZU9dyPm3uJowvZZtxvB5FQOTVZ4SBUPMni70OCOY9ElIZWgskBBDEYvfIy7oAWndpH2IvpNAWxQJwsZZWU1fEIKvEwRwoAfnTVD7hxJTe3Lnewt_76Lkq1e_kurX-797PF0Dj0zEbI4I7WdrheIzeraOGVrW05PfIhZ7mxE_pr5olXlwPo-YfYy83A1is8bMSJqSEK4nkypGeqj_gG_bGn_tGrjpDyenf99Jdnu5oRgx9Lty4rf0JzUbwBtX8QcCSmbx9tKDnQZsyXy4i6ZKxNw-Zhg4lqAyBdxP8IEGd5oPa3Rz_gH6kYiVmKU4Psrx7xuWSIeKK03wr9azcwqVQmfrDGPR7YKzsTUMum2c1evlFJU2GVcQthCuud3vhn2gP8cHb5xCSrc2eWD9Fj-lkhidjMqrHpD0L0S4DMNUxFZomkffPy_nf2yMBJoyPu8CtM2nZygCqxJyGFZ6Oc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 9B11 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1caf1b5af4a79a67413b348e9dbcac3f4e83a1f7d62c6a5c29bd3aedec8954fa

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKoHp2J7FuQfFNr3gBpgGye7m8BA7lnutKtYgOwJ21l89hvFgd90znFmehTE8mU3xSZdcqiW1i1asuAQ26T%2BIV%2Bq1T31DI%2FlSDavqA7GPlW%2FrCedQhGmyc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cf-ray
800ef46d4e491c93-AMS
x-backend-server
aa-reachservice-group-europe-west1-2602
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.bg3.co
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
800ef46c6cf51c93-AMS
content-length
24
content-type
text/plain
date
Sun, 03 Sep 2023 15:16:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFljz85mkzcXcKGMemmbSavFslpKOLMYNQFodGwhReqBcQQ7rRiJ6hskm6%2BtbHScNKmzF4QjDzu1oOrWbOx%2BXRdJjIazjc9jdWh44hjTqsQqBF9jyyV6puw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-zsmf
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 651E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
20815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 09:29:40 GMT
expires
Mon, 02 Sep 2024 09:29:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
ad2.adfarm1.adition.com/ Frame E009 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7274618870703131658&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPYHXUKP0ZIPzKpaPgAeK75GoAq3wpd5yn57osYgR2rbi75o4EAEguoTAM2D1hYCA3ATIAQmpApgq7ZfxFbI%2DqAMByAObBKoEjgJP0EgHi9XSX1D%5FdsAhBwclnD5tl7YtsE1AwcWmfuUy0paizrw0hI7vxXeVVaDiSv9OA104d75GMmzE5f9vCmacsCzYQxpqNQ1co0mRFZ7UFFCesBSWi4Gres53p%5FXi0Z%5FcICFnudn79BmbCk1YW15%2DbdXqwpelsYa3UvF1kDNa3MHh3BXLU1%5Fcsc8YJ849uKZ6W%5F3y5kQSJezbwgsA7XVTs5QcQifdVuq%5FYYK8VYXP2nJjlAoIfVyQLw5FYcPyi%2D3%2D7scUrtfYz2kTu23eoFTByB37S2H6y4Ka3k3cpVLy6vh9VeuOOZois2sO3sIZYnNUNUS2YIJNFjhrytWywU%5FHtrlgs9TBSIu%5FBZqUJ0%5FABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWsaxQw0DE864h7aSm2baS%5FPH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE%2D1xgB%26sig%3DAOD64%5F0pIWoNQ2zcjaPScDPAnJmGkxeaEg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCj3eb1AYz%2DIbHSr01ipLive8MDohGv3BbbCo4WCXgva35vo%2DfU5%2D4sT9wqGwCAxKTfXsn3ht5rCbgyeNcf3EEveH3sMXL0pVLFUOZ1bnVSEqVtOg9Vh3moTetF%2D%2DdLlekJrw4M%5FZUdIUgt%5Fahoaw50arN0ZD40zxvUcg%5FZGVzvU%2DlpVuU%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCC%5FEw3eCpLC9VyUxZr4FQOExocX1%2DDl0O4gU8lDs7rXSpoiP3M2lIOT6YSQ6bX9%5FXNqz%5F8TAcwQ%5FquscX6YtAgQ5KL47DI1txzYHwTj7YS9nX%2DvQjiCMWzfdCr0WxulwbGDw5e%2DMeWFf1YBTy%2D07ZLUjcq4mhnCGMvb0sqS5nDSqjEnJWlULiFUHSxJHIk2y1maZWDJqCbISLfoIWeWcxumrMEEWwWMk3dqnGDpElwFJWpgPW8MUSlRP5vezNv2pB2SV2%5FzZGM2nPGdedQrt%2DHbN1L%2DJ4O%5FebNj%2DwMXGueroOxVnwjgSORj31jYYAEreC96bTm15Cv93BQv2J840pHawD4YjbN47Pfakb9mNU%2DHVYiYaj4343MckoB4bfuOBAfNaVw70hWnf8t5iPT36yaXIVGAuK22ULGEMdtsZ6b0UXLIO9BjBLwtym%5FC8rquFO%2D9Yp%5FGzIPVJnZmnRKLbn%5FoeQ%2Dl7t4pcjKTrBrhZ43NJOdDdeOUUxIRAd8BwzUn1Ejq%5Fonsp8CpDw29%2D01Zmlldz0n5vaukKFsraCZ27PSYPm6WMoZlloGMSvvjh3Pl3iuJpCNT0AcXHK8rSABYDeh124E%2DfrLyX84halx1OAM1YqMXUiYCDXsgIMYlWWdWYjnywGdoHM3brynDxW%2D%2DTv97GaJzSR%5FZyizvJ0LmuJSuD%5FQI1o%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274618870703131658%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274618866413865994%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D31267%2526keyword%253D%2526gclid%253DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%5FBwE
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787111&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1487579070&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPYHXUKP0ZIPzKpaPgAeK75GoAq3wpd5yn57osYgR2rbi75o4EAEguoTAM2D1hYCA3ATIAQmpApgq7ZfxFbI%2DqAMByAObBKoEjgJP0EgHi9XSX1D%5FdsAhBwclnD5tl7YtsE1AwcWmfuUy0paizrw0hI7vxXeVVaDiSv9OA104d75GMmzE5f9vCmacsCzYQxpqNQ1co0mRFZ7UFFCesBSWi4Gres53p%5FXi0Z%5FcICFnudn79BmbCk1YW15%2DbdXqwpelsYa3UvF1kDNa3MHh3BXLU1%5Fcsc8YJ849uKZ6W%5F3y5kQSJezbwgsA7XVTs5QcQifdVuq%5FYYK8VYXP2nJjlAoIfVyQLw5FYcPyi%2D3%2D7scUrtfYz2kTu23eoFTByB37S2H6y4Ka3k3cpVLy6vh9VeuOOZois2sO3sIZYnNUNUS2YIJNFjhrytWywU%5FHtrlgs9TBSIu%5FBZqUJ0%5FABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWsaxQw0DE864h7aSm2baS%5FPH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE%2D1xgB%26sig%3DAOD64%5F0pIWoNQ2zcjaPScDPAnJmGkxeaEg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCj3eb1AYz%2DIbHSr01ipLive8MDohGv3BbbCo4WCXgva35vo%2DfU5%2D4sT9wqGwCAxKTfXsn3ht5rCbgyeNcf3EEveH3sMXL0pVLFUOZ1bnVSEqVtOg9Vh3moTetF%2D%2DdLlekJrw4M%5FZUdIUgt%5Fahoaw50arN0ZD40zxvUcg%5FZGVzvU%2DlpVuU%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCC%5FEw3eCpLC9VyUxZr4FQOExocX1%2DDl0O4gU8lDs7rXSpoiP3M2lIOT6YSQ6bX9%5FXNqz%5F8TAcwQ%5FquscX6YtAgQ5KL47DI1txzYHwTj7YS9nX%2DvQjiCMWzfdCr0WxulwbGDw5e%2DMeWFf1YBTy%2D07ZLUjcq4mhnCGMvb0sqS5nDSqjEnJWlULiFUHSxJHIk2y1maZWDJqCbISLfoIWeWcxumrMEEWwWMk3dqnGDpElwFJWpgPW8MUSlRP5vezNv2pB2SV2%5FzZGM2nPGdedQrt%2DHbN1L%2DJ4O%5FebNj%2DwMXGueroOxVnwjgSORj31jYYAEreC96bTm15Cv93BQv2J840pHawD4YjbN47Pfakb9mNU%2DHVYiYaj4343MckoB4bfuOBAfNaVw70hWnf8t5iPT36yaXIVGAuK22ULGEMdtsZ6b0UXLIO9BjBLwtym%5FC8rquFO%2D9Yp%5FGzIPVJnZmnRKLbn%5FoeQ%2Dl7t4pcjKTrBrhZ43NJOdDdeOUUxIRAd8BwzUn1Ejq%5Fonsp8CpDw29%2D01Zmlldz0n5vaukKFsraCZ27PSYPm6WMoZlloGMSvvjh3Pl3iuJpCNT0AcXHK8rSABYDeh124E%2DfrLyX84halx1OAM1YqMXUiYCDXsgIMYlWWdWYjnywGdoHM3brynDxW%2D%2DTv97GaJzSR%5FZyizvJ0LmuJSuD%5FQI1o%26adurl%3D&gclid=EAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%5FBwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
55014b9467e874d9f4ede70bee47262e12d2d7b801ed531dca6750d5757524ba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sun, 03 Sep 2023 17:16:35 +0200
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3C1D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8ca9d9dd450d8fa63c3f8cc9679e166d928d58f84752e9bc01931bad4bff4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 03:53:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45397
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 03:53:12 GMT
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame EF98 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
84569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 15:47:06 GMT
ubpvideos
newsbot.unibots.in/get_videos/ 		521 B
693 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://newsbot.unibots.in/get_videos/ubpvideos
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.105.43.230 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-105-43-230.ip.linodeusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 03 Sep 2023 15:16:36 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Length
521
Content-Type
application/json
async_usersync
ib.adnxs.com/ Frame D0E5 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
an-x-request-uuid
22c78269-0aac-44b6-8524-a9379a855a92
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
158.181.111.68; 158.181.111.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?route=IL%3AIL%3AV&lti=rbox-loaf-wtf_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
66
date
Sun, 03 Sep 2023 15:16:35 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64006
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1693754196.500013,VS0,VE66
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=509&cid=1349050420.1693754193&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693754195&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dt=%E8%8E%AB%E5%BE%B7%E7%B4%8D%E5%89%A9%E4%B8%8D%E5%88%B06%E8%90%AC%E5%8A%91%EF%BC%81%E7%AC%AC22%E8%BC%AA%E9%A0%90%E7%B4%84%E4%BB%8A%E5%8D%88%E6%88%AA%E6%AD%A2%20%E7%AC%AC%E4%B8%89%E5%8A%91%E5%89%AF%E4%BD%9C%E7%94%A8%E4%B8%80%E6%AC%A1%E7%9C%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4A12
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPSjUvUhxp3GT8zay8eZTwAAFAcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN5iRXMlM0MUBBeeR8FIBMo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN5iRXMlM0MUBBeeR8FIBMo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN5iRXMlM0MUBBeeR8FIBMo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4A12 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPSjUvUhxp3GT8zay8eZTwAAFAcAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EG4NHA92N6RVAS6JK23G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4A12
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPSjUvUhxp3GT8zay8eZTwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4A12 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum.casalemedia.com/ Frame 4A12
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://x.bidswitch.net/ul_cb/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=2b16aa1b-8be9-45f0-8ed6-b15a3e6a793c&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_a6fa8a8b-ad2d-4231-ae98-e0d9e249883a&bsw_param=2b16aa1b-8be9-45f0-8ed6-b15a3e6a793c&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=&gdpr_consent=&us_privacy=
0
0
rum
dsum-sec.casalemedia.com/ Frame 4A12
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4505906738727153474
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4505906738727153474
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4505906738727153474
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 4A12
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZPSjUvUhxp3GT8zay8eZTwAA%265127&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=ec1e27b8-50b5-4a73-81fd-f2def380c521-tuctbee28d3
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=ec1e27b8-50b5-4a73-81fd-f2def380c521-tuctbee28d3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=ec1e27b8-50b5-4a73-81fd-f2def380c521-tuctbee28d3
date
Sun, 03 Sep 2023 15:16:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38161
crum
dsum-sec.casalemedia.com/ Frame 4A12
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1652886196918596719&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1652886196918596719&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1652886196918596719&gdpr=0&gdpr_consent=
date
Sun, 03 Sep 2023 15:16:35 GMT
content-length
0
sync
ads.servenobid.com/ Frame 4A12 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZPSjUvUhxp3GT8zay8eZTwAAFAcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 27D2 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9070599&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
aaf4793e05329c4b9f0d1f67e76e8a0ad21583f57a68e1d83fbf12b1831c1814

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 68D8
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7379
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yStg5INBKU4tzdXSD6XLDucbVu6RX%2FE9BbrUKQaXU7nnnaUrEMQl7dnlGztLfbscoPn3JbrL%2FpokyOkjAyszt3%2FO5%2FjsQ98vRYGK9fCQbauHPf2gwSaDmYjUBiOyUx7pLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
800ef472ddf70e32-AMS

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
sync
ads.servenobid.com/ Frame 1F87 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=73212786116310196&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame 1F87 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
smart
sync.adotmob.com/cookie/ Frame 1F87 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 1F87
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NzMyMTI3ODYxMTYzMTAxOTY=&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDoc8-ZiLDC9q9Gf-v3jXUw&gdpr=0&gdpr_consent=&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDoc8-ZiLDC9q9Gf-v3jXUw&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDoc8-ZiLDC9q9Gf-v3jXUw&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/universal/ Frame 1F87 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.1.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-1-69.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
usersync
usersync.gumgum.com/ Frame 4D24
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3756744799350472698
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3756744799350472698
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
an-x-request-uuid
5ceded22-ea48-4e32-9b9a-4aee2af8e5a8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=3756744799350472698
x-proxy-origin
158.181.111.68; 158.181.111.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4D24
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9f6850b7-8f2d-4452-8542-74288d6ca8f3&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_9f6850b7-8f2d-4452-8542-74288d6ca8f3&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=6946d306-f0f0-462b-9ba3-85baf71ff09b&ssp=gumgum2&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f
  • https://usersync.gumgum.com/usersync?b=bsw&i=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=&us_privacy=
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 4D24
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28CBwx_e84aYGp15AqaR7bk8C98-bhQyy9jyOQ70aefvzMHJ__VK1PJ8c2-lVcmOyc%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
0
0
usersync
usersync.gumgum.com/ Frame 4D24
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=27efc182-92b0-09ed-3753-3122c4282d5a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=27efc182-92b0-09ed-3753-3122c4282d5a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 03 Sep 2023 15:16:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=27efc182-92b0-09ed-3753-3122c4282d5a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 4D24
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4d1cd756-2393-512d-6b30-4925618e2abe$ip$158.181.111.68
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4d1cd756-2393-512d-6b30-4925618e2abe$ip$158.181.111.68
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-4d1cd756-2393-512d-6b30-4925618e2abe$ip$158.181.111.68
Date
Sun, 03 Sep 2023 15:16:36 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 4D24
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-hJ6fDTJE2pcm70wvAu_OcG_norvKRX23N9bX~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-hJ6fDTJE2pcm70wvAu_OcG_norvKRX23N9bX~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 03 Sep 2023 15:16:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-hJ6fDTJE2pcm70wvAu_OcG_norvKRX23N9bX~A
content-length
0
usersync
usersync.gumgum.com/ Frame 4D24
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=aacb5a7f-a8f3-4a08-a1df-9d6a901b0f25
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=aacb5a7f-a8f3-4a08-a1df-9d6a901b0f25
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=aacb5a7f-a8f3-4a08-a1df-9d6a901b0f25
Date
Sun, 03 Sep 2023 15:16:36 GMT
Connection
keep-alive
X-CI-RTID
c01dab14-a43c-4d35-8f22-eee0e7651ca4
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 4D24 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
content-length
0
server
b
/
b1sync.zemanta.com/usersync/gumgum/ Frame 4D24 		0
0
server_match
ad.360yield.com/ Frame 4D24 		0
0
usersync
usersync.gumgum.com/ Frame 4D24
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=jemOHVnLIkVW&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=jemOHVnLIkVW&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=jemOHVnLIkVW&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-vx9w5
expires
-1
usersync
usersync.gumgum.com/ Frame 4D24
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1652886196918596719
0
0
sync
ads.servenobid.com/ Frame 4D24 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_9f6850b7-8f2d-4452-8542-74288d6ca8f3
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 616D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPSjVAANgOzdVQAN
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPSjVAANgOzdVQAN&gdpr=0&gdpr_consent=&_test=ZPSjVAANgOzdVQAN
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZPSjVAANgOzdVQAN&gdpr=0&gdpr_consent=&_test=ZPSjVAANgOzdVQAN
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Sep 2023 15:16:36 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 03 Sep 2023 15:16:36 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZPSjVAANgOzdVQAN&gdpr=0&gdpr_consent=&_test=ZPSjVAANgOzdVQAN
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230096-FRA
x-timer
S1693754196.269593,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame ED53 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ZjY4NTBiNy04ZjJkLTQ0NTItODU0Mi03NDI4OGQ2Y2E4ZjM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA3E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141739
content-encoding
gzip
content-length
5636
content-type
text/html
date
Sun, 03 Sep 2023 15:16:35 GMT
expires
Tue, 05 Sep 2023 06:38:54 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6407 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 03 Sep 2023 15:16:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame C1C2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPSjVMCo8XsAAKZFEsoAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZPSjVMCo8XsAAKZFEsoAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Sep 2023 15:16:37 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 03 Sep 2023 15:16:37 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZPSjVMCo8XsAAKZFEsoAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad288.dc4p.scaleout.jp
X-SO-IP
158.181.111.68
X-SO-Key
ZPSjVMCo8XsAAKZFEsoAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"158.181.111.68","key":"ZPSjVMCo8XsAAKZFEsoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad288"}
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad288
gumgum
cs.admanmedia.com/sync/ Frame 6F44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_9f6850b7-8f2d-4452-8542-74288d6ca8f3&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 03 Sep 2023 15:16:36 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame FB68
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=LZ3JqfLxRWDxivCS5VMX&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=LZ3JqfLxRWDxivCS5VMX&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Sep 2023 15:16:36 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 03 Sep 2023 15:16:36 GMT Sun, 03 Sep 2023 15:16:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=LZ3JqfLxRWDxivCS5VMX&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 750B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Sep 2023 15:16:35 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Sep 2023 15:16:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 651E 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
84569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 15:47:06 GMT
sync
ads.servenobid.com/ Frame 3C1D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LM3LICXH-1G-7O8T
  • https://ads.servenobid.com/sync?pid=323&uid=LM3LICXH-1G-7O8T
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LM3LICXH-1G-7O8T
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LM3LICXH-1G-7O8T
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame F3FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPSjUrG66UqZj17-PwqaWAAAFCUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN5iRXMlM0MUBBeeR8FIBMo&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN5iRXMlM0MUBBeeR8FIBMo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN5iRXMlM0MUBBeeR8FIBMo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F3FD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPSjUrG66UqZj17.PwqaWAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG59PfI9wHzyHSC7kRFQ_Hg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F3FD 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPSjUrG66UqZj17-PwqaWAAAFCUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SE79E516XCNNSKWGY25C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F3FD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum.casalemedia.com/ Frame F3FD
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=cc3ac53fa3817b9&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAITZ07rf10cgNLbDyVAAAAAAA&expiration=1693840597&is_secure=true
0
0
31327
i6.liadm.com/s/ Frame F3FD
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZPSjUrG66UqZj17.PwqaWAAA%265157&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPSjUrG66UqZj17.PwqaWAAA%265157&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f3e34e20c9604cfc98604bb30621c11e
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPSjUrG66UqZj17.PwqaWAAA%265157&gpp_sid=&us_privacy=&gpdr=
0
0
rum
dsum-sec.casalemedia.com/ Frame F3FD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3569158016234090306
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3569158016234090306
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3569158016234090306
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ix
ad4m.at/ad/sim/ Frame F3FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
cdn.indexww.com/ht/ Frame F3FD 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPSjUrG66UqZj17.PwqaWAAA%265157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
8575
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
800ef46e4fe80e12-MXP
content-length
43
expires
Mon, 04 Sep 2023 15:16:36 GMT
cs
cs.yellowblue.io/ Frame 0EED
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=182f2247cacb676f2f53277fc4d29&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=182f2247cacb676f2f53277fc4d29&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:35 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=182f2247cacb676f2f53277fc4d29&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693754195827054-347
Expires
Sun, 03 Sep 2023 15:16:35 GMT
v1
match.sharethrough.com/universal/ Frame 0EED 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.1.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-1-69.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 0EED
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F0861002-F5F2-4B4F-A10B-B54C3A68032F
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F0861002-F5F2-4B4F-A10B-B54C3A68032F
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
44.193.104.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-104-224.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F0861002-F5F2-4B4F-A10B-B54C3A68032F
date
Sun, 03 Sep 2023 15:16:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 0EED 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=tu9Y8sp-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
cs
cs.minutemedia-prebid.com/ Frame DCB6
Redirect Chain
  • https://cs.admanmedia.com/sync/minute_media?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=dd992ad3-7f90-4fb8-aac0-330eda5ac02e&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=dd992ad3-7f90-4fb8-aac0-330eda5ac02e&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:38 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=dd992ad3-7f90-4fb8-aac0-330eda5ac02e&ismms2s=1
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame DCB6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZPSjUvUhxp3GT8zay8eZTwAA%265127
0
0
cs
cs.minutemedia-prebid.com/ Frame DCB6
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
0
0
cs
cs.minutemedia-prebid.com/ Frame DCB6
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1815395141153584143645&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1815395141153584143645&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1815395141153584143645&ismms2s=1
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame DCB6
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1498b87f6-c537-0eef-28b0-38384c7ba6f9
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1498b87f6-c537-0eef-28b0-38384c7ba6f9
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21477'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Sun, 03 Sep 2023 15:16:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1498b87f6-c537-0eef-28b0-38384c7ba6f9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame DCB6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=0&gdpr_consent=%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=1652886196918596719&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=1652886196918596719&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=1652886196918596719&gdpr=0&gdpr_consent=
date
Sun, 03 Sep 2023 15:16:34 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame DCB6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=ALceYpMdZTyU&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=ALceYpMdZTyU&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=ALceYpMdZTyU&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-n9phv
expires
-1
pixel
ap.lijit.com/ Frame DCB6 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 03 Sep 2023 15:16:35 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs.minutemedia-prebid.com/ Frame DCB6
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=3f14bfce-84f6-52f6-90ef-28fbf41b8ba9&ismms2s=1
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=3f14bfce-84f6-52f6-90ef-28fbf41b8ba9&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=3f14bfce-84f6-52f6-90ef-28fbf41b8ba9&ismms2s=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
b1sync.zemanta.com/usersync/minutemedia/ Frame DCB6 		0
0
bsync
visitor.omnitagjs.com/visitor/ Frame DCB6 		0
0
cs
cs.minutemedia-prebid.com/ Frame DCB6
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=F0861002-F5F2-4B4F-A10B-B54C3A68032F&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=F0861002-F5F2-4B4F-A10B-B54C3A68032F&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=F0861002-F5F2-4B4F-A10B-B54C3A68032F&ismms2s=1
date
Sun, 03 Sep 2023 15:16:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
127
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame DCB6 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=HU9D8spzkp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.html
eus.rubiconproject.com/ Frame BF9F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Sep 2023 15:16:36 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Sep 2023 15:16:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame BF9E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
80eb18adf795fd4798badffe180c0ff28eb0f1fc4b2ec918c0fb70ecedc0089b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1406
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1693754195879&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1545&pt=809117588&tz=120&viewable=true&ddast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4b840ef1f2d8ae8238a85714594dca1c85b4d9a03eeef7f2f55af34d759ad605

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
content-encoding
gzip
server
nginx
machineid
1412
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 651E 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJxo4UqP0ZPfIAayMjuwPyLatuAYAAAAAOAHgBAI&bg=!gIOlg8zNAAYHwnCgJ8I7ADQBe5WfOCh9wrqnZ0rc3wEdfxhdyb4cRR7ASZBmJ_GT8zOEt2ddOOIDHvJ7M3JAJZ5zIe5AAgAAAFtSAAAABWgBB5kC-Yq1BqSUMCQJ59uJkqk6aIk3VthNNFZR2ZxwTcA7XMEuZMoE0KTtVc03dMKI6rDo-L8XbM1cU5MssNtH6pqVYy2YvNhxiNflBKAPAAxIOrM38kGI94Q6H2fbmUO_lxjS0wV2whvjJbMOFtn4LqkLysubU1HNdO4A2zyo0KQ1WUJmWNk1nwjrDmGhiSCk-hlvBfOBMqJdk1f_0Yv2FBrQ8aEmWYAI2UtHK2lDsgwB-vJZrWADTIHZoREOW0fVDjALTweYbZ_qCA2sjPh4f2_EbYD3bYiLNKUgZ4XcIu15c8Kmo8K6mijKNNBW9Tv__iwd0biHlGZZ68Oms9pusQg73_s8jUejkME4xSQclJLQFNIPTaeLtzFzr3F_5VcrNxY-ZgHPj6nvoOavTKIp5NqFJvFVUudVnpHO9fpkRkguaU6YUTlH9e4RlfCiQbz_i2XMRiYchJrqRjydN-mqMTXpREsQrzx_LisheJuTRUkY5Ct60LbajfhBxBJFrn__DNZkDAUy6ToT5ppdk_zbI0Ks3TOy8i7_dIvoRRnC4HoHnQYcJI3rNHqYPH4H930cZWd-LCCu_xZRWQZ0y8iQsoUXvAXDQkZ6OiFI7LTLqpZ_-DgQ7px66w8thjKNOhSgqBzNMr-sS93hnZ6eDqdWOxVlq6ZvTwMJxb9uH7_ce_o6fhG2gLWT3Hg12jdMTj4UTOa3yPJlqL6kjQIwzB3Rj6rX9O5YlfsOTrSJ9lCFMF1DJeNYEkLpd2GgGmWWluyJjKilklM8hbdabwlvZo42_D-3_9zAYdHqNHCLMMHxfqv_-T3BkMMfjrh2Az-c61K3nwo_G2pNKxmanf2qEUSZ2f0ZSc-jXryBMKjVnKuAlheREuisEpRNn-GOLhYdm2AeKe0AtK-Ay_dFXwnMXc_WnhGXiL9c0e7GVNM8s3ZewY7gVxHHJldP2otRmOjZEXiO2N47Boca849h_qesE6PHmEORlQZD3SkKekGOPR2mpxkF-7pwIDjC-GcTA-Iv
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
banner
ad2.adfarm1.adition.com/ Frame E009 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4389193&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7274618866413865994&kid=5609187&kw=PACS%5F4787111%5F17068013&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPYHXUKP0ZIPzKpaPgAeK75GoAq3wpd5yn57osYgR2rbi75o4EAEguoTAM2D1hYCA3ATIAQmpApgq7ZfxFbI%2DqAMByAObBKoEjgJP0EgHi9XSX1D%5FdsAhBwclnD5tl7YtsE1AwcWmfuUy0paizrw0hI7vxXeVVaDiSv9OA104d75GMmzE5f9vCmacsCzYQxpqNQ1co0mRFZ7UFFCesBSWi4Gres53p%5FXi0Z%5FcICFnudn79BmbCk1YW15%2DbdXqwpelsYa3UvF1kDNa3MHh3BXLU1%5Fcsc8YJ849uKZ6W%5F3y5kQSJezbwgsA7XVTs5QcQifdVuq%5FYYK8VYXP2nJjlAoIfVyQLw5FYcPyi%2D3%2D7scUrtfYz2kTu23eoFTByB37S2H6y4Ka3k3cpVLy6vh9VeuOOZois2sO3sIZYnNUNUS2YIJNFjhrytWywU%5FHtrlgs9TBSIu%5FBZqUJ0%5FABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWsaxQw0DE864h7aSm2baS%5FPH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE%2D1xgB%26sig%3DAOD64%5F0pIWoNQ2zcjaPScDPAnJmGkxeaEg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCj3eb1AYz%2DIbHSr01ipLive8MDohGv3BbbCo4WCXgva35vo%2DfU5%2D4sT9wqGwCAxKTfXsn3ht5rCbgyeNcf3EEveH3sMXL0pVLFUOZ1bnVSEqVtOg9Vh3moTetF%2D%2DdLlekJrw4M%5FZUdIUgt%5Fahoaw50arN0ZD40zxvUcg%5FZGVzvU%2DlpVuU%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCC%5FEw3eCpLC9VyUxZr4FQOExocX1%2DDl0O4gU8lDs7rXSpoiP3M2lIOT6YSQ6bX9%5FXNqz%5F8TAcwQ%5FquscX6YtAgQ5KL47DI1txzYHwTj7YS9nX%2DvQjiCMWzfdCr0WxulwbGDw5e%2DMeWFf1YBTy%2D07ZLUjcq4mhnCGMvb0sqS5nDSqjEnJWlULiFUHSxJHIk2y1maZWDJqCbISLfoIWeWcxumrMEEWwWMk3dqnGDpElwFJWpgPW8MUSlRP5vezNv2pB2SV2%5FzZGM2nPGdedQrt%2DHbN1L%2DJ4O%5FebNj%2DwMXGueroOxVnwjgSORj31jYYAEreC96bTm15Cv93BQv2J840pHawD4YjbN47Pfakb9mNU%2DHVYiYaj4343MckoB4bfuOBAfNaVw70hWnf8t5iPT36yaXIVGAuK22ULGEMdtsZ6b0UXLIO9BjBLwtym%5FC8rquFO%2D9Yp%5FGzIPVJnZmnRKLbn%5FoeQ%2Dl7t4pcjKTrBrhZ43NJOdDdeOUUxIRAd8BwzUn1Ejq%5Fonsp8CpDw29%2D01Zmlldz0n5vaukKFsraCZ27PSYPm6WMoZlloGMSvvjh3Pl3iuJpCNT0AcXHK8rSABYDeh124E%2DfrLyX84halx1OAM1YqMXUiYCDXsgIMYlWWdWYjnywGdoHM3brynDxW%2D%2DTv97GaJzSR%5FZyizvJ0LmuJSuD%5FQI1o%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274618870703131658%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274618866413865994%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D31267%2526keyword%253D%2526gclid%253DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gclid=EAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%5FBwE
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389193&gdpr=0&gdpr_consent=&ts=7274618870703131658&kid=5609187&keyword=PACS_4787111_17068013&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPYHXUKP0ZIPzKpaPgAeK75GoAq3wpd5yn57osYgR2rbi75o4EAEguoTAM2D1hYCA3ATIAQmpApgq7ZfxFbI%2DqAMByAObBKoEjgJP0EgHi9XSX1D%5FdsAhBwclnD5tl7YtsE1AwcWmfuUy0paizrw0hI7vxXeVVaDiSv9OA104d75GMmzE5f9vCmacsCzYQxpqNQ1co0mRFZ7UFFCesBSWi4Gres53p%5FXi0Z%5FcICFnudn79BmbCk1YW15%2DbdXqwpelsYa3UvF1kDNa3MHh3BXLU1%5Fcsc8YJ849uKZ6W%5F3y5kQSJezbwgsA7XVTs5QcQifdVuq%5FYYK8VYXP2nJjlAoIfVyQLw5FYcPyi%2D3%2D7scUrtfYz2kTu23eoFTByB37S2H6y4Ka3k3cpVLy6vh9VeuOOZois2sO3sIZYnNUNUS2YIJNFjhrytWywU%5FHtrlgs9TBSIu%5FBZqUJ0%5FABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWsaxQw0DE864h7aSm2baS%5FPH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE%2D1xgB%26sig%3DAOD64%5F0pIWoNQ2zcjaPScDPAnJmGkxeaEg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCj3eb1AYz%2DIbHSr01ipLive8MDohGv3BbbCo4WCXgva35vo%2DfU5%2D4sT9wqGwCAxKTfXsn3ht5rCbgyeNcf3EEveH3sMXL0pVLFUOZ1bnVSEqVtOg9Vh3moTetF%2D%2DdLlekJrw4M%5FZUdIUgt%5Fahoaw50arN0ZD40zxvUcg%5FZGVzvU%2DlpVuU%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCC%5FEw3eCpLC9VyUxZr4FQOExocX1%2DDl0O4gU8lDs7rXSpoiP3M2lIOT6YSQ6bX9%5FXNqz%5F8TAcwQ%5FquscX6YtAgQ5KL47DI1txzYHwTj7YS9nX%2DvQjiCMWzfdCr0WxulwbGDw5e%2DMeWFf1YBTy%2D07ZLUjcq4mhnCGMvb0sqS5nDSqjEnJWlULiFUHSxJHIk2y1maZWDJqCbISLfoIWeWcxumrMEEWwWMk3dqnGDpElwFJWpgPW8MUSlRP5vezNv2pB2SV2%5FzZGM2nPGdedQrt%2DHbN1L%2DJ4O%5FebNj%2DwMXGueroOxVnwjgSORj31jYYAEreC96bTm15Cv93BQv2J840pHawD4YjbN47Pfakb9mNU%2DHVYiYaj4343MckoB4bfuOBAfNaVw70hWnf8t5iPT36yaXIVGAuK22ULGEMdtsZ6b0UXLIO9BjBLwtym%5FC8rquFO%2D9Yp%5FGzIPVJnZmnRKLbn%5FoeQ%2Dl7t4pcjKTrBrhZ43NJOdDdeOUUxIRAd8BwzUn1Ejq%5Fonsp8CpDw29%2D01Zmlldz0n5vaukKFsraCZ27PSYPm6WMoZlloGMSvvjh3Pl3iuJpCNT0AcXHK8rSABYDeh124E%2DfrLyX84halx1OAM1YqMXUiYCDXsgIMYlWWdWYjnywGdoHM3brynDxW%2D%2DTv97GaJzSR%5FZyizvJ0LmuJSuD%5FQI1o%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274618870703131658%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274618866413865994%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D31267%2526keyword%253D%2526gclid%253DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%5FBwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
a6b48af03489cd3d8592e37759673f800209e763369d837f1b7b66daa84ed0b7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 17:16:35 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 750B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8ca9d9dd450d8fa63c3f8cc9679e166d928d58f84752e9bc01931bad4bff4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 03:53:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45397
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 03:53:12 GMT
pixel
cm.g.doubleclick.net/ Frame BF9E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilueAFe3CV6qvCk0KHNpPNBylbHqh1BGJw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilueAFe3CV6qvCk0KHNpPNBylbHqh1BGJw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABilueAFe3CV6qvCk0KHNpPNBylbHqh1BGJw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
img
sync.mathtag.com/sync/ Frame BF9E 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D%26ismms2s%3D1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:36 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Sun, 03 Sep 2023 15:16:35 GMT
/
onetag-sys.com/match/ Frame BF9E
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=%26ismms2s%3D1
  • https://onetag-sys.com/match/?int_id=2&uid=LM3LICXH-1G-7O8T&gdpr=0&gdpr_consent=&ismms2s=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LM3LICXH-1G-7O8T&gdpr=0&gdpr_consent=&ismms2s=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LM3LICXH-1G-7O8T&gdpr=0&gdpr_consent=&ismms2s=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
onetag-sys.com/match/ Frame BF9E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26ismms2s%3D1%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&ismms2s=1&uid=3756744799350472698
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&ismms2s=1&uid=3756744799350472698
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
an-x-request-uuid
1256f21c-e9a0-4790-a034-7a292e0f9737
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&ismms2s=1&uid=3756744799350472698
x-proxy-origin
158.181.111.68; 158.181.111.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame BF9E 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=yVgiNjluyroAUbk67vpFQ9L60wpYRtdVrsGLEQpgWuU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame BF9E
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=%26ismms2s%3D1&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1652886196918596719
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1652886196918596719
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1652886196918596719
date
Sun, 03 Sep 2023 15:16:35 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame BF9E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=%26ismms2s%3D1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame BF9E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=%26ismms2s%3D1&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ZiMSVoxSGvvH1fxtFzoXY-Aksgm3F9nu_jFVIGXZ2u0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ZiMSVoxSGvvH1fxtFzoXY-Aksgm3F9nu_jFVIGXZ2u0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3SQJVWM05E6Q7SNGNXT9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ZiMSVoxSGvvH1fxtFzoXY-Aksgm3F9nu_jFVIGXZ2u0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame BF9E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=%26ismms2s%3D1&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GD...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957
date
Sun, 03 Sep 2023 15:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame BF9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIKfUPmHJ1HwBrJgV6-egDQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame BF9E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=%26ismms2s%3D1
  • https://onetag-sys.com/match/?int_id=92&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
date
Sun, 03 Sep 2023 15:16:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame BF9E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=%26ismms2s%3D1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame BF9E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=%26ismms2s%3D1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BF9E 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=yVgiNjluyroAUbk67vpFQ9L60wpYRtdVrsGLEQpgWuU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 4A70 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:35 GMT
expires
Sun, 03 Sep 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
219542
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 924B 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 03 Sep 2023 15:16:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XE0BETHHWE9GPEAN1PYT
Pug
image2.pubmatic.com/AdServer/ Frame 7B5C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0QmwkIYO45bKXLWS3gz7l9UE5JTKDrWRhg1iGEG2
0
0
sync
ads.servenobid.com/ Frame 349B 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.11.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-11-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 03 Sep 2023 15:16:36 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 27D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZudvxxwfQKyXpDnKfXmpVw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=141738
accept-ranges
bytes
content-length
5636
expires
Tue, 05 Sep 2023 06:38:54 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 27D2
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&gdpr=0&gdpr_consent=&ct=y
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
18.203.189.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-189-31.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.206
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.3.225
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 27D2
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3847319669
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3847319669
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
via
1.1 google
last-modified
Sun, 03 Sep 2023 15:16:36 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
via
1.1 google
last-modified
Sun, 03 Sep 2023 15:16:36 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3847319669
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 27D2
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzlpYjFoZDFxcWZRbVNDRURnSm9hWXhYUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4209624951218091518&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
54.147.123.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-123-103.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:38 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 03 Sep 2023 15:16:38 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 27D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjZFNzZGQzctMUMxRi00MEFDLTk3QTQtMzlDQTdENzlBOTU3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 27D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENk8r4HAljOZw6WXfkzwWA8&google_cver=1
42 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENk8r4HAljOZw6WXfkzwWA8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENk8r4HAljOZw6WXfkzwWA8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 27D2 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 02 Sep 2023 15:16:36 GMT
generic
match.adsrvr.org/track/cmf/ Frame 27D2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 27D2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4209624951218091518
0
0
66E76FC7-1C1F-40AC-97A4-39CA7D79A957
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 27D2 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/66E76FC7-1C1F-40AC-97A4-39CA7D79A957?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.175.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-175-116.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 27D2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=66E76FC7-1C1F-40AC-97A4-39CA7D79A957&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HF0Mwi1E2uVOz6vDpWYDTNeip8z6zEU-~A&gdpr=0
0
0
Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html
imagesrv.adition.com/banners/268/01/03/c1/23/ Frame 52A8 		0
0
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame E009 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A512 		1 KB
683 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
22789
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Mon, 04 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E009 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa938396c2341c8018a147c2c1435451b967dbc23ae5fd7d019c952dbccb3c7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usersync
usersync.gumgum.com/ Frame 750B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LM3LICXH-1G-7O8T
  • https://usersync.gumgum.com/usersync?b=mag&i=LM3LICXH-1G-7O8T
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LM3LICXH-1G-7O8T
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Sep 2023 15:16:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LM3LICXH-1G-7O8T
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
perf
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/perf?route=IL%3AIL%3AV&lti=rbox-loaf-wtf_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230828-16_b1-PR-59781-DEV-136530-report-loaf-on-chrome-beta-116-c9b99dea08b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C7A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwBkLX2SAlh8ZFdHwKUgiOZ81Li1TlUQ2ToW0NxJjskjiE6NSw10jd8p_Z16JBDvpgWeXAv36qtdDzE5WyeRoljJQptUXwI1IGmjxFLaTzEI1EEad7RNsuiN713w9A8EEPIcvTRm_-C7Y-AoMpW2yYm76RNGtf02WQ6l_rbYtyuZJwYbtzIpGCp4jpTwa0w19i1M-geaSAxHaDjGlJYIIPXThWHqtHuunBbpQyZFAdm7XV9VYbNMZmQa39g7P4Ex4CNmsCs7zF2an77yWi4H-AQwyFcHcvLwxy_AAx_-8URATBdqLF597TrFWqldcMPvoHVED8L4MdkJ3h9U7R6pVO5YY1OJiLzF22tvUSZ0aFWRoRy5EgUekctahcr8CuddIHKBHAA6cnPwp4tMqVjocBGi29bCpWxzF_6rjSLorDcPxvGXobv6u-Y2C2ayr-RwDqc9eY5bwDIh2H8OlTkMe0yd8aKUWcUnQj4vK9-P0gFduZ5EJuolhQ59XBnaow5Rp1Is9KIe0-duLT45zGvViBkMyE5i02AK4rMX9CMp1WLlhIN6KC3Cw4VmhL0XkEjUhclmII_KCgp_OnxUBxBYBl27K5zkyzB7VZEQor_JuSKUFaKTZDnDjW-VZOZGNTEFSrL0-9zJa7N-mGb6yZ1zzjdbKMdoMrZ6Jz7-azfo033GaLmTogeNYziMUpRM0aI-ptxI1F-erl8bvjKLdhWFvznAKo7ymyytbqgCfT9hdWHMvWVkTl4NZMT-d9_Ij4e3x46srkPEVG5NERSk3jbOxT8n9w0_8fX2ip0jp4tczsZUShkI4x51bbpXeZNmW88ExXaJFQJIaVZY2CJlhv5FTke2oZtIZmWfvu2ngAtqwk9Zx-7YQIF1nT3r2T_hoWHmuXWadzwTv6yxT5Aw11cr1KazLdJI_gjkBDv4_0X0puIoeWYj7A3j211RCui4JSJc1arGJmkJOA9FU8OQTA__N0jx6SZluLEu6NvQ2qMvyzAJ6xXsBrqzXv0qVTx9goc0oN6ncwaDYNXULmryBzUWIRGRohGnfphxdv8DSc0sqa9KdJD4SAh2rrBI_Ayq06j-X7wbPmCk_7lu63mFvxEdl5FNC1-5_Ex-jlfQxHX8IkK_GKbC03b5m3Wo63bO_CGQuRz0CmYS6yUnnzOLXpXH3ZsLMn3vJMRluB-SGRDAIIQdVW2xJM9Yls0NGRvuo-p-lpk9RQjsgIhbLYBk2tR3pxd4SXVkMNr2XZValFcewBbhIwOVFqt5YziWOn2QI-TgGPfB6XD45sZzfw9DtrV9VOzmPu3tyakMn322vGMjX6a2E01YHWFM1A6vo8dIyTdaD1uAUIPIspZqifZnoNFzxZ9dVXCEAgDsQl99rDnQigxRCzfiD2ISZDD5jVVOo6vHiT6LA7h4ZqgD26h_7BpUqFDqbuIAnGD46N7ozJc9b7FD7d1WzyHJhZaAcRVoiWgPq8Ti0XTJzRTt_mc9D8f6y-SEp2UnRondXXdFRwvcJ-Q21yGfdCLhLkd4FMucxPpgwoemAnXm4OuTwu09fQvfLQlShCjRt8VJ8MlbWOFkWk&sai=AMfl-YScySxPYhowSJwikYc38iG8iQWhE6mL4Oib2BnSBzccjrxjgmhYfDcvJNkNMrbiQi2FXjWaB6YWWxzxQFylb9gsKDvYiwYpVAxImJsM58FpxW3u8dipH2pbm-SvKVec_PVg220n9NV_9w&sig=Cg0ArKJSzHggZrF_U0v1EAE&cid=CAQSPABpAlJWsaxQw0DE864h7aSm2baS_PH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE-1xgB&id=lidar2&mcvt=1002&p=1110,315,1200,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693754193312&rpt=1877&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame BF9F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff8ca9d9dd450d8fa63c3f8cc9679e166d928d58f84752e9bc01931bad4bff4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:36 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 03:53:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45396
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 03:53:12 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0
rar
as.ad4m.at/ad/ Frame 5D42 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8103b05722eb4266809bc507749f722028e08ad8298643d98848773a9020202
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
800ef46ecfb11db0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:36 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
google
match.adsrvr.org/track/cmf/ Frame A512 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDvm8TstbfGwkqtBkmemha4&google_cver=1&google_push=AXcoOmT-6UNeLt_7Fm4hWK6jQPfuVzwxS_wlcKRIUQmxrt9_K05fvew3YM6K2wBcIuq8QF9UGNpDLCRJAuJlarNJQ41KGxTp36Vv
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A512
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEHO7NpsD3Coah4tWWKfJ2m4&google_cver=1&google_push=AXcoOmS2AHTEJJF51cNjlP27HTK2yeG17D-OfX1c25OK6HqQTHBBeKI75M4Ipq6CWvHw0L27EjjJXH6lZHoDUm9n64yHrdVoleo9
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=822682057993
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=822682057993
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=822682057993
content-length
0
pixel
cm.g.doubleclick.net/ Frame A512
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENn7SjxpzjGjfNlS-7Bgs0E&google_cver=1&google_push=AXcoOmSQEiDvaz8o-9AGI4YdbEqsWgnLoWWN1Qi9CcLJgt_V4aDmepFN8K3cC58p-pmpXRmtTuNB3Zl8x7GiE8Uwc2gujgy...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSQEiDvaz8o-9AGI4YdbEqsWgnLoWWN1Qi9CcLJgt_V4aDmepFN8K3cC58p-pmpXRmtTuNB3Zl8x7GiE8Uwc2gujgyx11vT&google_hm=eS1NMFRPbXJWRTJwRXlwNE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSQEiDvaz8o-9AGI4YdbEqsWgnLoWWN1Qi9CcLJgt_V4aDmepFN8K3cC58p-pmpXRmtTuNB3Zl8x7GiE8Uwc2gujgyx11vT&google_hm=eS1NMFRPbXJWRTJwRXlwNEt0a2hSaWdZUTRMcVIwVEprWX5B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Sep 2023 15:16:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSQEiDvaz8o-9AGI4YdbEqsWgnLoWWN1Qi9CcLJgt_V4aDmepFN8K3cC58p-pmpXRmtTuNB3Zl8x7GiE8Uwc2gujgyx11vT&google_hm=eS1NMFRPbXJWRTJwRXlwNEt0a2hSaWdZUTRMcVIwVEprWX5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame A512 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQM66YDHl6HhVv0DKJWW7t5POmrlc7Yo2S-l_iqOugfHhWuO0K7Eg_ZCISZ08TenjnGMgEmTdtKPnPPMB1t3_qoY44A7gh7&google_gid=CAESENREC1z26X5nmbbF_12-D64&google_cver=1
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
702483
expires
Sun, 03 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A512
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECaVA--s5Fuk-oSb8YkN4iQ&google_cver=1&google_push=AXcoOmRlNU_7_MwsthD_53VgDNrOnpJ06pIpomXi_krXu425tquLTHh_fVhNy_xXOjURhjALDfXJt7zl...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwOTYyNDk1MTIxODA5MTUxOA&google_push=AXcoOmRlNU_7_MwsthD_53VgDNrOnpJ06pIpomXi_krXu425tquLTHh_fVhNy_xXOjURhjALDfXJt7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwOTYyNDk1MTIxODA5MTUxOA&google_push=AXcoOmRlNU_7_MwsthD_53VgDNrOnpJ06pIpomXi_krXu425tquLTHh_fVhNy_xXOjURhjALDfXJt7zl22RElpgi4vdd1-EbBX3s
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwOTYyNDk1MTIxODA5MTUxOA&google_push=AXcoOmRlNU_7_MwsthD_53VgDNrOnpJ06pIpomXi_krXu425tquLTHh_fVhNy_xXOjURhjALDfXJt7zl22RElpgi4vdd1-EbBX3s
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame A512 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kcx6aEfBroNOdaeqoBJahXvWsmtfTzhRQ0R-kT9_Nfi7rgvXF2yxC5Hzw
Requested by
Host: 12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
URL: https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0de17b9b21356a7e43d6a4d11831e9bb5de3429a123120cd39ed8bb8ca2285bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90600
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Sep 2023 15:16:37 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
de959bf6d68c06198b731f7158053bfe9ca990818be18db6edbda32abdc14625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90572
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Sep 2023 15:16:37 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
b896df2a-40c0-4cf4-9682-ff6fd52c5cd2
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/b896df2a-40c0-4cf4-9682-ff6fd52c5cd2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
8406ee03-d1a7-4623-affa-48149fff4241
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/8406ee03-d1a7-4623-affa-48149fff4241
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
content-encoding
gzip
cdn-edgestorageid
860
cdn-storageserver
DE-677
cdn-cachedat
08/17/2023 06:30:53
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
ca5aba55d765377772f538c14b886cd1
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame E450 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
502494
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 19:41:42 GMT
expires
Tue, 27 Aug 2024 19:41:42 GMT
last-modified
Mon, 28 Aug 2023 19:39:24 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Sep 2023 15:16:38 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/canary/ Frame 14BF 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/canary/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 14:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 04:17:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 03 Sep 2023 15:44:12 GMT
playlist.m3u8
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/ 		0
0
57e80c17-d9ed-43e4-a8d8-5ad1ca798484
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/57e80c17-d9ed-43e4-a8d8-5ad1ca798484
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
33f3442a-db7a-42f1-98c3-a338565abe1a
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/33f3442a-db7a-42f1-98c3-a338565abe1a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
f9ff0e40-ae4c-442f-9e2c-8f582a92a7af
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/f9ff0e40-ae4c-442f-9e2c-8f582a92a7af
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
cs
cs.minutemedia-prebid.com/ Frame BF9F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LM3LICXH-1G-7O8T
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM3LICXH-1G-7O8T
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM3LICXH-1G-7O8T
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM3LICXH-1G-7O8T
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
cshow.php
www.awin1.com/ Frame 0EAE 		0
0
cshow.php
www.awin1.com/ Frame D92C 		0
0
request_content.php
hal900020.redintelligence.net/ Frame F780 		0
0
cshow.php
www.awin1.com/ Frame 2708 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6118 		1 KB
678 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
22789
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Mon, 04 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2708 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dac4d215b5a3ffd4f5a06a5d2b14ab6433349ab179e59dd3a3336d971491b0bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 5D42 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
965006
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU9G23XPEFsykDYXIAVIuAsd4woQvUETEqeFuv8Rp2a7XysV0Xv175%2Fl5NyJjk8DvzSXBSZo0KnpDzVcb4BDye9LskxyVay8I8dJtSMP4UJJq%2FEeqSqDQj0jaIk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
800ef46ff94a1db0-FRA
expires
Sun, 03 Sep 2023 16:16:36 GMT
F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
assets.ad4m.at/logo/ Frame 5D42 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2560783
cf-polished
origFmt=png, origSize=14365
alt-svc
h3=":443"; ma=86400
content-length
10826
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:11:42 GMT
server
cloudflare
etag
"9bf9c6b0623b3198e5f2a1630ee7175c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WczaCZvEIdggmDV5LMNXedasEeD2bJ0nD46btuXnVbH2Z0OsqjZJJokNnCINI0VIWg%2BZKciFvDCUTunbOsEhKCWSVCnUgU%2Fy7dc2LOBHM9haqJ53GMI2CFm7dYn3EFJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
800ef47019661db0-FRA
expires
Mon, 04 Sep 2023 15:16:36 GMT
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame 5D42 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e0b652db045d1d748da7caa5b9d6e7950a78bfe9883c1a56ab7a4f52fdb3ddb

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2188948
cf-polished
origSize=17719, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
16782
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Oct 2019 13:02:31 GMT
server
cloudflare
etag
"27a67b486c4e661d3a1c0664a26b354c"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4ZeqSW3tt7N6Hl1xI0%2F%2F94Owl%2FiZWDfR2tDLqFrURphPswQn%2FmfbNc2%2BPu6yN%2BggG559vEH7Bgn2r3TVLsbaxbjTBGspRyw7PP1h%2BigfrKQOnXdR%2F7LZK81wVGogFd6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
800ef47019631db0-FRA
expires
Mon, 04 Sep 2023 15:16:36 GMT
cshow.php
www.awin1.com/ Frame 5D42 		0
0
822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
assets.ad4m.at/logo/ Frame 5D42 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5b11a8ed95cc5ef94a4a6fe4d32f704dfeca16300ca4c67cdcffaa01aa2481

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69921
cf-polished
origSize=48887, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
43327
cf-bgj
imgq:85,h2pri
last-modified
Mon, 19 Oct 2020 12:32:26 GMT
server
cloudflare
etag
"4fe1ecb98ff38283cdb2ae157e399ba2"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNaC6uFNAR%2BYtVKlIBM7ZL97g3r1RghDP751IHXWivHP44kjCoE60DuGNmreoloFGPf4kigeSelSAB1WCrmRLlBCy1vxCJkeEaC%2FhVA5%2BsOSFQiD2ajN9g5W8YrU89Ro"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
800ef47019671db0-FRA
expires
Mon, 04 Sep 2023 15:16:36 GMT
A8818152897B16598F154C678AE450026823820908A7A6CE6B0DB3C201FEB6D81C9FF76AC0F45E93D9C0D720F61EF6CAED2B76299D63A398AA158A0B10C14129
assets.ad4m.at/product_image/ Frame 5D42 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A8818152897B16598F154C678AE450026823820908A7A6CE6B0DB3C201FEB6D81C9FF76AC0F45E93D9C0D720F61EF6CAED2B76299D63A398AA158A0B10C14129
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a92cc32b861676d73dee67a54d16f367fbe774354b1c25189348ee4a85a98e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
354475
cf-polished
qual=85, origFmt=jpeg, origSize=78008
alt-svc
h3=":443"; ma=86400
content-length
72376
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Jan 2023 17:19:13 GMT
server
cloudflare
etag
"06d436b8ec91b25b14f92995cb31da99"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBHrBF%2FpaYNtg%2Bew7ZrV%2FQQsn4iwnEgbcDMTcwqgGPdurWZj9ZbCWK%2Fg8x5tDyfx4piZpZ6cQqedZExB4dBsWSzmTPp%2FNp7pZC1S1oDLiXjRU40MAZ3pclsAdrwnrpTd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
800ef47019641db0-FRA
expires
Mon, 04 Sep 2023 15:16:36 GMT
5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
assets.ad4m.at/logo/ Frame 5D42 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
735563
cf-polished
origFmt=png, origSize=10671
alt-svc
h3=":443"; ma=86400
content-length
2788
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 10:08:34 GMT
server
cloudflare
etag
"9acf9d00a48a7f6dbfd2227b1e5270f4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqMJWz56JUc%2FOMxs8Ie7yjglFeC8OX5mRGvmFVQXhqWbBiVlxwqrjPTBWWwTHKTHmKw42xRzLbRaQEhmQ0fV7jZo2EnXo5kLhbNdy7NF2FrhaXvbn9ux7TcNcj40F%2F3m"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
800ef47049ac1db0-FRA
expires
Mon, 04 Sep 2023 15:16:36 GMT
83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
assets.ad4m.at/ Frame 5D42 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
735563
cf-polished
origFmt=png, origSize=161182
alt-svc
h3=":443"; ma=86400
content-length
97668
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 10:16:07 GMT
server
cloudflare
etag
"51d64cff249103fb8a1f53706965d58f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyAB8kvMu2TQ2uhy5wDj76ZQXPvcIghpuVhjCnH7kLoeq5hNtPtj0PMVmY6eXDOE22oRkzqdaoVlCTACnveiMAxZ34r8fP1%2F9UlzFh39TyoBje0hD6rTDMqFhPNod2Nj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
800ef472cd0e1db0-FRA
expires
Mon, 04 Sep 2023 15:16:36 GMT
cshow.php
www.awin1.com/ Frame 5D42 		0
0
link.html
track.webgains.com/ Frame 5D42 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3540285&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jxy0gqmpqtsb5h9hac0b3zwdnkfmdjzf91fqe750zrn3w0b9yhdf8sjvx4qcfbwamqjakbtpqww8mxgggxz14ntc1026n8grma8m1hz2e66p5phrh36h0fqs6gmhsff83dhdtswsrgz07pcprnt1pn9txtdr1gf95mp6gg1xc10dhss3w36tgsxnrf62t42h0r93af0twp6bfjnhnk1hxannjvdw71y6x703qmwmqzmcye1xcv2scfa73nwvvwzw8%26a%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%25253Fsa%25253DL%252526ai%25253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%252526ae%25253D1%252526gclid%25253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%252526num%25253D1%252526cid%25253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%252526sig%25253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%252526client%25253Dca-pub-6579838053286784%252526dbm_c%25253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%252526cry%25253D1%252526dbm_d%25253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%252526adurl%25253D&clickref=oneidGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHEoneid__dbm_Awin_Reach02&viewref=oneidJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtXoneid__dbm_Awin_Reach02
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14222%2C200037%2C517453&b=JBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX%2CJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtX%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA&f=GjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE%2CGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHE%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr&c=300&d=250&e=&g=72e32f78e1522dc5d26d5541cf542289%2F11991447247774983464&i=17712%2C22499%2C196936&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1693754196029&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%2526num%253D1%2526cid%253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%2526sig%253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%2526client%253Dca-pub-6579838053286784%2526dbm_c%253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%2526cry%253D1%2526dbm_d%253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.176.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-176-194.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
server
awselb/2.0
content-length
45
content-type
text/html
google
match.adsrvr.org/track/cmf/ Frame 6118 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDvm8TstbfGwkqtBkmemha4&google_cver=1&google_push=AXcoOmTL3vUoBucO6kfdXl6b6vqKUOnTZugCjGeunrJxB9nvozu26ti7ffOLRPa1iYrLXcsRtgfj1WpofhCIQpqU6EDJHpmurqx5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6118
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENn7SjxpzjGjfNlS-7Bgs0E&google_cver=1&google_push=AXcoOmTlJ2DgHQLQD1M1OcW9S1fU-OPYg3H5O57277qCIO9bOmL8VRBL_u-oh0qR0quaVSTHXrC8Grmwpo1l3HGbM4jGxkw...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTlJ2DgHQLQD1M1OcW9S1fU-OPYg3H5O57277qCIO9bOmL8VRBL_u-oh0qR0quaVSTHXrC8Grmwpo1l3HGbM4jGxkwBAM1s&google_hm=eS1NMFRPbXJWRTJwRXlwNE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTlJ2DgHQLQD1M1OcW9S1fU-OPYg3H5O57277qCIO9bOmL8VRBL_u-oh0qR0quaVSTHXrC8Grmwpo1l3HGbM4jGxkwBAM1s&google_hm=eS1NMFRPbXJWRTJwRXlwNEt0a2hSaWdZUTRMcVIwVEprWX5B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 03 Sep 2023 15:16:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTlJ2DgHQLQD1M1OcW9S1fU-OPYg3H5O57277qCIO9bOmL8VRBL_u-oh0qR0quaVSTHXrC8Grmwpo1l3HGbM4jGxkwBAM1s&google_hm=eS1NMFRPbXJWRTJwRXlwNEt0a2hSaWdZUTRMcVIwVEprWX5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 6118 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTcQ8PtyUJLy0qCdFGpST5vdy-DA6mTlqnzIzQ0sjJIdS5UlaEAiXsZ1EOPGs3q0mNknjw7v8VmgnKa-1Y84FH6EQlwLl9M&google_gid=CAESENREC1z26X5nmbbF_12-D64&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
205363
expires
Sun, 03 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6118
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECaVA--s5Fuk-oSb8YkN4iQ&google_cver=1&google_push=AXcoOmSoRSTFkIsMw6q8RT3vUl8aZzcSJylF--CXClvPYo0KQLAV7lSbi4tYPTrlSyNwYGW1FkwCsncx...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwOTYyNDk1MTIxODA5MTUxOA&google_push=AXcoOmSoRSTFkIsMw6q8RT3vUl8aZzcSJylF--CXClvPYo0KQLAV7lSbi4tYPTrlSyNwYGW1FkwCsn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwOTYyNDk1MTIxODA5MTUxOA&google_push=AXcoOmSoRSTFkIsMw6q8RT3vUl8aZzcSJylF--CXClvPYo0KQLAV7lSbi4tYPTrlSyNwYGW1FkwCsncxaSRcuH3OxMYOEtDVp5Fp
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIwOTYyNDk1MTIxODA5MTUxOA&google_push=AXcoOmSoRSTFkIsMw6q8RT3vUl8aZzcSJylF--CXClvPYo0KQLAV7lSbi4tYPTrlSyNwYGW1FkwCsncxaSRcuH3OxMYOEtDVp5Fp
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 6118 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDlBB_4REmu-MMRvL5-TvoCo5EsJDhqf1i8EjKWab8qoOid3Yk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693746991&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693754181812&bpp=6965&bdt=1084&idt=9771&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=3781666188718&frm=23&ife=1&pv=2&ga_vid=233640451.1693754192&ga_sid=1693754192&ga_hid=449609476&ga_fc=0&ga_cid=amp-LceXZSHsxjNJ4c_roYL3VA&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1818&biw=1600&bih=1200&isw=336&ish=280&ifk=3190810072&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44795922%2C20222283%2C31077550&oid=2&pvsid=4286829431659044&tmod=671074525&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rkz2s2kl4hb&btvi=1&fsb=1&dtd=9783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4CD2 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
15052d3f8db580ce6296ffc1a384cabdbe8eb87382c5b1f6fd11005253104f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11854
x-xss-protection
0
error
pixel.quantcount.com/tag/ 		0
0
pixel;r=1861421314;rf=1;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html;uh=e51ed67dfb8d91dc24b1...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1861421314;rf=1;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-547405046-1693754192893;pbc=d7cba6b1-992a-4483-b721-a2ceb0745bb5;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1693754196978;tzo=-120;ogl=;ses=dd4f3a50-657b-4b55-891c-f3f3bd094a1a;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 03 Sep 2023 15:16:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E450 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E009 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEtN9KczSWUv4d7CiR0-rjnX9omOBxIR0_56jSzdLBXQkQSlyaBg-6jJ02277WlAj_4DEFHwOuZ0MwUzgD4fcDm-esVzcXqChu4cHXmYYC4_6QCen_wQBCEDc7VXvl&sai=AMfl-YQV4X5LkDgO40PinmzM9Jz1WUelO9q68y9OEi3PUu9YSOnkv9SmB2cNfDZtE9_7Efix4sfRhxhNcD9VGTfqkkUiYO3Gc8-m1QKegICDD-PwwWPPaBDhklSr858Q&sig=Cg0ArKJSzE9RhxueDXmHEAE&cid=CAQSPABpAlJWsaxQw0DE864h7aSm2baS_PH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE-1xgB&id=lidar2&mcvt=1000&p=60,295,310,595&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693754193221&rpt=2851&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E009 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=779351633677&version=m202307240101&ct=77&x=1&cor=14302820663279220000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 68D8 		975 B
564 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6847
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMYBLnkmdvIfPDaZ6R4qTz7%2BBzhy1E6QE6%2Fr5%2BouMapgtDzUuLh%2FZx5vnKtdXDlmP%2B2CS8PLXDqmbyvZ0ekltpLjOFG2S8Ibtdqee2UqLz1HZxY5WqdY3nv24ZJnibJLeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
800ef475aae50e32-AMS
ad_request
ads.aralego.com/ Frame 68D8 		661 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.3142835697061048&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 15:16:38 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.holmesmind.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
963a1a30-1217-3d49-82f2-83d501b0fb73
X-Adtype
html
Connection
close
Content-Length
661
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4CD2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 15:16:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3F18 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js?bust=31077549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2bf3641f54961db001f5cc340b8dbfb7a3e313d3ed57adc5e9c45f86789e6712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11669
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3862 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
20817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 09:29:40 GMT
expires
Mon, 02 Sep 2024 09:29:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je38u0&_p=509&cid=1349050420.1693754193&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1693754197&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dt=%E8%8E%AB%E5%BE%B7%E7%B4%8D%E5%89%A9%E4%B8%8D%E5%88%B06%E8%90%AC%E5%8A%91%EF%BC%81%E7%AC%AC22%E8%BC%AA%E9%A0%90%E7%B4%84%E4%BB%8A%E5%8D%88%E6%88%AA%E6%AD%A2%20%E7%AC%AC%E4%B8%89%E5%8A%91%E5%89%AF%E4%BD%9C%E7%94%A8%E4%B8%80%E6%AC%A1%E7%9C%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3F18 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js?bust=31077549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 15:16:37 GMT
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 3862 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
84571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 15:47:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A719 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
22918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 08:54:39 GMT
expires
Mon, 02 Sep 2024 08:54:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 321F 		829 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
06351ef4d41f2c880266a0416c06707bef5f0df57752db5cea8fd264aa9fc682
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3NAh2FdOBDVexSTLjLOpww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-3NAh2FdOBDVexSTLjLOpww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:37 GMT
expires
Sun, 03 Sep 2023 15:16:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
pubads.g.doubleclick.net/gampad/ Frame E450 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED85 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
22918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 08:54:39 GMT
expires
Mon, 02 Sep 2024 08:54:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0158 		829 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
7b0ee2a08ea40a06f3687661904c42ee8561efaa838fe96cedeacb547bb8ed96
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y7KFWG2IsoajnfnzXs7U6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-Y7KFWG2IsoajnfnzXs7U6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:37 GMT
expires
Sun, 03 Sep 2023 15:16:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame A719 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
84571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 15:47:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 321F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=4286829431659044&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2708 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9557609030447&version=m202307240101&ct=77&x=1&cor=3120932960450284000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame ED85 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
84572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 15:47:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0158 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=1553154380435623&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3862 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrQhgUqP0ZJFlvpmO7A-fm4moBQAAAAA4AeAEAg&bg=!5Oel56jNAAYHwnCgJ8I7ADQBe5WfOKgr8arEtxU70RZazM3TbJ6-KVz5O-2M2r1Jvac_IO3a6GdHGCt4TAPIa7bFAL0CAgAAAH9SAAAABGgBB5kC3IbBxL1FJGEvf_R_UlXjDTD16vJu7sCSZ1QedDt_XopOpppvqL1aPFGvPG26hy1Fcsgcs7qSILwfRpYPG3G3hW22GY3R_bqq_uktZ6HWidfFWsOOEyiKiZEsdDFWZSditDDIt5YfMS_Li5vY7FoBBAWiE1KOVhLyFLnl-ZLhQnVKBrHWidLyJWXS5F1nxdBUY_1OXv9HT0OLwCcyMVIvGm9Oi7l4uSBXe8TQYTf3J8aUDgxtjYZk5xeCgCMBrnOyZSmE4Jtp5AkbkqlfWZCvCbDF40nH9J1U4PtG9tWdsEQCGH79lMCDFlx316HgcEkk4VDGtZR1Qg5eiwYw5gWaFTgsFCJmPged-ISLVjLz72ERnjzg9ntCsvM5ox4OpC6JkunPUqqiAzg4RalNrTkiTGmtnEn6zIK4v79vD-TeOXAW3Dx5KUpTOpMNfSAeeo5VkYIGo63zY7_lGAum85_g3tgkV144yLFTPCZSW0KoX90ktl2CE-ey4YXLitTn7InEDzAGeD5W-tcQTxdQ6Wv74ltTm1Oi7ApTP-RZkmkF558tJLxj5H-oa1tKV-TYeJQAqSvNaMZ2KTl7Dqb3TCHrMLnab1hTyZig-BP2F8t6ZoDq9thpFRycKG-rBEeXQ40KcAJA8tpMoAHwNc0e0mt7VrNs0vC7myuvdxHYQzTcO8hK85ds4AKAHfGYYecO2DjYh69JlyQD_IearYu5w3WTaGrTC5DMhZAclavpbMoXZgufcTvfCyk_Vewv9orGbxcDpjswueZjqnj-t1tQI85hCzSjl0YzsKsqIR6NEA5AglXtYEtKUbDpe3ca9Xg_IzUTCoIyjceWK760Vyn3dVRpuTpDQd9GprQgVcxKoV5V4WZpyl1WenT24uBlXz13-QI9Bfvq84MaQ6LJN7BW2gTsNdowPig12J46CBZnA_TXHXZYhvRvoTk2hgPKNCdLMQeBfL9EsiCPPFPIziabuA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 27D2 		0
0
generate_204
tpc.googlesyndication.com/ Frame A719 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nTV91A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0717 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3bb4a5c88615728197c49d9c04e030c866bc81466d311288f6d8228aa917aafc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28955
x-xss-protection
0
server
cafe
etag
924 / 19603 / m202308290101 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:38 GMT
generate_204
tpc.googlesyndication.com/ Frame ED85 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Fvn0pw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ Frame 0717 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
84574
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129682
x-xss-protection
0
server
cafe
etag
12917394590533080382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 01 Sep 2024 15:47:04 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 0717 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3885464258486823&correlator=3016943641560287&eid=31076398%2C20222282&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1693754198461&lmt=1693746998&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=mvxclpovu2mp&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=233582600.1693754198&ga_sid=1693754198&ga_hid=382009131&ga_fc=false&dlt=1693754197344&idt=1108&adks=1911528252&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
327131bcab4da4c3e432111dfcc7a95a9ff802b229cdd02e9f3e3251e0e23b1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12059
x-xss-protection
0
google-lineitem-id
6336189971
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437415221
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0717 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
77cd2d5b812c8fabe4abb0504d092a15765074c4c76738a22a5ba7bfb8735cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11850
x-xss-protection
0
container.html
0cb707e3fdfe11d8962056daef24dda2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B38 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0cb707e3fdfe11d8962056daef24dda2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:38 GMT
expires
Mon, 02 Sep 2024 15:16:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B15A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMiAZzxU8pbAis2aXdEmnkDauziyDybN1gx03LCnMNMo6ADIjkT9NyZOxEGjUvCI-BEZe94-xjs0XSuWdZQSyuBBZIy5yoPU0nAJcPxDNerr1zwLuvY4unk0KdXDaUbfpGgFQHYHEgjUrb6tXV-GbhEFk2j8jsb8Z76oZNpDdNjhIOktKUbMUDXLx9cFGYepS7liLa_FqIF1EmcI5oLjiEGv4nQl3nmVUU9ogUxH-mtIXb4mB-0i1pm6lKTrfXWtVDrMnQCvYcAWf3UQUDkFywuPQnHTo6sZBxT3huHYi6h57XAJfOfvu1Fm5GHE4ZIjC5pQOZmZRox-fm&sai=AMfl-YR0C9RpLjeUWRF9UnfE8t2vO8AoBea5_T1tE18QlDUIwcRVTxS0F9PsAKykIAbPBKleEmEkJcMOjEEEMBBDWUibESuYEsfNY-UNkg&sig=Cg0ArKJSzIv4SXtQ8KwlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame B15A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 18:48:32 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:30 GMT
server
nginx/1.12.1 (Ubuntu)
age
73686
etag
W/"6499300e-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Sun, 03 Sep 2023 18:48:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B15A 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:16:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0717 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 15:16:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55EB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
22919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 08:54:39 GMT
expires
Mon, 02 Sep 2024 08:54:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9965 		829 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
1752ffd6e3a6849ed80dea23b03dc766a8335a2b01bd937e7609f45bb8077d1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pf1kqMZlp5XZj0vX6-BoTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-pf1kqMZlp5XZj0vX6-BoTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 15:16:38 GMT
expires
Sun, 03 Sep 2023 15:16:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 4CD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=4286829431659044&bg=!tLelt_jNAAYHwnCgJ8I7ADQBe5WfOEzoekPMIunO1SdzQT34nvG5m8vrSpy5bQXc1FFPusn3-U9mn_jyWxRnyT0EyFAoAgAAAIZSAAAACGgBBwoAKME9ZH5ST5fAFiiI1RLXR7Kj2sJMPlr36EyFLHhbdKKsCnAUFCFWEHeZAsE_qwb7RSY3iQEuZn_jSmdErltDK1idnH6qWEcxKsmE-LXEacuGfCJf1JDKG5E-mBNsYFkcUhETjMxiUvywKCqgYO5JlqbZ731-ojkxAw5fcIckPOgXIIilVsh9jpu_a4_heWQvPwR22o70tiZKlFvZEoOSXxvKgy8U8wnCDFDj5mo1r9YYatJolU1pkZtGMo4SFScy6LElVHeVUDjxN_QHlya0k6NhUQV4DH5E81O6x_TEGvFDM0cESBAjoN37lFUu0fes8lBShMVm6PYXRF0NLk1UoAI0MMzRwJPyreMWkZpDMU3Yai_iYkD3J5zubdqXcmcowOvjd9DKa9fHMLQDMf3NkpyaxXgXOUVfYceE1bTv5Vimk9Ah57BW852THMsdtPndwvp5P-9MEKxdNH2xwhhefnCfRCTHLgW2FQCjwlGD8Lhc4lcKCx6RleiftsxZgUEJf6s0Vux9VAU6yaD9a0CuO03FoUBGLcec-0XGUBTn_Thw_fQ82vlZuoI8VkKsS5Q53lTO5z_7WvXdNjedMx4aW4vZ5H6m-nZsJOo4wNlEu9jFtz6ynMRAbZCy-ccrP3eyzcJfA78_bMP8Vfs7a3h4tUasQDdYTi124FfDYv8BGGwumyvjiw0laJAeK16ZGwGXeDPTzuXjQoHdpucNf3eG4Skt3eR-pKeKdenuPNqSV0a6I3BkStApOtNMyg39UIUEMNtZZHbQZ9uCsyA_-YI2JVaDZ-fSP1sb3Ur50n9Zh_89HvXOcFIl1ZNGczukYtQ9DNoC_elrrKbGYe84s9GEsicFytvjdJlro04VDMCtPbMym2gVmLQUhdmhZbqSVzHTKZhgkoVITqLbgcI2s5QuXDIYxpzG4w15nALR_tLZKUV-c_HuZ1Y1YuuV_cp8rFm5YfOvQpD72ATiYHtANd5CkB0CPiMNpP9EVMAzD3Y
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B11 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKhY1UdkPV5-kFUcmESbJtyuvPxI7uzF5mEOoN8BfMKDUgctmc1kmu6nV8qGfPwM_KXkrWYKmOtQTb4N_-HTYNLoo_lqI2J5LtUH4Gp-4cvDg&sig=Cg0ArKJSzGNOlRe7P-qZEAE&id=lidar2&mcvt=1009&p=0,0,250,300&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=1645240580&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693754193231&rpt=4478&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B11 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1573491175892&version=m202307240101&ct=77&x=8&cor=3937291791478477000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
native.js
s.yimg.com/dy/ads/ Frame B15A 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e2-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
TTDYKK1XM0GA2VRY
age
333
x-amz-server-side-encryption
AES256
x-amz-id-2
aH5FoLFdLHq/m5Pv5TcDQMJljj+ppRE48qZOit1iL4dxFRTQnpvqCgfbYkL8W45af64P/L5ioPU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
truncated
/ Frame B15A 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89c78a59bce2122aa68b8f020984abe78de5717885190295cd5fcc036e48caf7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 3F18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=1553154380435623&bg=!FxSlFFvNAAYHwnCgJ8I7ADQBe5WfODEr-KuLUPd9EDQg0-Z-fIvpCHXkXFl8xpXRYjwPPgZm3u1Qo7s8_cy0BH2rjgJ2AgAAAIRSAAAACGgBBwoAxfe9ESJf69XzRZG1mL_Gt5_VOaVH3Dip72hJmFBvI-fp8isGT4o8a_msHKVimteoPFNpemXc1fKcNyWKHjNIzTAVfdfGtYNHOBRrre36d6it8oiVZGdnCjzypVO0ejINIeSzgD88IUT6pQv9KxhQbqcHs1wqewQD81fzDknLL4LYWYHX66IJsYTfu0QNcyCKwuDyx16GEQr-VC2aPs14sChzTUKwlH_ZOcD5xF085N5fByR6NaPRQepwmmbwWyKBe7XnqRnBmQLBgXQXQsppOze07CtJCTv7P3drI16mZKbw6LOLlsvw8SXux2VWZp78vTyHHmjaiEwtB-Q_TFT4Nw905oTfrQsi56k60e3bW7gYw8t4iTF-5rjCmGTh22QfEtDG1McMFonXexTQtWehyMwn-ZFm8muT40RCFony1J3iCXfIg7wfNCNh9Ipzfeal_83QcN_TeEeak8LWEjlU4Q08HF_QFVGX-vpjtwho3IU7ly4h0yOpBaTdXYs-lgwxkR_R9s_ae6UModWdZNXsKugmrABtjU7J1lhY7bMYy7choTW2U2lCtWrH7yhWOZ_oWSbrz6UY2R0c65Apg2vve7ShetQszVH2FmDzE0ojOWBPxNWiTFdy-86Gt4YIppUYelNlwOUijTs55wUlY0PqQ2ppGyx5vDai7tX-jQVX9OYx8LKhQ3INelv-DwUqqW8kAq-CXqOG9WsxbzW7DNeD_DXAaDik_W_jTUMgO0V-wF5PrtHm5YJoFUUJE9NTOnsql362ur6emYePGs1Dhj6_7V5OpZB9pxj59U-h-Veskq1imXLO6jyxsxFxSISkWe0fo9pkOLTMs6eGqV3F70iYDaf5xyyFVYt-znpdfIp7Wx86kFLtjQzPSnIJaauukWr_YGr2LyYWAuRrXP_V_VyFZ2i7LYOp_SjEmh4NFKV0oB2JILxsH30Pe5TBSeCYugk4QYYLYzd03Yqzq1oEvP_rTbkAiyZTkfbDX_QnEABsNS8KXjABLz7mOAlBSC2io1nj2mlnQ_GfSCqtyZKwsYqyNZGzaZgOei2GaZfKwp7m_EaGhMscdsUM6g0uAX6cq770-CInhNvRNClAWDzZAiDf83FQ6-WJH3vbWwwU21d_hnE8SKwXcW3nX2RGVluPlot8_huKP_PyxjcR69BDX7hXGMK6uJ3JACp4BLyYIFrpZ8hTeDhaD3AfkvfI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9965 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=3885464258486823&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 55EB 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
84572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 15:47:06 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame EA3E 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74627319&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9833f5b731f730286283a8f2c0b131ed747065f7d8d917491bfc641e5be294a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 03 Sep 2023 15:16:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 1EAF 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 03 Sep 2023 15:16:38 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame EC36
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3756744799350472698&gdpr=0&gdpr_consent=
0
0
/
dsp.adfarm1.adition.com/cookie/ Frame F2A3 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3DA0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TRzXViOTUS1rMEklYY4qvp61b0Q&gdpr=0&gdpr_consent=
0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 2FBA 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 03 Sep 2023 15:16:38 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230096-FRA
x-timer
S1693754199.905667,VS0,VE89
sync
t.adx.opera.com/pub/ Frame F748 		0
0
pm
match.prod.bidr.io/cookie-sync/ Frame AAC7 		0
0
/
csync.loopme.me/ Frame 5584 		0
0
usersync
usersync.gumgum.com/ Frame 615A 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=F0861002-F5F2-4B4F-A10B-B54C3A68032F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Sep 2023 15:16:38 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame EA3E 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F0861002-F5F2-4B4F-A10B-B54C3A68032F
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:39 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
800ef482096cb8cc-AMS
access-control-allow-headers
*
content-length
95
info
uipglob.semasio.net/pubmatic/1/ Frame EA3E 		0
0
/
pixel.onaudience.com/ Frame EA3E 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame EA3E
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=34716313a78217b9&is_secure=true&networkId=17100&version=1&nuid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM_m5xPPUAfwNBl-gPAAAAAAA&expiration=1693840598&nuid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame EA3E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3569158016234090306&gdpr=0&gdpr_consent=&us_privacy=
0
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame EA3E 		0
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1693754198902&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1545&pt=809117588&tz=120&viewable=true&ddast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2cc7c33ff9feb502467275255530ef4e63567399710e88118e79634935cd70a3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:38 GMT
content-encoding
gzip
server
nginx
machineid
1411
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 55EB 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?P-pKjA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame E450 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=621746384544444&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=EFBA2176-FA43-423A-8934-C96B4C3E7253&a3p=EhkKCnB1YmNpZC5vcmcY4uX33KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOLl99ylMUgAUgIIZBIZCgp1aWRhcGkuY29tGOHl99ylMUgAUgIIZBIUCgVvcGVueBji5ffcpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOLl99ylMUgAUgIIZA..&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dlt=1693754174812&idt=22121&dt=1693754199104&cookie=ID%3Db2e9173362228d07-2255a67565de00a2%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MbbDeJ9nE8XscsTQ8j3Ib-ahYAx-g&gpic=UID%3D00000c6dca0ccae7%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MYfhGD6x1qdfYajfXiN0iBglyUzoQ&scor=1261144809161841&ged=ve4_td24_tt1_pd24_la24000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E450 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0717 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=3885464258486823&bg=!l5SllNvNAAYHwnCgJ8I7ADQBe5WfOKgrud0SE2XpXlatDXrZ04gEfE4PvJv-hpMXOngDCPBQdYj4SkgIbox8EmsR7o7sAgAAAGBSAAAACWgBBwoAbYoES3i1I36D-jlk4zHhYRnap8vE58EfV2eUiKgkVhj8WTC3naZgo37Ayu-gl9o46DmtgR8kO2TWuoI3jT3vNXh1E0PXWCQfc3WPp2tOMo1AQZOSvNiubj8lV5Jb-uNg4C8f_K4nyPOy-yfZHxqZAvVSAY5x_lFE4Ic8qPQgGVDhIFzAnliPi7sMXOxSgLZIHi5YKs2z5dhvwgsf3-2Msb5UyiZbK4LxwGLYLHVgoDjgCYITF53HlLgB3tCFpm19TV-p9rdHx0barArdLY4dDnAu3EqnETjPO_wzwQRgvNYRRjTpTVael9yVU9HP3hAYE23mOm4yVMtTJf_Z98C7mACwTOyinctnHNiG_1nSNPjr0fiExNkszzJ9-55Z9-vkKA16cwxddhDK-zjlIAL_6ASVKjbZVj2nMbcQJAugqgUZu1sDCcJTiWJMWzwzGddB4FRMd4Oq6HEtQreWecFEXLkc0HFckybTK8S7blmz5kMVJjKYP4gX8Se0FQaTmMHrMYrc-sCMxoIai9r-ZR-c4bwlYwsDCvywDYVyhxzu6tenWnzsjEm-A9AGd_BboogtnfHRe8k3_KyQEZsihxjy0mqEY7dK5o_cBZNaoqUrHRhT9CYfL5oK48YwFMxIaYMPMZ0SBKZqtxDk4x759rawJES30Yy6lHPXZHU5VFZYWnM8ORqViKRxU0MUmswxMeaZEAwYHMm07H9UGJVgDeev5kJ66z6nHTcpFWsibnwHS9fGiYD6vynCD2kgjHDmWDXps8MUXef5dyW_FGlEasLiz0NDQ3_6WFVVZ-6LrTPCDnG2rDRUjhTdW2Agcxoz_9JLIa_uO4g-4TvZ3jl7sz5voArrsuCECzXRP_ndESVxvJFdNGQC6OgMbtvVk1O2Ptx4AzV-xtZfv0-bpOMoFWcZVTj709VLc8Bnz2fJ203M0vZL_tSn9OV8MMGaaWAwlOHeWUtoTAc_NmZpAWAZE91FJTgre3z_DmUoHRhROs6TDnTumZDYf_WaE9mGrdFc0MIYtR_ledhRYm8Idmeff3fX6lzfRiB1RThLehcqY6XZRUjeZ8-_F3Fk9MTSXHaLvo1NZCf7ogtgaQs51nOoecop8C-89OHgciuPt9Z-W42msUeUeWb9lLt_grEMDO4r2dkV7IUCxfLp
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame B15A 		0
0
b
geo.yahoo.com/ Frame B15A 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame B15A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSxKDEhp0ZRT9PS3hpliH4emUrm1UBGNKxOkohNso1hi0uxhbT-YcdoFZ-tOYwsHv8tRQPblANysFmGskm5rOM7pTaAWo46ThO5xTQCuYCdhj0vetvlIWnZoZJdDh3MQ0khwWKM6lSJo87l8ous8CiRkjq9LB2JtDGMKbPCXD3E3qMlae4-HA7cel7lXpMHkaJJEcMXC6HmWMRfptYU58C4NVPa0dosAlWS6_w852ivg1_3-bCcmnWVplL-L_eKw-gCQUoaigz_5MS6PR7oCvbdu3zWZAPc6KD0QEqa0tIbcJT5q6-EYuWD-_pF67R4ijZWnxSpo7kGtnN85U&sai=AMfl-YSRizaxslG47KRxqle5D9afTxKt5OYFy69fhq9qg7B1Loi3ds-DbcgrHDNB1xcIqbI3NHYzoQkdN7zPMTFsU6Jdvfs4JYFHLquqUw&sig=Cg0ArKJSzIhMtbd0iCUAEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 03 Sep 2023 15:16:40 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=509&cid=1349050420.1693754193&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1693754195&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dt=%E8%8E%AB%E5%BE%B7%E7%B4%8D%E5%89%A9%E4%B8%8D%E5%88%B06%E8%90%AC%E5%8A%91%EF%BC%81%E7%AC%AC22%E8%BC%AA%E9%A0%90%E7%B4%84%E4%BB%8A%E5%8D%88%E6%88%AA%E6%AD%A2%20%E7%AC%AC%E4%B8%89%E5%8A%91%E5%89%AF%E4%BD%9C%E7%94%A8%E4%B8%80%E6%AC%A1%E7%9C%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame EA3E 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:16:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame B15A 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst718Dr7MFw4vpq3qq2OJlnqWX0QhnSAFw5UJKrpfA1Tp8T9VchD2FHuv2hdNgD2hXxw5g23AqJWwh9LIJtGqeGypJ7bs246adtAIHR2lOTx54Ma3fNjHxztLzpTcLy&sig=Cg0ArKJSzK_ARpZypG9kEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1911528252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693754198583&rpt=1894&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1693754201902&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1545&pt=809117588&tz=120&viewable=true&ddast=V8uZMCLAb4CfbnObWt-xLwE-zPc2pb9y0AAABgYID-AAkOJxPPbDRaqzajhVu0sjnXCsdu4VZ5bIPVaDFzLlbGISDB4WTimY1Ga9VmtHCLVjbnWuHYLdwqj22wGi1mzsXKOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ1aDodPte9Xvf73SU-z1zj9yv8ar9b5HLLHW7N0WX3uSWut8jhd8vWfrfU6RY53ZLJ2HV3K19v5evlljrtbt3rLXW63NKj0y1yujUPu1vqdMtcb-nr71b-7T638unWON1ah90uNL3NdgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwPAMweCMTrc_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHEAohJRdFKAgJIgW_RRgBAAAA8Kx9IzoySSeoWFT5___vtwJwBQAgQHGrcxgqi-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEHXClqPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389IOMx7haz5XLmWfhmk8XCNhuNXBOHwzgzWSyuxcx72I5e7VoEI-f6bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwcjItzFtPAu3YrNbrUWj0WYtnIxWa81gY_JMHK7hZrNbi14f08Xlsgw3pi0SDNjbi-RpkU4UxuVmuViNRrPlaLTYmBwWl8W2WZhGHpNvOBitJmKJ5mSRTmSXfcdj3C1my-XMs_DNJouFbTYauSYOh3Fmslhci5m_MvJtTBvPwq3Y7FZr0Wi0WQsno9VaM9iYPBOHa7jZ7Nai18d0cbksw41p35gtN7vVaDEc7Buz5Wa3Gi2Gg32HzvBdfc5GZVkl-Zi8GnO5PLs5DQqXweJ9qU_nYcFYUE87R6fKIVN2d0a_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hV_vdIpdb7nBrji67zy1xvUUOv1u29rulTrfI6ZZMxq67W_l6K18vt9Rpd-teb6nT5ZYenW6R06152N1Sp1vmektff7fyb_e5lU-3xunWOux2oelttoglgtNFOhG9jKeL-o8cYjWcK4aLuWKxmMuGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBPQHsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgWxWAyG-wegQqzVanW7sVarFbBAlqPBaAL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f9fafe1cd65a067dbe753560a67a7c7220f710b9ece3a08ccca44888f775564c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:41 GMT
content-encoding
gzip
server
nginx
machineid
1411
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://ioms.bfmio.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
getmu
ioms.bfmio.com/ 		49 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.bg3.co&i_type=out&stream=out&playback=2&cb=R0.1693754202025&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.156.9 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Sep 2023 15:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202202/fdda00450582e5b1adb74cc47b63b93f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/55423c8fb8db5268f9414326229d7589.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202108/a811260246202625831a44f4e78188ce.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202202/c2142f7e64c5bf09ab31e363bbe081c7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/241c67517315d06d91e7c882f8acc28d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202201/8be953d9ae8a509d527319885d087d19.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/241c67517315d06d91e7c882f8acc28d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/a2ed9e8688acb634c22de80a96080bda.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202202/229809f05bf315b2ded468b3e83b68da.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202202/cbca490a70cf2b15ae15f249aab788bf.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/9c34e2d1550239e7238fa97881a321a0.jpg?w=150&h=100&q=100
Domain
cdn.id5-sync.com
URL
https://cdn.id5-sync.com/api/1.0/esp.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.ids.js
Domain
oa.openxcdn.net
URL
https://oa.openxcdn.net/esp.js
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Domain
rules.quantcount.com
URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-LceXZSHsxjNJ4c_roYL3VA&aip=1&sid=1693754193&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%8E%AB%E5%BE%B7%E7%B4%8D%E5%89%A9%E4%B8%8D%E5%88%B06%E8%90%AC%E5%8A%91%EF%BC%81%E7%AC%AC22%E8%BC%AA%E9%A0%90%E7%B4%84%E4%BB%8A%E5%8D%88%E6%88%AA%E6%AD%A2%20%E7%AC%AC%E4%B8%89%E5%8A%91%E5%89%AF%E4%BD%9C%E7%94%A8%E4%B8%80%E6%AC%A1%E7%9C%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-LceXZSHsxjNJ4c_roYL3VA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.9056466334577977&gjid=0.6734727941221783&_r=1&a=509&z=0.10109654921973932&gtm=45De1110
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYyAg4SOAI=
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
Domain
ad4m.at
URL
https://ad4m.at/r62eglto.js
Domain
sync.bumlam.com
URL
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb8148254eb40af3f0000000000000000%22,%222%22:%220xd2e172846a26243f0000000000000000%22,%223%22:%220x51ea06745050e7cb0000000000000000%22,%224%22:%220x71660dd9bafab4570000000000000000%22,%225%22:%220xf87e01c90ef8c8570000000000000000%22},%22debug_key%22:%222290743413156476604%22,%22debug_reporting%22:true,%22destination%22:%22https://orellfuessli.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22978673102%22],%224%22:[%2209-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215206326015782925569%22}&andc=true
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=&gdpr_consent=&us_privacy=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28CBwx_e84aYGp15AqaR7bk8C98-bhQyy9jyOQ70aefvzMHJ__VK1PJ8c2-lVcmOyc%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28CBwx_e84aYGp15AqaR7bk8C98-bhQyy9jyOQ70aefvzMHJ__VK1PJ8c2-lVcmOyc%29%26gdpr%3D0
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9f6850b7-8f2d-4452-8542-74288d6ca8f3&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sad&i=1652886196918596719
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAITZ07rf10cgNLbDyVAAAAAAA&expiration=1693840597&is_secure=true
Domain
i6.liadm.com
URL
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPSjUrG66UqZj17.PwqaWAAA%265157&gpp_sid=&us_privacy=&gpdr=
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZPSjUvUhxp3GT8zay8eZTwAA%265127
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/minutemedia/?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__%26ismms2s%3D1
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D%26ismms2s%3D1
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0QmwkIYO45bKXLWS3gz7l9UE5JTKDrWRhg1iGEG2
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4209624951218091518
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HF0Mwi1E2uVOz6vDpWYDTNeip8z6zEU-~A&gdpr=0
Domain
imagesrv.adition.com
URL
https://imagesrv.adition.com/banners/268/01/03/c1/23/Mueller_Multimedia_Emotional_300x250_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPYHXUKP0ZIPzKpaPgAeK75GoAq3wpd5yn57osYgR2rbi75o4EAEguoTAM2D1hYCA3ATIAQmpApgq7ZfxFbI%2DqAMByAObBKoEjgJP0EgHi9XSX1D%5FdsAhBwclnD5tl7YtsE1AwcWmfuUy0paizrw0hI7vxXeVVaDiSv9OA104d75GMmzE5f9vCmacsCzYQxpqNQ1co0mRFZ7UFFCesBSWi4Gres53p%5FXi0Z%5FcICFnudn79BmbCk1YW15%2DbdXqwpelsYa3UvF1kDNa3MHh3BXLU1%5Fcsc8YJ849uKZ6W%5F3y5kQSJezbwgsA7XVTs5QcQifdVuq%5FYYK8VYXP2nJjlAoIfVyQLw5FYcPyi%2D3%2D7scUrtfYz2kTu23eoFTByB37S2H6y4Ka3k3cpVLy6vh9VeuOOZois2sO3sIZYnNUNUS2YIJNFjhrytWywU%5FHtrlgs9TBSIu%5FBZqUJ0%5FABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQGwE6PF0xTQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWsaxQw0DE864h7aSm2baS%5FPH9CkYyXgYmAmVhKpIU6SwufBaCihus54qM8WfnuqGUuPFElXE%2D1xgB%26sig%3DAOD64%5F0pIWoNQ2zcjaPScDPAnJmGkxeaEg%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DCj3eb1AYz%2DIbHSr01ipLive8MDohGv3BbbCo4WCXgva35vo%2DfU5%2D4sT9wqGwCAxKTfXsn3ht5rCbgyeNcf3EEveH3sMXL0pVLFUOZ1bnVSEqVtOg9Vh3moTetF%2D%2DdLlekJrw4M%5FZUdIUgt%5Fahoaw50arN0ZD40zxvUcg%5FZGVzvU%2DlpVuU%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCC%5FEw3eCpLC9VyUxZr4FQOExocX1%2DDl0O4gU8lDs7rXSpoiP3M2lIOT6YSQ6bX9%5FXNqz%5F8TAcwQ%5FquscX6YtAgQ5KL47DI1txzYHwTj7YS9nX%2DvQjiCMWzfdCr0WxulwbGDw5e%2DMeWFf1YBTy%2D07ZLUjcq4mhnCGMvb0sqS5nDSqjEnJWlULiFUHSxJHIk2y1maZWDJqCbISLfoIWeWcxumrMEEWwWMk3dqnGDpElwFJWpgPW8MUSlRP5vezNv2pB2SV2%5FzZGM2nPGdedQrt%2DHbN1L%2DJ4O%5FebNj%2DwMXGueroOxVnwjgSORj31jYYAEreC96bTm15Cv93BQv2J840pHawD4YjbN47Pfakb9mNU%2DHVYiYaj4343MckoB4bfuOBAfNaVw70hWnf8t5iPT36yaXIVGAuK22ULGEMdtsZ6b0UXLIO9BjBLwtym%5FC8rquFO%2D9Yp%5FGzIPVJnZmnRKLbn%5FoeQ%2Dl7t4pcjKTrBrhZ43NJOdDdeOUUxIRAd8BwzUn1Ejq%5Fonsp8CpDw29%2D01Zmlldz0n5vaukKFsraCZ27PSYPm6WMoZlloGMSvvjh3Pl3iuJpCNT0AcXHK8rSABYDeh124E%2DfrLyX84halx1OAM1YqMXUiYCDXsgIMYlWWdWYjnywGdoHM3brynDxW%2D%2DTv97GaJzSR%5FZyizvJ0LmuJSuD%5FQI1o%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7274618870703131658%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274618866413865994%2526sid%253D4787111%2526kid%253D5626024%2526bid%253D17068013%2526c%253D31267%2526keyword%253D%2526gclid%253DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7274618875005373197%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7274618866413865994%2526sid%253D4389193%2526kid%253D5609187%2526bid%253D17023267%2526c%253D19848%2526keyword%253DPACS%25255F4787111%25255F17068013%2526gclid%253DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIg9v4h96OgQMVlgfgCh2KdwQlEAEYASAAEgKLTfD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Domain
imagesrv.adition.com
URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7274618870703131658&btr=true&pos=top-right&cid=558342&aid=558342
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb8148254eb40af3f0000000000000000%22,%222%22:%220xd2e172846a26243f0000000000000000%22,%223%22:%220x51ea06745050e7cb0000000000000000%22,%224%22:%220x71660dd9bafab4570000000000000000%22,%225%22:%220xf87e01c90ef8c8570000000000000000%22},%22debug_key%22:%222290743413156476604%22,%22debug_reporting%22:true,%22destination%22:%22https://orellfuessli.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22978673102%22],%224%22:[%2209-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215206326015782925569%22}&andc=true
Domain
stream.unibotscdn.com
URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/playlist.m3u8
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=48048000099369204438458012436020&pv=1
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=48048000099369204438458012436020&pv=1
Domain
hal900020.redintelligence.net
URL
https://hal900020.redintelligence.net/request_content.php?s=48048000099369204438458012436020&a=917ffd6f
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=48048000099369204438458012436020&pv=1
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtXoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
pixel.quantcount.com
URL
https://pixel.quantcount.com/tag/error
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=4279904964962375&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=EFBA2176-FA43-423A-8934-C96B4C3E7253&a3p=EhkKCnB1YmNpZC5vcmcY4uX33KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOLl99ylMUgAUgIIZBIZCgp1aWRhcGkuY29tGOHl99ylMUgAUgIIZBIUCgVvcGVueBji5ffcpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOLl99ylMUgAUgIIZA..&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dt=1693754196985&cookie=ID%3Db2e9173362228d07-2255a67565de00a2%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MbbDeJ9nE8XscsTQ8j3Ib-ahYAx-g&gpic=UID%3D00000c6dca0ccae7%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MYfhGD6x1qdfYajfXiN0iBglyUzoQ&scor=3190431030151483&ged=ve4_td22_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=4279904964962375&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=EFBA2176-FA43-423A-8934-C96B4C3E7253&a3p=EhkKCnB1YmNpZC5vcmcY4uX33KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOLl99ylMUgAUgIIZBIZCgp1aWRhcGkuY29tGOHl99ylMUgAUgIIZBIUCgVvcGVueBji5ffcpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOLl99ylMUgAUgIIZA..&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dt=1693754196985&cookie=ID%3Db2e9173362228d07-2255a67565de00a2%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MbbDeJ9nE8XscsTQ8j3Ib-ahYAx-g&gpic=UID%3D00000c6dca0ccae7%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MYfhGD6x1qdfYajfXiN0iBglyUzoQ&scor=3190431030151483&ged=ve4_td22_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3756744799350472698&gdpr=0&gdpr_consent=
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TRzXViOTUS1rMEklYY4qvp61b0Q&gdpr=0&gdpr_consent=
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0861002-F5F2-4B4F-A10B-B54C3A68032F&sInitiator=external&gdpr=0&gdpr_consent=
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=214&mapped=F0861002-F5F2-4B4F-A10B-B54C3A68032F&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM_m5xPPUAfwNBl-gPAAAAAAA&expiration=1693840598&nuid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&is_secure=true&gdpr_consent=&gdpr=0
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3569158016234090306&gdpr=0&gdpr_consent=&us_privacy=
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm3limjy&c=3781666188718&slotId=1890833094359&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
ads.yap.yahoo.com
URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0
Domain
geo.yahoo.com
URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| documentPictureInPicture object| _taboola object| adpushup object| ucfad_async object| unibots object| TRC function| _typeof object| _tblConsole undefined| msg object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| adRecover object| regeneratorRuntime function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| checkPlayerShouldRun function| runCMD function| unibotsLog function| unibotsCustomGA function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| unibotsPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| checkFrameandInitStartFun object| ucf object| request string| paramsString string| nam object| placementData function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun number| ampAdSlotIdCounter object| cmTag undefined| $ undefined| jQuery string| currentState object| adpGlobals object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| _cm_wfCounters string| lastWfUrl function| jqAlias function| runAnimCheck number| measureInterval function| clientJsFunction object| s1 function| clarity object| google_reactive_ads_global_state object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| ggeac object| google_tag_data object| _qevents object| listeningFors number| 3pla object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries boolean| descriptionPage function| startCMTagMain string| category object| google_ad_modifications object| google_prev_clients object| vttjs function| WebVTT function| videojs object| dataLayer function| gtag undefined| google_measure_js_timing number| google_unique_id function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer function| quantserve function| __qc object| ezt object| _qoptions object| googDdmPs function| videojsIma function| videojsContribAds function| videojsPlaylist object| $jscomp object| canAutoplay object| google_tag_manager function| onYouTubeIframeAPIReady object| __uid2SecureSignalProvider object| __uid2 function| isValidVideo string| myPlayerGabywa object| oldScript object| attr function| focusFunc object| closure_lm_633563 function| prepareAdRequest object| closure_lm_817059

137 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxCBFg
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D2d7c4c3a-1375-4443-8245-30cd3ba58337-tuctbee28c4
.aralego.com/ Name: sspid
Value: 963a1a30-1217-3d49-82f2-83d501b0fb73
www.bg3.co/ Name: __AP_SESSION__
Value: 5e8ce1e0-006d-40dd-9403-54f5c4f249c7
.rubiconproject.com/ Name: khaos
Value: LM3LICXH-1G-7O8T
.doubleclick.net/ Name: IDE
Value: AHWqTUmWDdJvOr6WBnE1TMsWK_JQ7bQ24qKT3rTwXEXSMLaZfysqfWiVTDeu05wz7kU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&3ea67326-5801-4a75-8bb6-6e267a879651"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTM3NTQxODY7MjswMjFPnXWuWrVaBYP92S3XUui3ochN8EDgRDHgRJqIDNZiBA==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2623:u=1:x=1:i=1693754186:t=1693840586:v=2:sig=AQH_Y7ADA-2zxvPUECGlYAqQ_eUWjkdy"
.yahoo.com/ Name: A3
Value: d=AQABBEuj9GQCEFuRjZ9zHtMm4x83NNzk6RUFEgEBAQH09WT-ZAAAAAAA_eMAAA&S=AQAAAqrpqHidlA-CdYZ_Dgya6pU
.amazon-adsystem.com/ Name: ad-id
Value: A1Vk5zb9KEBngzXXstHfjGY
.aralego.com/ Name: euconsent-v2
Value:
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: d7cba6b1-992a-4483-b721-a2ceb0745bb5
.prebid.a-mo.net/ Name: __amc
Value: 1_1693754190_1693754190
.omnitagjs.com/ Name: ayl_visitor
Value: a10820a611987ec1479939bf60ec0ac9
.teads.tv/ Name: tt_viewer
Value: baf3e2e6-1698-4064-98e7-f3eb2e356df4
www.clarity.ms/ Name: CLID
Value: 7cc1125438f947a3b3ff87b43ded8345.20230903.20240902
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-03T15%3A16%3A33%22%7D
.bg3.co/ Name: __gads
Value: ID=b2e9173362228d07-2255a67565de00a2:T=1693754193:RT=1693754193:S=ALNI_MbbDeJ9nE8XscsTQ8j3Ib-ahYAx-g
.bg3.co/ Name: __gpi
Value: UID=00000c6dca0ccae7:T=1693754193:RT=1693754193:S=ALNI_MYfhGD6x1qdfYajfXiN0iBglyUzoQ
.adfarm1.adition.com/ Name: UserID1
Value: 7274618866413865994
.adnxs.com/ Name: uuid2
Value: 3756744799350472698
.openx.net/ Name: i
Value: 037e5aab-1322-0e4c-0afe-e927685f1fe1|1693754194
.acuityplatform.com/ Name: auid
Value: 822682057993
.openx.net/ Name: pd
Value: v2|1693754194|gen0vNvQiygu
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: mc
Value: 64f4a352-ac691-32920-3c5a0
.servenobid.com/ Name: pid_337
Value: y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
.adfarm1.adition.com/ Name: lv_5626024
Value: w=4787111|t=1693754194
.servenobid.com/ Name: pid_312
Value: 3756744799350472698
.casalemedia.com/ Name: CMPS
Value: 5157
.bg3.co/ Name: _ga
Value: GA1.1.1349050420.1693754193
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1693754195.1.0.1693754195.0.0.0
.adform.net/ Name: uid
Value: 4209624951218091518
.lijit.com/ Name: ljt_reader
Value: HQo0pRZHSTrO5TO2SZmI79TD
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 3f14bfce-84f6-52f6-90ef-28fbf41b8ba9
.betweendigital.com/ Name: ss
Value: 1
.gumgum.com/ Name: vst
Value: e_9f6850b7-8f2d-4452-8542-74288d6ca8f3
.bidswitch.net/ Name: c
Value: 1693754195
.bidswitch.net/ Name: tuuid_lu
Value: 1693754195
.go.sonobi.com/ Name: __uis
Value: deed0c55-e9a9-493e-8fbb-24a7b48823f4
.go.sonobi.com/ Name: HAPLB8G
Value: s8629|ZPSjV
.us.ck-ie.com/ Name: CID
Value: 3ca8ac0b8a7c693389edb37ddd070e20dd7ce7f0
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjcwNLE0MDQ3MRHiM9Qtz8xP9vbONDSprAoFAKzDTeIlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjcwNLE0MDQ3MRHiM9Qtz8xP9vbONDSprAoFAKzDTeIlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmlsbmpiaGlqZmwEACg745AQAAAA
.smartadserver.com/ Name: pid
Value: 1652886196918596719
.servenobid.com/ Name: pid_317
Value: 73212786116310196
.yellowblue.io/ Name: wrvUserID
Value: tu9Y8sp-Cp_s
.servenobid.com/ Name: pid_339
Value: y-BMadPc5E2uFXG1Baz6NC3l_CApyAViGezd1mTxI-~A
.minutemedia-prebid.com/ Name: wrvUserID
Value: HU9D8spzkp_mm
ads.smartstream.tv/ Name: DID
Value: b131bdeaccd375b8e8fbf4bfed202da2
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: f04852f682edafa6
.servenobid.com/ Name: pid_318
Value: U3yxCFkwLfql2l7A-00T6dVbjZstyNVTj9Iggice0cc
.servenobid.com/ Name: pid_333
Value: ZPSjUvUhxp3GT8zay8eZTwAAFAcAAAIB
.bidswitch.net/ Name: tuuid
Value: 6647b860-18ca-4b1b-9ff5-baf4bd62817f
.servenobid.com/ Name: pid_324
Value: 5140084927014901744
.servenobid.com/ Name: pid_310
Value: HQo0pRZHSTrO5TO2SZmI79TD
.servenobid.com/ Name: pid_332
Value: deed0c55-e9a9-493e-8fbb-24a7b48823f4
.servenobid.com/ Name: pid_352
Value: tu9Y8sp-Cp_s
.3lift.com/ Name: tluid
Value: 1815395141153584143645
.onetag-sys.com/ Name: OTP
Value: ZiMSVoxSGvvH1fxtFzoXY-Aksgm3F9nu_jFVIGXZ2u0
.adfarm1.adition.com/ Name: lv_5609187
Value: w=4389193|t=1693754195
.creativecdn.com/ Name: u
Value: LZ3JqfLxRWDxivCS5VMX
.creativecdn.com/ Name: ts
Value: 1693754195
.casalemedia.com/ Name: CMID
Value: ZPSjUvUhxp3GT8zay8eZTwAA
.casalemedia.com/ Name: CMPRO
Value: 5127
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.betweendigital.com/ Name: ut
Value: ZPSjVAAAPoCIGWn7QXO1kxjv2cBd3GoRvzxrBQ==
.smilewanted.com/ Name: sw_user_params_infos
Value: 4XRngWxuo5%2FyxESt71%2F8U05wS8Puqxe1Gnrd0RV0u9SHj%2BDtsQG72jFp%2FqXYuS0HV0QXdx%2FWormkZBKax9YH6fvSuY8b%2BbTO0cG7qR7qpQxxNz3SaXm2plI82HuD1Nys6xczzCNEyeGv9juHhw8SkzsnfpRA1QSH83vs42qz2R3EBPubvtLqdXzcVtIuz%2FgkC%2FC6GE7uufusoAs%2BFDCH96CwzMjzAqEiQOb4n5LNjE9JKNvUj9H9rqgept0te6ufrKRSmjmrXtupUeOFh%2BZ0RhLBMTTpCAHkR17knR117p9DOpIeDYYyBv%2F4p5bvUh98%2BhcRl6nldystbbRXXME%2FfRMzXJpDy6uYx6ebZsAIwW3NIslUW8%2BWgrYuTRSNGLqvnWbLS4Ma1w5PiZtygQoUCw%3D%3D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPSjVAANgOzdVQAN
.quantserve.com/ Name: d
Value: EJ4BEQHuKfijCJiTAA
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-0fc48e17-89b8-382e-b8ba-b992b8f39d5f
.servenobid.com/ Name: pid_316
Value: 66E76FC7-1C1F-40AC-97A4-39CA7D79A957
.servenobid.com/ Name: pid_353
Value: 0000EEA
.turn.com/ Name: uid
Value: 3569158016234090306
cm.adsafety.net/ Name: UID
Value: CM12023090315a46acab80d524032008
.adsafety.net/ Name: cm_uid
Value: CM12023090315a46acab80d524032008
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvbE5BVXA3SG9IYXlXZk5TZDhNMHJ0a3BHbElFWU1BL211UjVFVk9MdEsvVVA3OGNWdkIyMDJ6MkltMHc4N0QrbVE5cDRoVHhuVXlKRmk2aFpBeVpYdGVwNm5lQzV2ZEo3eVhzZWRHUXRoNUF4S1hRSzhCek9iS284bS9uRE1EWHN0WVFiUWh5NU12RlRXYkh2Qk5FZEFxKzJYM3NtSlFQeXB5QjZxaE1IVktReVQzZDdMMyt3djBRYXRZeTNEeXZJME9aTUg3UDF6NW16ZUNBNXVqQ3d1RnNFelBwTVlhZmFFUmNTWXJJTmx5Z1A4ek82c0MwSjNwNitrWjZUOUgxYmJuWk1KSkRQTWcxTDgrSXZGYUpvZ2pRVVZsdklYcHczUUt0Z1BwSnpEQXZvWHJsUTYySnRaTzVtOGtKOHpaSGVBPT0%3D
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_a6fa8a8b-ad2d-4231-ae98-e0d9e249883a
.metadsp.co.uk/ Name: ruuid
Value: 6946d306-f0f0-462b-9ba3-85baf71ff09b
.metadsp.co.uk/ Name: c
Value: 1693754196
.metadsp.co.uk/ Name: ruuid_lu
Value: 1693754196
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRRZzYAqUmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUWc2AKlI90aGlyZFBhcnR5VXNlcklkWkNBRVNFSE83TnBzRDNDb2FoNHRXV0tmSjJtNPv7hnZlcnNpb27C+w=="
.contextweb.com/ Name: V
Value: jemOHVnLIkVW
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1mnm|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: af702869ff329cc6
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F0861002-F5F2-4B4F-A10B-B54C3A68032F
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003%22%7D
.bg3.co/ Name: _clck
Value: 1eynahq|2|fep|0|1341
.servenobid.com/ Name: pid_309
Value: e_9f6850b7-8f2d-4452-8542-74288d6ca8f3
.outbrain.com/ Name: obuid
Value: d62df1b5-b349-49b4-9830-7c819a65c067
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENk8r4HAljOZw6WXfkzwWA8&KRTB&23025-CAESENk8r4HAljOZw6WXfkzwWA8&KRTB&23386-CAESENk8r4HAljOZw6WXfkzwWA8
.pubmatic.com/ Name: PugT
Value: 1693754196
.servenobid.com/ Name: pid_348
Value: HU9D8spzkp_mm
.weborama.fr/ Name: AFFICHE_W
Value: 2qx6cSN9bxXa58
.simpli.fi/ Name: suid
Value: 22B5206FE23344449BEBA3247C51DC05
ads.avct.cloud/ Name: uuid
Value: fa5c6e48-6cf7-49b8-94fc-fa0df4bb4cd1
.smartadserver.com/ Name: csync
Value: 76:CAESEDoc8-ZiLDC9q9Gf-v3jXUw
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~2dpr:194o~2dpr:18z8~2dpr"
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4d1cd756-2393-512d-6b30-4925618e2abe.SIyEQdRbKAUvyT1i8cD2Un0U9GxZBkgVStb9O2TXS78
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4d1cd756-2393-512d-6b30-4925618e2abe.SIyEQdRbKAUvyT1i8cD2Un0U9GxZBkgVStb9O2TXS78
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATRzXViOTUS1rMEklYY4qvp61b0Q.GrE9SGf8fREynfF4xjMjCp0bg%2BjBujjGngrtHZs6kSg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATRzXViOTUS1rMEklYY4qvp61b0Q.GrE9SGf8fREynfF4xjMjCp0bg%2BjBujjGngrtHZs6kSg
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPVFmqetZBQUwyQWLWPZFsXh7WWCLMSirIS0YG_-fe3jEAEYAyDUxtKnBjABOgTwi70wQgRYBgjz.iRn4YlPK%2B8pxg0syDnwADogrsMWZ6%2FLyEp%2FLRrGJxUk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPVFmqetZBQUwyQWLWPZFsXh7WWCLMSirIS0YG_-fe3jEAEYAyDUxtKnBjABOgTwi70wQgRYBgjz.iRn4YlPK%2B8pxg0syDnwADogrsMWZ6%2FLyEp%2FLRrGJxUk
.rubiconproject.com/ Name: audit
Value: 1|gmhS77mlNCzMz3QoeW+mdNovtiSJgn2YIE9zZbIkHv5pDAL/Mb+PFhcmFiJudDtgZjKlhjfhclXqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.ipredictive.com/ Name: cu
Value: aacb5a7f-a8f3-4a08-a1df-9d6a901b0f25|1693754196542
.servenobid.com/ Name: pid_328
Value: 2b8ae527-d393-45ee-876f-8849acdee581
.liadm.com/ Name: lidid
Value: f3e34e20-c960-4cfc-9860-4bb30621c11e
.servenobid.com/ Name: pid_323
Value: LM3LICXH-1G-7O8T
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: f38be0a639dcf405a02df266a4ffa640
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1693754197.1.0.1693754197.0.0.0
.audrte.com/ Name: arcki2
Value: c9ib1hd1qqfQmSCEDgJoaYxXQ!20220908!1693754197453!ip#158.181.111.68
.audrte.com/ Name: arcki2_pubmatic
Value: 66E76FC7-1C1F-40AC-97A4-39CA7D79A957!20220908!1693754197456
.bg3.co/ Name: __qca
Value: P0-547405046-1693754192893
.socdm.com/ Name: SOC
Value: ZPSjVMCo8XsAAKZFEsoAAAAA
.audrte.com/ Name: arcki2_ddp2
Value: c9ib1hd1qqfQmSCEDgJoaYxXQ!20220908!1693754197946
.audrte.com/ Name: arcki2_adform
Value: 4209624951218091518!20220908!1693754198226
.admanmedia.com/ Name: admtr
Value: dd992ad3-7f90-4fb8-aac0-330eda5ac02e
.admanmedia.com/ Name: ac_r
Value: CS112
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1694908800%3A245_241_235_227_226_219_197_201
.pubmatic.com/ Name: SyncRTB3
Value: 1694304000%3A223_15_2%7C1694908800%3A3_22_234_56_251_71_13_21_233_166_81_8_264_54_220%7C1696291200%3A203%7C1694563200%3A63%7C1694995200%3A35
.dotomi.com/ Name: DotomiTest
Value: 34716313a78217b9
.zeotap.com/ Name: zc
Value: 2d0607a7-087f-4c64-7f09-95bedaec7f08
.pubmatic.com/ Name: SPugT
Value: 1693754200
.richaudience.com/ Name: pdid
Value: 261fcda8-88c0-4ff6-b111-1zz1693754191
.richaudience.com/ Name: avcid-smw-uid
Value: 38cfa9ccb77fa5d1ecbf05ec151d88f0

63 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202202/fdda00450582e5b1adb74cc47b63b93f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202108/a811260246202625831a44f4e78188ce.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/55423c8fb8db5268f9414326229d7589.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202202/c2142f7e64c5bf09ab31e363bbe081c7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202201/8be953d9ae8a509d527319885d087d19.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/241c67517315d06d91e7c882f8acc28d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/241c67517315d06d91e7c882f8acc28d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/a2ed9e8688acb634c22de80a96080bda.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202202/229809f05bf315b2ded468b3e83b68da.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/9c34e2d1550239e7238fa97881a321a0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202202/cbca490a70cf2b15ae15f249aab788bf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvbW8tZGUtbmEtc2hlbmctYnUtZGFvLTZtby1qaS1kaS0yMmx1bi15dS15dWUtamluLXd1LWppZS16aGktZGktc2FuLWppLWZ1LXp1by15b25nLXlpLWNpLWthbi5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=%26ismms2s%3D1
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZPSjUvUhxp3GT8zay8eZTwAA%265127
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7274618870703131658&btr=true&pos=top-right&cid=558342&aid=558342
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://b1sync.zemanta.com/usersync/minutemedia/?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__%26ismms2s%3D1
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb8148254eb40af3f0000000000000000%22,%222%22:%220xd2e172846a26243f0000000000000000%22,%223%22:%220x51ea06745050e7cb0000000000000000%22,%224%22:%220x71660dd9bafab4570000000000000000%22,%225%22:%220xf87e01c90ef8c8570000000000000000%22},%22debug_key%22:%222290743413156476604%22,%22debug_reporting%22:true,%22destination%22:%22https://orellfuessli.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22978673102%22],%224%22:[%2209-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215206326015782925569%22}&andc=true
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D%26ismms2s%3D1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://oa.openxcdn.net/esp.js
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9f6850b7-8f2d-4452-8542-74288d6ca8f3&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=48048000099369204438458012436020&pv=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtXoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=sad&i=1652886196918596719
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4209624951218091518
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.targeting.unrulymedia.com/csync/RX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7e6c3cbc-c795-4190-baf5-4980c51dff4d-003
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=obn&i=ENC%28CBwx_e84aYGp15AqaR7bk8C98-bhQyy9jyOQ70aefvzMHJ__VK1PJ8c2-lVcmOyc%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28CBwx_e84aYGp15AqaR7bk8C98-bhQyy9jyOQ70aefvzMHJ__VK1PJ8c2-lVcmOyc%29%26gdpr%3D0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cdn.id5-sync.com/api/1.0/esp.js
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=&gdpr_consent=&us_privacy=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://static.criteo.net/js/ld/publishertag.ids.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/playlist.m3u8
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYyAg4SOAI=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HF0Mwi1E2uVOz6vDpWYDTNeip8z6zEU-~A&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAITZ07rf10cgNLbDyVAAAAAAA&expiration=1693840597&is_secure=true
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=6647b860-18ca-4b1b-9ff5-baf4bd62817f&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%8E%AB%E5%BE%B7%E7%B4%8D%E5%89%A9%E4%B8%8D%E5%88%B06%E8%90%AC%E5%8A%91%EF%BC%81%E7%AC%AC22%E8%BC%AA%E9%A0%90%E7%B4%84%E4%BB%8A%E5%8D%88%E6%88%AA%E6%AD%A2%20%E7%AC%AC%E4%B8%89%E5%8A%91%E5%89%AF%E4%BD%9C%E7%94%A8%E4%B8%80%E6%AC%A1%E7%9C%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-LceXZSHsxjNJ4c_roYL3VA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.9056466334577977&gjid=0.6734727941221783&_r=1&a=509&z=0.10109654921973932&gtm=45De1110
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://pixel.quantcount.com/tag/error
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://track.webgains.com/link.html?wglinkid=3540285&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jxy0gqmpqtsb5h9hac0b3zwdnkfmdjzf91fqe750zrn3w0b9yhdf8sjvx4qcfbwamqjakbtpqww8mxgggxz14ntc1026n8grma8m1hz2e66p5phrh36h0fqs6gmhsff83dhdtswsrgz07pcprnt1pn9txtdr1gf95mp6gg1xc10dhss3w36tgsxnrf62t42h0r93af0twp6bfjnhnk1hxannjvdw71y6x703qmwmqzmcye1xcv2scfa73nwvvwzw8%26a%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%25253Fsa%25253DL%252526ai%25253DC9WKYTqP0ZMSSFYWfgQfs_4bQB8T-wtJoz8bNpokL9i4QASC6vvAWYPWFgIDcBMgBCakCmCrtl_EVsj6oAwHIA5sEqgT9AU_Q_mEGzk5VDLLZxzkcIO_-5E-LHYexfTOhicOk5DenYqwduKDLqP30mcazzPp0vkCW0D5sO88NeF8jUkkfWmdsBPfX19WJpCop_k1GhfCNU7JMcFBMGnGf58ouoxplYsxD1jdHVus4JT5TaBPKVZ_BB3cVgm7ScuC62DfZjinhz5I5SFrddCZ1hCHlzDcPB8gwMhVtSvJBK1xdZ2klxzpVpQnjo1Z1360wDS7WRaRFIb4fKGcsIK0RWyCL4BNaqueqp3sX8o2b3SjsM4ZHX9d_kXzSRUcWrYId8gREwD37c6sP9cmqh9CL3b3nW8niMNWF5uizyJsghoaxWEnABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTM5NTk1OIAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%252526ae%25253D1%252526gclid%25253DEAIaIQobChMIxPHoht6OgQMVhU_gCh3svwF6EAEYASAAEgK-PPD_BwE%252526num%25253D1%252526cid%25253DCAQSKQBpAlJWRd2KUzb8iTtPp9dpO_mowlFcZ7k9k-74KxEF9txd-UyT47qNGAE%252526sig%25253DAOD64_0SOR8cx_nqGJ-GV31NldcDmSSsig%252526client%25253Dca-pub-6579838053286784%252526dbm_c%25253DAKAmf-CHRMn0VGtWGis9kGOwR8oxCjWkIIqxn5dGNuT9Bf-cAOBWqwXlszdR0bSVH6FUXCllzH5hspJ4mWF18axiwW5wK1lkJ3f2YmKs8eYtqTjZQGPNQT2xu6ayhCcHBBMsSXm4KQKVnbWsxlzQs3JmVB7PhaGYjCVCNOhKv4ewPK-4feNUkjM%252526cry%25253D1%252526dbm_d%25253DAKAmf-DuIbHHk_5xXp9IPRV9P9r8KZ6StymPRcFE7wdESY1uOqGuaFj8F3nInZ8K-L5Xi1ZKWf-90VjktQvbxhtanux887tZCW6FFMyb7EExWmw7ZufM8Hrr3YfdYjsvPn5t8o00zELtp5FvMMT5J-kzStpILe2jyxZEJX6thioT_xQwjnN5rk9FkH6o7juSp4lu2Q9ek_gp7Rum_ke5HBieUXaW82d8noD4gmK5wf-Xb1_N3NoCfK3smp3Jn7Ctf3RwhMz1QMHnBDNPLCAztdW_JFoKwsfHpDEUiLUDPD47RjUkmX5NYm_1LYLrmPHv0rAMxHKoUGCX12yBAo9nFhtjQBcybWB1NhNSnNOSjP98EgoOQ9NkGroksUnCGO3jAXFuwMeXUdHXQgoOma2xtu_4fbwmCu9lVEMDhkPkoDWUlhighA5LPI-dQvz4gziwQp-pW3WtIeb_5vSmKZc74HGBJzCHFckFmH-L6grih7ommQNhWwUDtvx66aNSNqxl9eUKcqelHDI-H5iYe0CMuNpfLke9ScfNjLw-qOFt8kRPrhCNvY5uFB1RBkGlJIpKU728OUe8wEkkO6ghjlPN6AVmdb0-3NO88rjflrAU6dcVPZX5bzimZUJhUtr8F9NQxbiHO_-qXNw-O19y_rSEb-Da9IdAf1G72A%252526adurl%25253D&clickref=oneidGjJUBfjgz1TXdmguKHeHGtBCkj2c2TYTJAHEoneid__dbm_Awin_Reach02&viewref=oneidJBWFzfmY3qa3geQUBH6H7tptER2CXTgT4WtXoneid__dbm_Awin_Reach02
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=4279904964962375&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=EFBA2176-FA43-423A-8934-C96B4C3E7253&a3p=EhkKCnB1YmNpZC5vcmcY4uX33KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOLl99ylMUgAUgIIZBIZCgp1aWRhcGkuY29tGOHl99ylMUgAUgIIZBIUCgVvcGVueBji5ffcpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOLl99ylMUgAUgIIZA..&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dt=1693754196985&cookie=ID%3Db2e9173362228d07-2255a67565de00a2%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MbbDeJ9nE8XscsTQ8j3Ib-ahYAx-g&gpic=UID%3D00000c6dca0ccae7%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MYfhGD6x1qdfYajfXiN0iBglyUzoQ&scor=3190431030151483&ged=ve4_td22_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPSjUrG66UqZj17.PwqaWAAA%265157&gpp_sid=&us_privacy=&gpdr=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-LceXZSHsxjNJ4c_roYL3VA&aip=1&sid=1693754193&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=4279904964962375&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=EFBA2176-FA43-423A-8934-C96B4C3E7253&a3p=EhkKCnB1YmNpZC5vcmcY4uX33KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOLl99ylMUgAUgIIZBIZCgp1aWRhcGkuY29tGOHl99ylMUgAUgIIZBIUCgVvcGVueBji5ffcpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOLl99ylMUgAUgIIZA..&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmo-de-na-sheng-bu-dao-6mo-ji-di-22lun-yu-yue-jin-wu-jie-zhi-di-san-ji-fu-zuo-yong-yi-ci-kan.html&dt=1693754196985&cookie=ID%3Db2e9173362228d07-2255a67565de00a2%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MbbDeJ9nE8XscsTQ8j3Ib-ahYAx-g&gpic=UID%3D00000c6dca0ccae7%3AT%3D1693754193%3ART%3D1693754193%3AS%3DALNI_MYfhGD6x1qdfYajfXiN0iBglyUzoQ&scor=3190431030151483&ged=ve4_td22_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.onaudience.com/?partner=214&mapped=F0861002-F5F2-4B4F-A10B-B54C3A68032F&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0861002-F5F2-4B4F-A10B-B54C3A68032F&sInitiator=external&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3569158016234090306&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM_m5xPPUAfwNBl-gPAAAAAAA&expiration=1693840598&nuid=F0861002-F5F2-4B4F-A10B-B54C3A68032F&is_secure=true&gdpr_consent=&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Message:
Failed to load resource: net::ERR_QUIC_PROTOCOL_ERROR.QUIC_NETWORK_IDLE_TIMEOUT
network error URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm3limjy&c=3781666188718&slotId=1890833094359&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cb707e3fdfe11d8962056daef24dda2.safeframe.googlesyndication.com
12930203a34df73b5c9139b1f2bcaa76.safeframe.googlesyndication.com
68baba596ce3cfbef586a77a9bbbe291.safeframe.googlesyndication.com
9ba66d73ea74420f78a9d775a11d2e08.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.sitemaji.com
ad.turn.com
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.smartstream.tv
ads.stickyadstv.com
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.minutemedia-prebid.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d-27904427312725089125.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.yahoo.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900020.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imagesrv.adition.com
imasdk.googleapis.com
imprammp.taboola.com
ioms.bfmio.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mwzeom.zeotap.com
newsbot.unibots.in
oa.openxcdn.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantcount.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
stream.unibotscdn.com
sync-tm.everesttech.net
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.aralego.com
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
www.awin1.com
www.bg3.co
www.clarity.ms
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.360yield.com
ad4m.at
ads.yap.yahoo.com
b1sync.zemanta.com
cdn.id5-sync.com
cdn.jsdelivr.net
cs.minutemedia-prebid.com
csi.gstatic.com
csync.loopme.me
dsp.adfarm1.adition.com
dsum.casalemedia.com
geo.yahoo.com
hal900020.redintelligence.net
i6.liadm.com
image2.pubmatic.com
image4.pubmatic.com
imagesrv.adition.com
match.adsby.bidtheatre.com
match.prod.bidr.io
oa.openxcdn.net
pixel.onaudience.com
pixel.quantcount.com
pubads.g.doubleclick.net
rules.quantcount.com
simage2.pubmatic.com
simage4.pubmatic.com
static.bg3.co
static.criteo.net
stats.g.doubleclick.net
stream.unibotscdn.com
sync.adotmob.com
sync.bumlam.com
sync.go.sonobi.com
sync.targeting.unrulymedia.com
t.adx.opera.com
uipglob.semasio.net
usersync.gumgum.com
visitor.omnitagjs.com
www.awin1.com
www.google-analytics.com
www.googleadservices.com
103.231.174.251
104.16.89.20
104.18.38.76
104.18.39.155
104.22.25.87
104.26.4.103
104.64.126.246
124.146.215.49
13.107.213.60
13.107.42.14
13.42.176.194
141.226.224.32
141.226.228.48
142.250.181.234
142.250.184.225
142.250.184.230
142.250.185.194
142.250.185.226
142.250.185.66
142.250.185.72
142.250.186.129
142.250.186.130
142.250.186.170
142.250.186.66
142.250.186.67
142.250.74.196
144.76.104.53
145.40.97.67
151.101.193.44
151.101.2.49
151.101.65.44
154.59.122.79
162.210.196.208
162.55.236.225
169.197.150.8
172.105.43.230
172.217.16.195
172.64.102.25
172.64.149.180
172.67.10.198
172.67.74.129
178.250.1.11
178.250.1.8
178.250.1.9
178.63.52.121
18.195.32.10
18.196.122.173
18.203.189.31
18.66.187.108
18.66.192.12
185.106.33.48
185.184.8.90
185.255.84.151
185.29.132.241
185.64.190.78
185.64.190.79
185.64.190.80
185.80.39.216
185.86.138.152
185.86.138.154
185.86.139.93
185.89.210.101
188.42.196.115
192.96.203.13
193.0.160.130
198.47.127.20
2.16.202.106
2.18.160.23
208.93.169.131
213.19.162.21
213.19.162.37
216.239.34.36
216.52.2.91
216.58.212.129
217.79.188.11
217.79.188.21
217.79.188.46
23.218.210.30
23.35.236.188
23.35.236.201
23.50.131.73
23.50.131.87
23.97.225.52
3.233.155.245
3.33.220.150
3.71.149.231
3.75.115.20
34.107.148.139
34.111.129.221
34.227.156.9
34.242.3.8
35.186.215.140
35.186.253.211
35.204.158.49
35.210.239.72
35.244.159.8
35.244.174.68
37.157.4.28
37.157.5.133
44.193.104.224
46.228.164.11
51.89.9.252
52.205.57.26
52.210.15.1
52.210.175.116
52.46.128.147
52.58.1.69
52.94.222.140
54.147.123.103
54.155.69.215
54.158.197.157
54.220.11.225
54.229.162.154
54.247.40.125
69.16.175.42
69.166.1.34
69.173.144.137
69.173.144.139
69.173.144.165
76.223.111.18
77.245.57.72
8.2.110.114
8.2.110.24
8.43.72.98
80.77.87.166
87.248.119.252
89.163.155.32
89.187.169.39
91.210.226.74
91.228.74.168
95.101.148.20
95.101.149.35
99.84.88.2
99.84.88.77
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05eccc1688a2b51ebf2cb8540da29d1258c25ac24513deefbdcb07bdb1566460
06351ef4d41f2c880266a0416c06707bef5f0df57752db5cea8fd264aa9fc682
06be8cceb4156f3015fb1706d7518b79be1c129a055533a97667cb17d66a8ba8
07c8b04b58fbc866a8a881fb3cf05c5c5549c85c6441adac3e9c947c834459ef
089193c5def6ea660c36eb5facb28fab307bd87dba4dce136ed049ca16a0012d
08d502e7f6319b0015d0ea006b216f287353f60e0cd84462a5a43d6294bfea7a
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca5dae92ef6608fe14a8ba5e56f72d38b31e7570d98f2287024bfe4a0d53c99
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d676b76c53b833818c6e1a63c1fdfe4cfd1c19798f92705e2813522ef468721
0de17b9b21356a7e43d6a4d11831e9bb5de3429a123120cd39ed8bb8ca2285bf
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
131791340bcb1e531c2d89c70cacb2b6bf020db8b9e2c6a19a9a15703a37df4e
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
15052d3f8db580ce6296ffc1a384cabdbe8eb87382c5b1f6fd11005253104f1f
164e19bc17a5e0a82da30fb119b538c1f7e37a64ff1dc500c45cd8242a2473fb
1752ffd6e3a6849ed80dea23b03dc766a8335a2b01bd937e7609f45bb8077d1c
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c3c7da5d6e9ac7c224be230acdeba001abd5c6d4ddad2e60276a819287b6aea
1caf1b5af4a79a67413b348e9dbcac3f4e83a1f7d62c6a5c29bd3aedec8954fa
1cb1b8c33e9c915676a2e38fdf730eaa7df8be4eb01a04b79bc44b5994e5c64a
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20d883fcdee229a17cbff4e8e79d1e1041dd28aa4273b62b1e9dbe0fc936069b
22dc79ab92abba87adc663fbd3b8d9242b1ede690743e6d92eca2d5d69ec597b
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
258e3e93b6874b0ec78d6008915a4e47237c540f9e8022a79e875572e5930dbe
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
2642e86c8e6ee01a25a6310db829335d2fec1c9d1e7839d0607924886f206f87
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
28b7c765a1cfc313d5a5478384abeec7f66ff2ac464b9855ded74ebfb59c6fef
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2bf3641f54961db001f5cc340b8dbfb7a3e313d3ed57adc5e9c45f86789e6712
2c7f70f39708dc55cfc12d84eb039481bfa9af3dddc29fa59158573e64a09a2f
2cc7c33ff9feb502467275255530ef4e63567399710e88118e79634935cd70a3
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2dfe27b88ffa0378bb53d1ad5e1f656d05adb0604b53fdd72ef341160b069c60
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2e650636c28e7a8762acae233653b2b001d5082dc94514096dd1b7a8d84920c1
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac
2ec0d882a3581c9c4fc868bc96281b820649d7e7a66ec0d92dbc0a06f010fcf0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf
302be377185f1d9c660dad950516501936a7910aa304bcfe5b685fcda6f02dec
3075fa4c4840cb26f3cd3e053b2185586bc36399af4690cb4e1e6adf146ff214
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
327131bcab4da4c3e432111dfcc7a95a9ff802b229cdd02e9f3e3251e0e23b1d
327b33e7c6a9d7eff9e46b2a4cb1c3b615e79e9b30f383a9c95e0ac701f4ea0d
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a9fccff8064a800e82955b64af137559e38ed314b498e2c4931badb76ecee43
3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03
3b1c28427268adb46b9a0514ea3f95bec0fcfcb82d25710e25cc8c5398efb1ac
3bb4a5c88615728197c49d9c04e030c866bc81466d311288f6d8228aa917aafc
3c402a2ea2ef1af5184a38a37d14f7c9b5cd50565195e9578e560b8afe762028
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f18968d0dacf1850dfce645f211ad6244443b9af0415f380ea27f0e835cb58f
3f5113f6fdf912946eb427523777f496019f8b48d318d33db21a61f091d78978
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
418164226b14a46ef78e163388de145ed14402cc735c6f21d0f2daf818dfdbbe
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
43d46ca8ec37f3df134d8374fe75a94d8eed05f56a09c94ce4fbf81e425f18a4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c9e4d6cc84fe235db0800274090c3335ecc1fcb54bbbebc324c278bb50c197
454efc2a7a789fd6efe3766391240bfbad5c08e8346810cd0d5a65f8418b2b8f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b21567424b0df531db43d0dcbfdc4b8e99e7c78f101555413b9d89f4fe7590
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b840ef1f2d8ae8238a85714594dca1c85b4d9a03eeef7f2f55af34d759ad605
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e144a55904cf3905bc237ef0fe43e376f60e025fedacbee03099e23976eef91
4f5b11a8ed95cc5ef94a4a6fe4d32f704dfeca16300ca4c67cdcffaa01aa2481
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285
5324ae97b99e312be80a9a62d46026e81c76f7b65d9ce80730cd538639d77db2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ac42444cb9d1f288b4cc88224bc17d2e6a25e8c128b1c502cb53048961e050
55014b9467e874d9f4ede70bee47262e12d2d7b801ed531dca6750d5757524ba
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c98b894a9bc1801be47c0e551ba9ab69e5165d6ecc4d70c7425dbf2c3727a9
566b0032083e7586f68271093b3abf7be6d13e4f21aec361625559fc7ad62454
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
58cead55b65f3b0678c4b30ae3d13b6e12567e960e0bb85cdde591943acc9932
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5c7e7b7d8cf33137b90c47a2e6fd7cc683efa84aff87113050c3e3f619573cbb
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
5f48201ba7796b64b9b74c2173009a43ffbf4e10af199d73189d366d4956f2e1
60d847494a8f1f6899ce09578dff5895ec740cf9f8eb6484b1aa170ab394d211
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
656e83dc850cc212558c42afc10854ee7917477199b624efb1d1c1126f9fdf80
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667d77669d19714ac96c979a077c8c1ddeb43e5d9b425bf78da585cb92935dad
68d4e924fbe9a1cafb5b9712901e583a73adc2d9d54d9c41982f5f8ec30430b4
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d6d2e56fca86d0b6bb8c116bd0cc223ae7dc2b14029db1edeafef83ab7ea9db
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
705e54124459842125a7ef424caf33f8d53227053e7fec5e24dc2676220bd43d
709ba9d905d48370b535afbd6f085f9c7eb64c78c5b8c0fb294ce71fa1f010f2
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72733561a4030b10d08d15daed28ca2e67708a34c33aad818949c91bf1413787
7700225a34f0a1747bde7920bda15daacaf1c7bfb01b73223e0c9b5cff9b2e0c
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7729a99ae109aebcffab9c55889313fdf09bb2298d29143e2901f42738668062
77cd2d5b812c8fabe4abb0504d092a15765074c4c76738a22a5ba7bfb8735cdb
789ebb18ecddc331642dbe38ebc08f3358dac0efa66fd74ac43b448dc2859a48
79b4e3f2b4f09ae147114648d01d44080725f0ab3334f1ef6cb4ffea41e8ea06
7b0ee2a08ea40a06f3687661904c42ee8561efaa838fe96cedeacb547bb8ed96
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1
7c6021258fef51566462d7b1eead8d9abfc4d31c7a11b5a782c4dbac24e48e20
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7c97ad98c17f25936377bbfa30ed2d8906e7752b77d4aba4d1d5998dd2fbe147
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f7e5f8155897d0da1cc12119c7de1b9f65e82cce96ba1a14f51be459159c1d1
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
80eb18adf795fd4798badffe180c0ff28eb0f1fc4b2ec918c0fb70ecedc0089b
82a46f5270e2ce0ba5775f7d622e3b05ec9b2caf94d9a183e905951eee9b7cfc
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84f85b0bd79098f25828f2bb3b2b177620594a4278319fd97136dca240148a2e
85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
86bd0e57d2b056636dc8347bdb05d5ced008ec1367a639063e934fb552a6d7e8
886fb66114698d24aec1cb73015b27b34bd169c5ee28d7f5799608b1830e4b50
89c78a59bce2122aa68b8f020984abe78de5717885190295cd5fcc036e48caf7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8adb21eb9da22c7bcaae3a07eeca836037e57d4047e574581bc7b6457fae73ff
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e0b652db045d1d748da7caa5b9d6e7950a78bfe9883c1a56ab7a4f52fdb3ddb
8f3bbe1bdfa4ce2a6d244f7873f2a6e38d4da2a777280db0309ca66517386e46
8ffc61c6b74c39fda7fa81530c9038e0b12cfb9b19672587e5f4abb4953059e9
91eda30d02283924810811a4978d9b5c1e16632b1b58692956da59192024f9d3
923690f3c0feaf6346a2755af20e2b8580a048126501966a8ccd0fd31c6b53e3
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
934e7afc3bf0992685646d136147be5edac19d1ed31557559ef134693c5c2900
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
966f86fab4846cf34486ae932468b157aa4b432aaca5b6601a07a455e5526318
976d221a27c609c6b0b839ce2274af35070e410035d47e59fd4e1e79a0084e94
9833f5b731f730286283a8f2c0b131ed747065f7d8d917491bfc641e5be294a5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a180c053c4ee87ad1c17f5c79b7227ddb23647b3dadf569679aa60f61a8ca89e
a202f8c3fd59ee34269c94a945d3507d8bf21f361698b49424e579961854a492
a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a672364beb0b35fd44f447abf914a2f3037a420a9bbd478c00db342705367380
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6b48af03489cd3d8592e37759673f800209e763369d837f1b7b66daa84ed0b7
a6fdcca2c798f4c7a89a90a7cb30385af534d3f7ce1b0b638688308e0d0cf5cf
a7c94d5780fa800afb0066d0ceed10b6488d78ec4cb2a85c42e5772b6218cd26
a8fe459f4e5422a4aeb53622d8296eafe14f9c45f5f5427eb8d9f314ba559a18
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aaf4793e05329c4b9f0d1f67e76e8a0ad21583f57a68e1d83fbf12b1831c1814
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af0d502a9a7d67163adf186df31255bc15e9f08004dd1ef115c3145c3657da04
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
b1a92cc32b861676d73dee67a54d16f367fbe774354b1c25189348ee4a85a98e
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b259bb222a39b3d352bd17275abf5799be7aba7c78275743c801ad55b7332531
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbadc44e3f45869e5a3292aa6ad37555b447b21a1189795fb92305d1f43f2afc
bd8bb4cb774305bc2fd4a6baaca4afe5c9bf266f88de367f6f7d97fc1544683e
be07c749f5b8bb13d6afa0e7ebc498ebb670a48666ae26be8b800854590faafd
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bfa85b94d5f3a84a83f47de22483880a0396a6ccb0ea8b549abba5c4c3fe016e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5a151f6d9e09fd60bf6973d09630854a1ea0545ac0cbeb88dec0790b3c04b7b
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
cd8ba53bc8df94466e19afeba16373959e8e4f090c3ab91415894230bd8a8798
ce822175e81a40db3f3fe570e418063a7658d9fd87ded42fe50aa0ce375019e1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1256f2cd32de7174e7dd9cf32057a2db884df5f3978e125f9a8263106785abb
d24c82d75a13e45cc8a88be550e1d3ee7d93ca63e4f39acf602b3e6ef7c1cda9
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
da45ef32883906bc1a133e0f428131d8ebca6e802de09105a9633657166bdaa9
da6e6d457bbd5d20fd893dc217126ac6da7bbdf34de40c2daa70d208377de031
dac4d215b5a3ffd4f5a06a5d2b14ab6433349ab179e59dd3a3336d971491b0bb
dcc487e6534d2f9e1e42685d87437291affd13d77406f296008cb2ca5f02b686
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d
de1b8f522333e9d9fc19e7d6f6a8f038b8e86eb9d4d85f85a8e26696e4b02665
de959bf6d68c06198b731f7158053bfe9ca990818be18db6edbda32abdc14625
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e065d14ad997dde67ea517edca17f17790ca60a31926d8586ce62df4d114f05f
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cab324eb432c308074fbafc71de8497bab20f27d2916d9d973e82266bc69b0
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e79e61d32a80f696ccdaeadc794f2f7bf13163d3d624f1496a86d1933e109fdc
e8103b05722eb4266809bc507749f722028e08ad8298643d98848773a9020202
e90b5fa14fbbf1733a3003f2f3863857c1088062ecc72a9d3c611b9e9295e4c7
ea3bf3087b7dbb2db946c6373d0592624a0cf2a07abfdb94dd2f9a59ed54aa60
ea8d6d0ea7cc1117fb5c99cdcb841fa1828ea90975794b95a7a83c00cc3be146
eaa938396c2341c8018a147c2c1435451b967dbc23ae5fd7d019c952dbccb3c7
eada67cef809faab179bb42d56042d47c6a205526e110cab1a8f03a585104a88
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ebf21ade8c463147cc813c24625e0f8bc433161a3e51ae429c6a402b31700791
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ee8919596c7d2d31e3611ee7c1f53a57d317da40aa3e83a560e952984369b89e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
ef7e0e0f5607be19e1435d5c2a116506def82a9e801a9eb4ebc6b6b6d97202cf
f052a9a5963bfadca448a34f04e1e607b43fc84993033b8467507108476d7069
f10f48e662adc5bb684cdf3573033a5ff49e576db927e51d71666bb683c59b2b
f27b876bc0a492543da011c1fd5588b3381400ad4353ad81e8f032ca48c7e531
f464b27d978feaaa2dad001581dc04b90e7c6350f90984032c50571fff313fcb
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f91ee6f3c90c231cc271e450f83497a57dcb81b27c84ffd2a920f915234d74bd
f9fafe1cd65a067dbe753560a67a7c7220f710b9ece3a08ccca44888f775564c
fafa32db240c2b29d7f7860d78cd5e9ed753759e44a63cb12794a40e09c6c42f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb97db4ea4b26960fe8a279acb169514287a1e96d2b22c2fb615f44094b480b9
fc5d754265103042e0732096eb598585e42a957f176a9909fdbe7421deb69434
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
fea4bc9b9d2aad38143b0847ab5000206306ec8cb3e9182610b062ad157419b0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff8ca9d9dd450d8fa63c3f8cc9679e166d928d58f84752e9bc01931bad4bff4a