urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhon...
Submission: On October 06 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 11 countries across 96 domains to perform 545 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
8 142.250.185.161 15169 (GOOGLE)
14 142.250.74.194 15169 (GOOGLE)
4 142.250.186.40 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
39 151.101.193.44 54113 (FASTLY)
2 6 192.96.203.13 30633 (LEASEWEB-...)
3 104.26.5.103 13335 (CLOUDFLAR...)
12 169.150.247.34 60068 (CDN77 ^_^)
2 151.101.66.137 54113 (FASTLY)
3 178.250.7.13 44788 (ASN-CRITE...)
4 216.239.34.36 15169 (GOOGLE)
15 185.106.33.48 200478 (TABOOLA-AS)
4 151.101.129.44 54113 (FASTLY)
8 23.97.225.52 8075 (MICROSOFT...)
3 142.250.186.138 15169 (GOOGLE)
5 7 91.228.74.159 16509 (AMAZON-02)
1 104.16.89.20 13335 (CLOUDFLAR...)
15 52.210.70.148 16509 (AMAZON-02)
2 4 147.75.84.158 54825 (PACKET)
1 178.250.1.8 44788 (ASN-CRITE...)
2 3 54.77.251.23 16509 (AMAZON-02)
6 22 51.89.9.254 16276 (OVH)
7 104.22.69.131 13335 (CLOUDFLAR...)
6 11 185.89.211.84 29990 (ASN-APPNEX)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 69.173.144.137 26667 (RUBICONPR...)
1 213.19.162.51 26667 (RUBICONPR...)
1 18.193.181.140 16509 (AMAZON-02)
1 3.125.241.158 16509 (AMAZON-02)
2 10 104.18.27.193 13335 (CLOUDFLAR...)
1 4 35.186.253.211 15169 (GOOGLE)
1 172.104.206.52 63949 (AKAMAI-LI...)
7 141.226.228.48 200478 (TABOOLA-AS)
1 143.204.98.80 16509 (AMAZON-02)
21 172.217.18.1 15169 (GOOGLE)
10 142.250.185.66 15169 (GOOGLE)
5 142.250.185.194 15169 (GOOGLE)
3 142.250.186.35 15169 (GOOGLE)
14 3.33.220.150 16509 (AMAZON-02)
2 7 52.48.234.224 16509 (AMAZON-02)
6 10 3.65.51.143 16509 (AMAZON-02)
1 18.66.97.30 16509 (AMAZON-02)
45 142.250.185.162 15169 (GOOGLE)
3 3 23.201.255.110 16625 (AKAMAI-AS)
8 184.30.22.30 16625 (AKAMAI-AS)
6 10 3.71.149.231 16509 (AMAZON-02)
2 51.77.64.70 16276 (OVH)
2 178.250.7.2 44788 (ASN-CRITE...)
2 3.233.145.141 14618 (AMAZON-AES)
2 142.250.186.170 15169 (GOOGLE)
1 4 142.250.184.228 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
13 36 172.217.16.194 15169 (GOOGLE)
1 18.192.135.64 16509 (AMAZON-02)
1 178.250.7.62 44788 (ASN-CRITE...)
7 12 69.173.144.138 26667 (RUBICONPR...)
1 1 91.210.226.74 48314 (IP-PROJECTS)
1 1 89.163.240.122 24961 (MYLOC-AS ...)
10 142.250.186.70 15169 (GOOGLE)
1 151.101.66.217 54113 (FASTLY)
1 142.250.185.226 15169 (GOOGLE)
7 16 69.173.144.139 26667 (RUBICONPR...)
1 138.201.84.244 24940 (HETZNER-AS)
2 7 52.46.130.91 16509 (AMAZON-02)
1 2 13.107.42.14 8068 (MICROSOFT...)
2 4 54.239.33.158 16509 (AMAZON-02)
4 4 52.211.253.239 16509 (AMAZON-02)
1 1 52.20.77.122 14618 (AMAZON-AES)
1 13.32.99.61 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 23.48.23.44 20940 (AKAMAI-ASN1)
3 3 52.86.135.73 14618 (AMAZON-AES)
1 1 178.250.7.11 44788 (ASN-CRITE...)
1 2 138.201.63.145 24940 (HETZNER-AS)
1 23.32.184.180 16625 (AKAMAI-AS)
1 18.65.39.39 16509 (AMAZON-02)
2 3 76.223.111.18 16509 (AMAZON-02)
1 95.101.148.20 16625 (AKAMAI-AS)
2 104.18.25.18 13335 (CLOUDFLAR...)
3 8 34.98.64.218 396982 (GOOGLE-CL...)
1 34.242.212.86 16509 (AMAZON-02)
3 185.29.134.248 30419 (MEDIAMATH...)
4 4 2.21.20.202 20940 (AKAMAI-ASN1)
2 6 185.86.139.101 201081 (SMARTADSE...)
3 35.244.174.68 15169 (GOOGLE)
2 4 185.64.190.79 62713 (AS-PUBMATIC)
1 89.187.169.39 60068 (CDN77 ^_^)
12 138.199.36.11 60068 (CDN77 ^_^)
2 34.242.185.58 16509 (AMAZON-02)
1 2 185.86.138.151 201081 (SMARTADSE...)
2 184.30.16.195 16625 (AKAMAI-AS)
7 99.86.4.129 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
3 34.194.178.11 14618 (AMAZON-AES)
2 2 216.52.2.86 32475 (SINGLEHOP...)
3 216.52.2.91 30282 (AS-INAPCD...)
2 2 193.0.160.131 54312 (ROCKETFUEL)
2 2 69.166.1.35 27630 (AS-XFERNET)
3 3.77.133.205 16509 (AMAZON-02)
1 1 23.212.88.20 16625 (AKAMAI-AS)
8 8 37.157.5.133 198622 (ADFORM)
1 9 104.18.26.193 13335 (CLOUDFLAR...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 64.74.236.159 22075 (AS-OUTBRAIN)
1 1 34.160.19.107 15169 (GOOGLE)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 34.247.205.196 16509 (AMAZON-02)
1 169.197.150.8 398989 (DEEPINTENT)
1 2 104.102.45.165 ()
1 104.18.187.224 ()
1 1 35.208.249.213 19527 (GOOGLE-2)
1 2 104.18.24.173 ()
1 216.239.32.3 ()
545 98
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
8    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
cdn.ampproject.org
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
f35c994a8e911d8cd26d8d961078aa39.safeframe.googlesyndication.com
14    142.250.74.194 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
4    142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
39    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
6    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
3    104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
12    169.150.247.34 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-34.datapacket.com
cdn.unibotscdn.com
2    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
15    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
3    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
7    91.228.74.159 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
15    52.210.70.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    54.77.251.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-251-23.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
22    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
7    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
11    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    18.193.181.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-181-140.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    3.125.241.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-241-158.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
10    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    172.104.206.52 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-206-52.ip.linodeusercontent.com
socket.unibots.in
7    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-vid-events.taboola.com
am-match.taboola.com
sync.taboola.com
am-wf.taboola.com
1    143.204.98.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-80.fra50.r.cloudfront.net
cdn.socket.io
21    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net
tpc.googlesyndication.com
10    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
5    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googletagservices.com
3    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
14    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
7    52.48.234.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-234-224.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
10    3.65.51.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-51-143.eu-central-1.compute.amazonaws.com
x.bidswitch.net
aws-fr-sync.bidswitch.net
1    18.66.97.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-30.fra56.r.cloudfront.net
rules.quantcount.com
45    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
googleads4.g.doubleclick.net
3    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
2    178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    3.233.145.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-141.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
2    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
imasdk.googleapis.com
4    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
36    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
cm.g.doubleclick.net
1    18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
media.grid.bidswitch.net
1    178.250.7.62 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
grid-mercury.criteo.com
12    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
1    91.210.226.74 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    89.163.240.122 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm45.as.net
cm.adsafety.net
10    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
s0.2mdn.net
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
16    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal9000.redintelligence.net
7    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    52.211.253.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-253-239.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    52.20.77.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-77-122.compute-1.amazonaws.com
sync.ipredictive.com
1    13.32.99.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-61.fra60.r.cloudfront.net
live.primis.tech
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    23.48.23.44 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-44.deploy.static.akamaitechnologies.com
hb.yahoo.net
3    52.86.135.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-135-73.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    18.65.39.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-39.ams1.r.cloudfront.net
public.servenobid.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
1    34.242.212.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-212-86.eu-west-1.compute.amazonaws.com
aam.a47b.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    2.21.20.202 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-202.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
6    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    89.187.169.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 89-187-169-39.bunnyinfra.net
unibots.b-cdn.net
12    138.199.36.11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-11.bunnyinfra.net
stream.unibotscdn.com
2    34.242.185.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    99.86.4.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-129.fra6.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
3    34.194.178.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-178-11.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    3.77.133.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hbx.media.net
8    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
9    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    64.74.236.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    104.102.45.165 (None, )

ASN- ()
www.awin1.com
1    104.18.187.224 (None, )

ASN- ()
www.conrad.ch
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    104.18.24.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    216.239.32.3 (None, )

ASN- ()
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
68 googlesyndication.com
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
f35c994a8e911d8cd26d8d961078aa39.safeframe.googlesyndication.com
574 KB
66 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
trc.taboola.com — Cisco Umbrella Rank: 680
15.taboola.com — Cisco Umbrella Rank: 7291
il-trc-events.taboola.com — Cisco Umbrella Rank: 20398
images.taboola.com — Cisco Umbrella Rank: 1964
vidstat.taboola.com — Cisco Umbrella Rank: 3058
imprammp.taboola.com — Cisco Umbrella Rank: 14739
am-vid-events.taboola.com — Cisco Umbrella Rank: 13899
am-match.taboola.com — Cisco Umbrella Rank: 15405
wf.taboola.com — Cisco Umbrella Rank: 3324
vidstatb.taboola.com — Cisco Umbrella Rank: 5791
pips.taboola.com — Cisco Umbrella Rank: 1752
cds.taboola.com — Cisco Umbrella Rank: 2153
sync.taboola.com — Cisco Umbrella Rank: 1031
am-wf.taboola.com — Cisco Umbrella Rank: 16197
1 MB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
pubads.g.doubleclick.net — Cisco Umbrella Rank: 412
495 KB
41 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 984
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2514
pixel-us-east.rubiconproject.com Failed
68 KB
24 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 26924
stream.unibotscdn.com — Cisco Umbrella Rank: 37227
3 MB
22 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
11 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum.casalemedia.com — Cisco Umbrella Rank: 1698
23 KB
17 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
5 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2878
public.servenobid.com — Cisco Umbrella Rank: 5519
9 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
2 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16132
e3.adpushup.com — Cisco Umbrella Rank: 19421
283 KB
12 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
adpushup-d.openx.net — Cisco Umbrella Rank: 25929
us-u.openx.net — Cisco Umbrella Rank: 547
eu-u.openx.net — Cisco Umbrella Rank: 2959
u.openx.net — Cisco Umbrella Rank: 739
7 KB
12 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1206
x.bidswitch.net — Cisco Umbrella Rank: 387
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 31527
media.grid.bidswitch.net — Cisco Umbrella Rank: 2724
19 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
secure.adnxs.com — Cisco Umbrella Rank: 542
25 KB
11 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
7 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
143 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
cm.adform.net Failed
5 KB
8 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1818
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
3 KB
7 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5584
4 KB
7 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6260
csync.smilewanted.com — Cisco Umbrella Rank: 2991
static.smilewanted.com — Cisco Umbrella Rank: 10113
16 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
pixel.quantserve.com — Cisco Umbrella Rank: 1147
cms.quantserve.com — Cisco Umbrella Rank: 929
12 KB
6 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 748
ads.pubmatic.com — Cisco Umbrella Rank: 588
image2.pubmatic.com Failed
image6.pubmatic.com Failed
12 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com — Cisco Umbrella Rank: 895
grid-mercury.criteo.com — Cisco Umbrella Rank: 3239
dis.criteo.com — Cisco Umbrella Rank: 648
4 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 41987
sync.aralego.com — Cisco Umbrella Rank: 3055
2 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1199
ap.lijit.com — Cisco Umbrella Rank: 754
2 KB
5 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1583
usersync.gumgum.com — Cisco Umbrella Rank: 2253 Failed
rtb.gumgum.com — Cisco Umbrella Rank: 1656
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
294 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
imasdk.googleapis.com — Cisco Umbrella Rank: 498
359 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
2 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 gstatic.com
www.gstatic.com
csi.gstatic.com Failed
17 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
437 B
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
395 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
361 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
90 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
69 B
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2652
cs.yellowblue.io Failed
2 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 914
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1371
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
4 KB
3 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41903
hal900010.redintelligence.net — Cisco Umbrella Rank: 326444
9 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1420
contextual.media.net — Cisco Umbrella Rank: 780
hbx.media.net — Cisco Umbrella Rank: 1291
11 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3692
visitor.omnitagjs.com — Cisco Umbrella Rank: 773
1 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 17979
41 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 awin1.com
www.awin1.com Failed
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 646
868 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1111
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 521
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
916 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9392
505 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
60 KB
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5842
546 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 925
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 30909
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16179
c.statcounter.com — Cisco Umbrella Rank: 10381
15 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1030
452 B
1 conrad.ch
www.conrad.ch
491 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1171
44 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1907
349 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
309 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 18782
244 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1711
160 B
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 38455
1 KB
1 a47b.com
aam.a47b.com — Cisco Umbrella Rank: 4681
ajs.a47b.com Failed
5 KB
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1185
481 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1985
502 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1089
493 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
551 B
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5689
145 KB
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 21747
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 28871
823 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
634 B
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 44484
13 KB
1 unibots.in
socket.unibots.in — Cisco Umbrella Rank: 75630
4 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
17 KB
0 sportradarserving.com Failed
a.sportradarserving.com Failed
0 dotomi.com Failed
dclk-match.dotomi.com Failed
0 ck-ie.com Failed
us.ck-ie.com Failed
0 betweendigital.com Failed
ads.betweendigital.com — Cisco Umbrella Rank: 1822 Failed
0 turn.com Failed
ad.turn.com — Cisco Umbrella Rank: 1024 Failed
0 socdm.com Failed
tg.socdm.com Failed
0 richaudience.com Failed
sync.richaudience.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 360yield.com Failed
ad.360yield.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 taptapnetworks.com Failed
sonata-notifications.taptapnetworks.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 1rx.io Failed
sync.1rx.io — Cisco Umbrella Rank: 649 Failed
0 teads.tv Failed
a.teads.tv Failed
545 96
Domain Requested by
43 pagead2.googlesyndication.com ads.aralego.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
cdn.adpushup.com
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
imasdk.googleapis.com
36 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
www.bg3.co
onetag-sys.com
adpushup-d.openx.net
g2.gumgum.com
ssbsync.smartadserver.com
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
22 onetag-sys.com 6 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
csync.smilewanted.com
21 tpc.googlesyndication.com www.bg3.co
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
16 pixel.rubiconproject.com 7 redirects www.bg3.co
onetag-sys.com
15 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
g2.gumgum.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
15 il-trc-events.taboola.com www.bg3.co
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
googleads.g.doubleclick.net
www.bg3.co
cdn.adpushup.com
onetag-sys.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
13 images.taboola.com www.bg3.co
12 stream.unibotscdn.com vjs.zencdn.net
12 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
11 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 s0.2mdn.net www.bg3.co
s0.2mdn.net
imasdk.googleapis.com
10 ups.analytics.yahoo.com 6 redirects am-match.taboola.com
onetag-sys.com
10 googleads.g.doubleclick.net www.bg3.co
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
cdn.adpushup.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 ib.adnxs.com 5 redirects cdn.adpushup.com
www.bg3.co
googleads.g.doubleclick.net
acdn.adnxs.com
10 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
cdn.aralego.net
www.googletagservices.com
9 token.rubiconproject.com 6 redirects eus.rubiconproject.com
8 c1.adform.net 8 redirects
8 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
8 x.bidswitch.net 4 redirects imprammp.taboola.com
www.bg3.co
onetag-sys.com
8 e3.adpushup.com www.bg3.co
7 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
7 s.amazon-adsystem.com 2 redirects www.bg3.co
onetag-sys.com
ssum-sec.casalemedia.com
7 pr-bh.ybp.yahoo.com 2 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
5 cms.quantserve.com 5 redirects
5 www.googletagservices.com www.bg3.co
securepubads.g.doubleclick.net
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
s0.2mdn.net
googleads.g.doubleclick.net
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 pubads.g.doubleclick.net imasdk.googleapis.com
4 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
4 us-u.openx.net 1 redirects googleads.g.doubleclick.net
adpushup-d.openx.net
4 image8.pubmatic.com 2 redirects onetag-sys.com
4 ads.stickyadstv.com 4 redirects
4 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
4 match.prod.bidr.io 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
4 www.google.com 1 redirects 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
4 rtb.openx.net 1 redirects cdn.adpushup.com
4 prebid.a-mo.net 2 redirects cdn.adpushup.com
4 region1.google-analytics.com www.googletagmanager.com
4 trc.taboola.com cdn.taboola.com
www.bg3.co
4 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
cdn.unibotscdn.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
3 usersync.gumgum.com g2.gumgum.com
3 match.sharethrough.com public.servenobid.com
csync.smilewanted.com
cs-server-s2s.yellowblue.io
3 ap.lijit.com public.servenobid.com
csync.smilewanted.com
cs-rtb.minutemedia-prebid.com
3 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
3 id.rlcdn.com onetag-sys.com
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 sync.mathtag.com onetag-sys.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 sync.srv.stackadapt.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 www.gstatic.com www.bg3.co
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
3 htlb.casalemedia.com cdn.adpushup.com
3 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 fonts.googleapis.com cdn.taboola.com
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
www.bg3.co
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 am-wf.taboola.com vidstat.taboola.com
2 visitor.omnitagjs.com 2 redirects
2 www.awin1.com hal900010.redintelligence.net
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
2 creativecdn.com 2 redirects
2 sync.go.sonobi.com 2 redirects
2 p.rfihub.com 2 redirects
2 ce.lijit.com 2 redirects
2 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 googleads4.g.doubleclick.net www.bg3.co
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 hal900010.redintelligence.net 1 redirects 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
hal900010.redintelligence.net
2 pixel.tapad.com 1 redirects www.bg3.co
2 px.ads.linkedin.com 1 redirects www.bg3.co
2 aws-fr-sync.bidswitch.net 2 redirects
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 pro.ip-api.com cdn.unibotscdn.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 am-vid-events.taboola.com www.bg3.co
2 prebid.smilewanted.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
1 s.tribalfusion.com www.bg3.co
1 a.tribalfusion.com 1 redirects
1 csi.gstatic.com imasdk.googleapis.com
1 u.openx.net 1 redirects
1 trace.mediago.io 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 www.conrad.ch hal900010.redintelligence.net
1 match.deepintent.com g2.gumgum.com
1 sync.taboola.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 b1sync.zemanta.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 secure.adnxs.com 1 redirects
1 eu-u.openx.net adpushup-d.openx.net
1 hbx.media.net 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 unibots.b-cdn.net cdn.unibotscdn.com
1 static.smilewanted.com csync.smilewanted.com
1 pixel.quantserve.com www.bg3.co
1 aam.a47b.com s0.2mdn.net
1 js-sec.indexww.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 dis.criteo.com 1 redirects
1 hb.yahoo.net www.bg3.co
1 live.primis.tech www.bg3.co
1 sync.ipredictive.com 1 redirects
1 hal9000.redintelligence.net 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 vjs.zencdn.net cdn.unibotscdn.com
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 grid-mercury.criteo.com cdn.adpushup.com
1 media.grid.bidswitch.net cdn.adpushup.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 vidstatb.taboola.com www.bg3.co
1 f35c994a8e911d8cd26d8d961078aa39.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 cdn.socket.io cdn.unibotscdn.com
1 imprammp.taboola.com vidstat.taboola.com
1 socket.unibots.in cdn.unibotscdn.com
1 grid.bidswitch.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 15.taboola.com cdn.taboola.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 a.sportradarserving.com Failed www.bg3.co
0 cs.yellowblue.io Failed cs-server-s2s.yellowblue.io
0 dclk-match.dotomi.com Failed 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
0 pixel-us-east.rubiconproject.com Failed public.servenobid.com
0 cm.adform.net Failed csync.smilewanted.com
0 us.ck-ie.com Failed csync.smilewanted.com
0 image6.pubmatic.com Failed ads.pubmatic.com
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
0 ads.betweendigital.com Failed csync.smilewanted.com
0 ad.turn.com Failed csync.smilewanted.com
0 tg.socdm.com Failed g2.gumgum.com
0 sync.richaudience.com Failed csync.smilewanted.com
0 ajs.a47b.com Failed aam.a47b.com
0 sync-tm.everesttech.net Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 image2.pubmatic.com Failed onetag-sys.com
0 sync.crwdcntrl.net Failed ssum-sec.casalemedia.com
0 sonata-notifications.taptapnetworks.com Failed ssum-sec.casalemedia.com
0 cs.admanmedia.com Failed public.servenobid.com
g2.gumgum.com
0 sync.1rx.io Failed public.servenobid.com
0 a.teads.tv Failed cdn.adpushup.com
0 static.bg3.co Failed www.bg3.co
545 171
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
cdn.unibotscdn.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
socket.unibots.in
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
cdn.socket.io
Amazon RSA 2048 M01		 2023-02-22 -
2023-12-20		 10 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
media.grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-11 -
2024-08-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.a47b.com
Amazon RSA 2048 M01		 2023-02-10 -
2024-01-29		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
stream.unibotscdn.com
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
www.conrad.ch
Cloudflare Inc ECC CA-3		 2023-03-17 -
2024-03-16		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh

This page contains 75 frames:

Primary Page: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Frame ID: AC495E8FDA125E8ABF4A1A5F01FAEC9D
Requests: 197 HTTP requests in this frame

Frame: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DC2027B2712472117AAECEF2CE66B617
Requests: 1 HTTP requests in this frame

Frame: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC44C624FDFF8074B13696125769593F
Requests: 5 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&cmcv=&pix=undefined&cb=1696600858918&uv=3345&tms=1696600858918&abt=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2e500ecf-1765-455f-a3f2-ce7506d9e011&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 0C9278E6FA71B058FFAA0EBB79DFE54D
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: BAFEBD2E8BEFC741631593C7AB68609A
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D4A2B472269ECFB294C824AA65F5BCB9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7DC0BDA58EE0B49B5665F51C918FDDE7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 345B5C78B1B32530DCAE8A72BA4825BB
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 147C78E83AD956953DBD71002CA4D37C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: B2FA2359F37EB5B8E0661DBC5D7035E4
Requests: 20 HTTP requests in this frame

Frame: https://f35c994a8e911d8cd26d8d961078aa39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DA0A5003F48E4B08CCD7D6C98B42375B
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 473DB0C5EDDC678B4FFAE2C8A5BF4A72
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6lZL8rcDehT7vxeaIwk5tsIxR86RItGZesLb1UgBoPxs9eHoaDmGOm6vI82n_k_yu6UMskaqIP2o5V_g_4xWsfK-tJ5sGOuiUqYht7DYsq4jOfQyQRdGvGUOlb5S5weerLMVignT8t_PzF50jhexVXk49o2jDi-1NGw9E5V6JRYJszYyFr7uaAPC2ervJzig4yRWAScDKBVm_YFoaHcfmr9020Yp270i8sra-XeSZ1IieJxk0loC1XFAuB4voHgx6h1kAhbVUp_0FRRjaxpMT3nRwVk8vROAKugx_GcVqVbEFb1K_KLmQB3o_MqFXEMk&sai=AMfl-YRBZ8wpnXl4FGUxtnzaDfR5BxGiReFGHZqAMgK3HHuvOdSJOIcSNFooHTtDFVadQCuRTb3XC4XDHVAEF3BgP9tKfU_MIIiX6g9K_LoZooQ9d0dLYhjYhLLcN_jUC_g&sig=Cg0ArKJSzKdZk-0YOc35EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 94C2DCFF30D5CABD46D4711D2DA0380D
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIeUqAIQmbeZmgMY2vWE8AEwAQ&v=APEucNU3_ls1IH-g2XJ9rJaUTHBWCXpDFnv9PeWTLtiq_j-S5-EtrIXSQSiVhtO22AMYWBUqVBDG3PQeJpgjFHU84Q0VaO6GYZXiZJEwmB2doBtSblDIO8s
Frame ID: 2F092DACE680C1DB6663FE0D494F7EF7
Requests: 3 HTTP requests in this frame

Frame: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A6B6F1950E5B5D93FA03FEE2422AE137
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUAkYfcADkOPpLUNdbpHDFq5z64n1N6iiDdd8xT6GDqE-XOFSkzO_iSRMg3FTBV0kEt2LiWiiT80gTmnM1QBiNRFFhTfQ
Frame ID: BFD3289E8850F18C6BB868AB179F0B4B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 554527136F65D086ECDF16C018109090
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: 5C511345A530274DDE799F7E8267C82C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Frame ID: D392D5330B432B67EB74E63EDD06C552
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CBC25C7456FE2F3F81A13BFA9AD6113
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5499DBC56C72AB8FC16459FC3A0E56AF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CC2C18BA5F8439964FFA8BDC6E283F7B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FC109B2FC852A6A8610EC0B65FF1CA21
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9CA19CB99FD4D1A4B633C75C29EB2D88
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 7994692E87149702868BE63EEDE467CD
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1696600858639
Frame ID: 490BE02FEE83AD2B30A492BDB4044A68
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 09A4DFB8BF873B10D8672EF59D931495
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: D98744F9BE0C24BAC4BC083ADE45A801
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 5244C4D15C28CCEFFE01EA4DDA4661A8
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7C625735CC3178CD807BF5537AF657C5
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F91A787A7CD933946CE76BDA1217648D
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: 2CCD616A294BC12B0BBAD7B73239C9DA
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D352D964B66CCC804C640170066AC883
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
Frame ID: 34E2BB943E387969DF0118CB457572F3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXOF3RR5CJEVeH9Z96fOBh3vqslhhBLIGnNHHnULh9UyeoMBnpZcNnMitdqHd9_l88PuAOM_Ljel7VZ1DZ4DZfoxrweRA
Frame ID: 4C8E491E175511C481E164FD9489286F
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Frame ID: D9E8ACC8DA34B1E4B65B1450A55C2BEB
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8EDB6B0E28787A28F9C173F5821AA776
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 5D68EA407926C5C5C56DAFC1F6C7A274
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 68A26D630357ACFBE97AAE83F19F4AE5
Requests: 16 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 5DFE9F2DB8F839BAA004A85753ACB09D
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: CA55A1D221FBF41F5AC1ABEF10BD7ED9
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 4678689B70D9F290A0494DCD0D430404
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 4822D09DD303DA138CAB35FAB60D7D76
Requests: 3 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 83F8C91E5344D2A903401C57B7D1106C
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: B31030E5CBC2019AAC777367102745A0
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 684AF2395B1D96B579E3F02F76309AD0
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F0D16B5FC7AF002BCD00871AD003C2D5
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 9471F65887F42E6C4401E5443B7B59D1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: ABFE917FB8F04E1A089BA6085213A136
Requests: 15 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=95442100072044304438466012469010&pv=1
Frame ID: 50CB962A5CA53C742E997A4A11B89A78
Requests: 1 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?awc=11467_414915_1696600869_cd03e591-6450-11ee-b98b-2233369fc7ee&insert=AW&gdpr=&gdpr_consent=
Frame ID: 8B03D5B5AD6C198872EDB2B91223B518
Requests: 1 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=95442100072044304438466012469010&a=389efa41
Frame ID: B1D6673AB97095D4CE9E9352D9DF454D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=6637118400076903436&gdpr=0&gdpr_consent=
Frame ID: D27456AB6D8C6DFB403007B67936C3A9
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 29DF88622179BCA123EF8E7CBA19FE5C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xN2UwMDI5NS1kMmMxLTRiYmItYTdhNi0zNjU4YThjYjU2ZDg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 46103CAA820962ED68A43524B8D76888
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 00A7F5B113C89AEC9D0E77498EF98BB2
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 0C7ACA15346E5ED7D5AE2B3094C0C72D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 691DE78660DAA7056FE597E1D32530A6
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: F869B88E2D5FA11292E73DCE0100AE2C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 603F1AAAEBE622900BF7305453E28E4D
Requests: 9 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 5F162F2EBEB1DA73876DC172740700F4
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 5056214FEB24C2E3BA8713EDE64B90F9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=iiQzJF1EvIX0la3Yorat&pi=gumgum&tc=1
Frame ID: 80E138D3C6FBE56E307E66C15A5B711B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 1F382771FA431F763DE6ECF0B915FEC3
Requests: 4 HTTP requests in this frame

Frame: https://ad.turn.com/r/cs?pid=45&rndcb=8273015746
Frame ID: B11BEAC4F503A040D2828D1BA5658304
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Frame ID: 815F824D174E9B77598D963F2C2943B8
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 9570E14C09690C83BB3DAF255E914F88
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 9EDD6FF1E7B018E9DCBC08FFEDAE8EE9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/29bc4c27cf57ba8353074e724bed8f?gdpr_consent=&gdpr=0
Frame ID: 136FCA8CFD8DE4971E76C8D8289F5E96
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 14F3D7E4E0F3D1550BD4A78D461CB5A6
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 7C68F6B8457F0887C8C3A645E732C9C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5B77458F350D7E0B6D5E0EBA903E3FF9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DDF4D90143B86E0FDCCD1DFDE0CA07A4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 043E5C8C177665080E54AE65A7F01EEE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0AD82EDD5B40C045008C6D5DB1E2C262
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

桃機新塔臺爆「未過消防安檢」提早偷跑!民航局:系統測試中未正式啓用 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

545
Requests

71 %
HTTPS

0 %
IPv6

96
Domains

171
Subdomains

98
IPs

11
Countries

7736 kB
Transfer

17459 kB
Size

121
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 150
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 151
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/88e990de-1373-33a7-984b-18818bea2e0d?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-NXgF_9VE2oUaMK5p8qdmoKr3MUTtmOmjsb8SU3Y-~A&redirect=
Request Chain 188
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 196
  • https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=b7692853-1c14-4883-b2dc-a1e6d4d6c864&google_hm=Yjc2OTI4NTMtMWMxNC00ODgzLWIyZGMtYTFlNmQ0ZDZjODY0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPZdMMPZIWj0PEOfLKDLERM&google_cver=1&ssp=themediagrid&bsw_param=b7692853-1c14-4883-b2dc-a1e6d4d6c864
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESECEGMzMx8Zpitae8hIE3KZ4&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESECEGMzMx8Zpitae8hIE3KZ4&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=98802a5f35ede768afcaa6e746f2d2a8&uid=98802a5f35ede768afcaa6e746f2d2a8&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK312KX7nPYyuoTr1F3VCUA&google_cver=1
Request Chain 223
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSATHrSpNka.Qd7w4Rb4KgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK312KX7nPYyuoTr1F3VCUA&google_cver=1&google_hm=2
Request Chain 238
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNEOCGWP-1F-LQJT HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNEOCGWP-1F-LQJT
Request Chain 244
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=enuUuFUbSkGNxqOr61lvGQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=enuUuFUbSkGNxqOr61lvGQ
Request Chain 245
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmU4Y2UxZGEzMTMwY2I4Mzk4YzhmM2M2NDE1MWQ5ZjdkNmU5YmUzOA
Request Chain 247
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNEOCGWP-1F-LQJT
Request Chain 248
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-BFMNJXIVA3G9Haq7qY4Ycn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RoYJAjFE2oIOVPL7H1DBgqwJsu8gVYcYL34Cmg--~A
Request Chain 249
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lrJm7awPTgmX4BICVF-Nnw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lrJm7awPTgmX4BICVF-Nnw
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpYhAMcqJo-AHq-cKFIjcs&google_cver=1
Request Chain 251
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5FT0NHV1AtMUYtTFFKVA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEPIHEUO2B5mVijzMHrHtAY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FT0NHV1AtMUYtTFFKVA==&google_push=
Request Chain 252
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADmK07KQCYAABeXLZj-Hw&expires=30
Request Chain 253
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=abaa872d-7377-4316-b98c-33221f78225c&expires=30
Request Chain 254
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNEOCGWP-1F-LQJT
Request Chain 255
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNEOCGWP-1F-LQJT HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNEOCGWP-1F-LQJT
Request Chain 256
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNEOCGWP-1F-LQJT
Request Chain 257
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNEOCGWP-1F-LQJT&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNEOCGWP-1F-LQJT&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1TOEpnTm1GRTJ1RVJjQnhDUXpYRkhGUDFqNkJHN05VeH5B&ovsid=LNEOCGWP-1F-LQJT&dpid=58160
Request Chain 258
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=2uwBx8lOTPlMXR8UyIWrng
Request Chain 259
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=af0bba0e-0554-4653-aa34-88576835f9b8
Request Chain 267
  • https://hal900010.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=97f363118d&subid=&uid=b3446b1440ed68e3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DConmnHRMgZc2pLMnQgAegpa_YCpHB0Jtpm-iDktwP8C4QASC6hMAzYPWFgIDUBMgBCakCCIfFM7W0sT6oAwHIA5sEqgSZAk_Qf-wo488gW71uJQ2M6nAtTGaqU4anEXW1qxLGyaTTAwX4SEgqPWECpQWxgKYnB7nV7D6aihcpRvEE-pYf8YUjbfjsvkhvkxsPBwmqSCt9T6yqNNTsNiyEphMCy-hOIctV33atpv8_gVtqk2XG9_2jG570ujmmQLYZhX4G-MgO4GkzgJX1LiHVzQH9sH6_rx2Ss8LyE7DUMcbUAIw0SaT4_MJ5qHu1TmuGzE5Ws1tks1y1wFx6w61KzQ9CWb-tFUwOYzT_NDXQvthIXKzC1STUVfbmCdTM2cyQsTSZ4u268pf5K55gPvt0CmWQykvfhScb2JBPT12nr9YeHoRPcig-RmEWcivtxPk26zE_zDKj8W7POHnUHKz8wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCLu6vt3K4YEDFUko4AodoNILq7ATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjazB3crhgQMVSSjgCh2g0gurEAEYASAAEgKncfD_BwE%26num%3D1%26cid%3DCAQSPADICaaN497VuSPRiP4jYTcbr53e81Z62-99CFuBq7-7OfviOWxcEgHdRX6HzCiqb44QQ3Awi7KVhcKbfhgB%26sig%3DAOD64_3hjNicwy5w07na8yHfLPT8dwGpeQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CFOFzZcB-Skt5KpdDDsXPOWATr1Go_DT8BxYRKs9fhoxY6njSf26grbg6OppUvIz4-s6a8wyQdCrnSFLhj7EBrxpo2WWJIWLt4OTPWKPV49ZNfNRMY7YrtlXcicL9o8uDJlzV5Z99NrneLRhZ_vzzvLzLLBimV0sMJpPbtnAqoe4p9Z2g%26cry%3D1%26dbm_d%3DAKAmf-CQeRbneBXVuDWCEOOMfYXUm40N2NaJX9IzPFySlCpz_DK7gHl5cI0Hx29LgpV3SWCZs2i5jtpYROYRcdTPBOOVGDbt-kYJJSzeVH-bxd2BWky86ZzBgs2mDa9FQ09kC2XFKeud6vJMtxsdg0hYbGxu0apz7gNQp0nieMs3wwnz8VAiaOgaWdstqEyBFPQVuKOl8p5zzAThqPaNihMwa7NOHC2YtvTkSrc-NGEeCqmuIta_6FD95rrzFnzYI-VRlsNbwNN5xeTWxV7JzWgfsZTgQXYZ1vEjNdKxI9Xd_nLkQjikGNnZ5yxEHO39UcbJFunyBuETZs2KWjhTgsaudIToklhQ99dO8VHWjGbPjSHJ9jA22Gco25t8cHEGFv9uQ18VfkEclyzNqy13wpPqz94JyesbWfSOgWCPXRVE2dkyBD7K0nBe8EqoNTJdOAV7WANHQsO5lSrAnEi_qNfb1lfU2iOQVEywRndAZISSrYBRXZJdXugh7M-4eb5EtVn2ii_DoEVyvRoK_ALCua53km1gIwAq0pawVbdvB7NImWnaEykIAT7Sa06igEwfqT3ILFPWfwxXeRhIHusVSLmXo11lYTizGFOEk0VJe_Hw_1VMb01QPQvTSIYw5QH7Xsg2slsaSDKfvybDPL5pFrCeKTFdS1NVWerbGAWmecdnaOoh0VgWN4v5QZRkWP9yx4g-5tnbmZ0m_0cxpu06UTH7wrw9uXTF3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=929797617870&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900010.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=97f363118d&subid=&uid=b3446b1440ed68e3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DConmnHRMgZc2pLMnQgAegpa_YCpHB0Jtpm-iDktwP8C4QASC6hMAzYPWFgIDUBMgBCakCCIfFM7W0sT6oAwHIA5sEqgSZAk_Qf-wo488gW71uJQ2M6nAtTGaqU4anEXW1qxLGyaTTAwX4SEgqPWECpQWxgKYnB7nV7D6aihcpRvEE-pYf8YUjbfjsvkhvkxsPBwmqSCt9T6yqNNTsNiyEphMCy-hOIctV33atpv8_gVtqk2XG9_2jG570ujmmQLYZhX4G-MgO4GkzgJX1LiHVzQH9sH6_rx2Ss8LyE7DUMcbUAIw0SaT4_MJ5qHu1TmuGzE5Ws1tks1y1wFx6w61KzQ9CWb-tFUwOYzT_NDXQvthIXKzC1STUVfbmCdTM2cyQsTSZ4u268pf5K55gPvt0CmWQykvfhScb2JBPT12nr9YeHoRPcig-RmEWcivtxPk26zE_zDKj8W7POHnUHKz8wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCLu6vt3K4YEDFUko4AodoNILq7ATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjazB3crhgQMVSSjgCh2g0gurEAEYASAAEgKncfD_BwE%26num%3D1%26cid%3DCAQSPADICaaN497VuSPRiP4jYTcbr53e81Z62-99CFuBq7-7OfviOWxcEgHdRX6HzCiqb44QQ3Awi7KVhcKbfhgB%26sig%3DAOD64_3hjNicwy5w07na8yHfLPT8dwGpeQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CFOFzZcB-Skt5KpdDDsXPOWATr1Go_DT8BxYRKs9fhoxY6njSf26grbg6OppUvIz4-s6a8wyQdCrnSFLhj7EBrxpo2WWJIWLt4OTPWKPV49ZNfNRMY7YrtlXcicL9o8uDJlzV5Z99NrneLRhZ_vzzvLzLLBimV0sMJpPbtnAqoe4p9Z2g%26cry%3D1%26dbm_d%3DAKAmf-CQeRbneBXVuDWCEOOMfYXUm40N2NaJX9IzPFySlCpz_DK7gHl5cI0Hx29LgpV3SWCZs2i5jtpYROYRcdTPBOOVGDbt-kYJJSzeVH-bxd2BWky86ZzBgs2mDa9FQ09kC2XFKeud6vJMtxsdg0hYbGxu0apz7gNQp0nieMs3wwnz8VAiaOgaWdstqEyBFPQVuKOl8p5zzAThqPaNihMwa7NOHC2YtvTkSrc-NGEeCqmuIta_6FD95rrzFnzYI-VRlsNbwNN5xeTWxV7JzWgfsZTgQXYZ1vEjNdKxI9Xd_nLkQjikGNnZ5yxEHO39UcbJFunyBuETZs2KWjhTgsaudIToklhQ99dO8VHWjGbPjSHJ9jA22Gco25t8cHEGFv9uQ18VfkEclyzNqy13wpPqz94JyesbWfSOgWCPXRVE2dkyBD7K0nBe8EqoNTJdOAV7WANHQsO5lSrAnEi_qNfb1lfU2iOQVEywRndAZISSrYBRXZJdXugh7M-4eb5EtVn2ii_DoEVyvRoK_ALCua53km1gIwAq0pawVbdvB7NImWnaEykIAT7Sa06igEwfqT3ILFPWfwxXeRhIHusVSLmXo11lYTizGFOEk0VJe_Hw_1VMb01QPQvTSIYw5QH7Xsg2slsaSDKfvybDPL5pFrCeKTFdS1NVWerbGAWmecdnaOoh0VgWN4v5QZRkWP9yx4g-5tnbmZ0m_0cxpu06UTH7wrw9uXTF3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=929797617870&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 279
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 293
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=629782633211601364
Request Chain 294
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=1
Request Chain 296
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKtQxExKpSD_3K2TGXB6Vk0SbuvkxgQA
Request Chain 299
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=7QL-VJhUPQb_0Zhx-CNgCJtdt6g-dLLfsjtRcCtnX0E
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOwhv3pjuXVyqpxphd3LcXM&google_cver=1
Request Chain 333
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI5NzgyNjMzMjExNjAxMzY0
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEATVJMhvUNsyL0X-JbQUEIs&google_cver=1
Request Chain 335
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWJjZDAxNTctOTRjMi02MWExLTRiOTgtY2FkOWZmNTM1ZGQ4
Request Chain 340
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 345
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=629782633211601364
Request Chain 346
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HcOJsRZHohI4WGdZQTq0Yn_d
Request Chain 348
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696600864856 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6946135067 HTTP 302
  • https://sync.1rx.io/usersync/turn/3538602912032252274?dspret=1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 349
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5140084927578361049
Request Chain 350
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=2564f93d-da97-4abe-8193-99694cc30720
Request Chain 351
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 352
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
Request Chain 353
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkyAiAYOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkyAiAYOAE%3D&gdpr=&gdpr_consent=&us_privacy=&crf=1&rts=-7493710933535953217 HTTP 302
  • https://ssp.disqus.com/match?bidder=32&buyeruid=9a0070c6-1fba-5217-bd01-8896d8219bb2&r=Cid1YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkyAiAYOAE= HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-d994d507-0770-398c-b555-49564c04f179&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkyAiAYOAI=&gdpr=&gdpr_consent=
Request Chain 354
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
Request Chain 356
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 362
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jvHdgIn33YCV99iEivHCgomg14OV9Y7W3aWRMT0h
Request Chain 363
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6493606842649653529
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEATVJMhvUNsyL0X-JbQUEIs&google_cver=1
Request Chain 368
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=629782633211601364
Request Chain 369
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=OP-jNT_5ozUj-aYxPP-8Nz-uqTYj-_Bja6vX-yTN
Request Chain 370
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB
Request Chain 371
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABiak7KQCYAABfSGIgYOA&expiration=1697810466
Request Chain 372
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559730160086655
Request Chain 373
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Request Chain 374
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 375
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELgHyKBVVVOmViR5fkUjU6U&google_cver=1
Request Chain 381
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4e2ce651-1c2c-ae85-73fb9d73
Request Chain 382
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348%2526gdpr%253D0%2526gdpr_consent%253D
Request Chain 384
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=iiQzJF1EvIX0la3Yorat&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156&tc=1
Request Chain 387
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKuLTGLDQ8aq2ob9Z9b9vXHVjjTQwGrw
Request Chain 390
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LNEOCGWP-1F-LQJT&gdpr=0
Request Chain 391
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=629782633211601364
Request Chain 392
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=0
Request Chain 394
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=8529021364860094909
Request Chain 395
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=208o8KyB4nWH36gbQR7aeQeVqaey0TCed2AuQtpUy5k
Request Chain 396
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjIzNDI3OEEtRkYyMy00OUM1LUFDNkEtNEEzRTE1QTVGMjZB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
Request Chain 398
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
Request Chain 400
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=Ri5WxUEoVsVdKFPBQi5Jx0F_XMZdKgWTFXpQYucE HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 403
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=629782633211601364
Request Chain 404
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1942609373480858756&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=&gdpr_consent=&us_privacy=
Request Chain 405
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_HNFGOiz10fB9kEHsRw-bR3LHgNe-1y--u915Pql8NLjtm_3uCRWb9CzQwTH4YDc%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28_HNFGOiz10fB9kEHsRw-bR3LHgNe-1y--u915Pql8NLjtm_3uCRWb9CzQwTH4YDc%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&obuid=ENC(_HNFGOiz10fB9kEHsRw-bR3LHgNe-1y--u915Pql8NLjtm_3uCRWb9CzQwTH4YDc)&gdpr=0
Request Chain 406
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=309f76ed-75a0-0753-3903-808dfde192fe
Request Chain 407
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1f45cdca-2279-49e9-76ff-9b9455b22955$cell
Request Chain 408
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-kDE3eJlE2pclaiO8_NAlqixNsXs3W1p3zR5u~A
Request Chain 409
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=abaa872d-7377-4316-b98c-33221f78225c
Request Chain 411
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=JssblVu3r9jDYEROWvc-&gdpr=0&us_privacy=1---
Request Chain 413
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=IXMHrK8VNA1h&ev=1&pid=558355
Request Chain 414
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=634865736735787357
Request Chain 419
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=95442100072044304438466012469010&pv=1 HTTP 302
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1696600869_cd03e591-6450-11ee-b98b-2233369fc7ee&insert=AW&gdpr=&gdpr_consent=
Request Chain 422
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=6637118400076903436&gdpr=0&gdpr_consent=
Request Chain 443
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=iiQzJF1EvIX0la3Yorat&pi=gumgum&tc=1
Request Chain 444
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 445
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8273015746
Request Chain 453
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/29bc4c27cf57ba8353074e724bed8f?gdpr_consent=&gdpr=0
Request Chain 457
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTU0NDIxMDQyMjA0ODIyOTY5Mg==&gdpr=0&gdpr_consent=
Request Chain 458
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=99feb903dc8cbd21a9cdc3267f2ac2b6&gdpr=0&gdpr_consent=0
Request Chain 459
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=NIYqLDOAKiwvgC8oMIY1LjPXIC8vgnl6Z9Jd2OKs
Request Chain 462
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKupRe3o4pcdyBWC9vrCD0NS76mkbt_Q
Request Chain 463
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SpSItNdy-Fgy1vgy0tQWfLgV8obhKxpQ28KAt2er8Bw
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
Request Chain 468
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=1
Request Chain 478
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOzZC_AGZtU7Ink330uUNOA&google_cver=1&google_push=AXcoOmTThrdS9Gtr-Y5iGTaD2L4JvS3d8rBwFhrvTHmo51aGGlneS3rQeLcKUAmMOPfQ7JZRlEaTg70zakZnL-Aj2N6QRLubLsj_rQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTThrdS9Gtr-Y5iGTaD2L4JvS3d8rBwFhrvTHmo51aGGlneS3rQeLcKUAmMOPfQ7JZRlEaTg70zakZnL-Aj2N6QRLubLsj_rQ&google_hm=rrXQKOuT9Dsw1n7whmrcGg
Request Chain 480
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELUYJNKQm3x30EFWI5bmkmk&google_cver=1&google_push=AXcoOmQcutQk-wk8PcbO_TUS6Hr9DprBgnoVfNE4ebpyuxBHy7od9slA-m_vTpCh-JzFXmP-Zkf0hv_iPgRJT-oVq7m2v8DGdpzR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQcutQk-wk8PcbO_TUS6Hr9DprBgnoVfNE4ebpyuxBHy7od9slA-m_vTpCh-JzFXmP-Zkf0hv_iPgRJT-oVq7m2v8DGdpzR
Request Chain 482
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAPpcKsgaDszt12DZsyzZoc&google_cver=1&google_push=AXcoOmQG6moySJvZHsRIEP_cYpUdrlq-cXlg3pQt36u4nKkHXwqgdAr8s456KkACV2xncOZBn7xZLf-aHwht0mVQ0XPen_32YYue HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1MzYyMTE2NjMyNjI2OTA2Mg&google_push=AXcoOmQG6moySJvZHsRIEP_cYpUdrlq-cXlg3pQt36u4nKkHXwqgdAr8s456KkACV2xncOZBn7xZLf-aHwht0mVQ0XPen_32YYue
Request Chain 484
  • https://trace.mediago.io/cs/google?google_gid=CAESEHsJwd-t5GYYuCS-Tc4-5x4&google_cver=1&google_push=AXcoOmTPBqT8KzbYidpxYGpmCMsoPezwSZqBA4qKOH4p-zTkdGi1oLqEfUeUVqoJzYQO5IJaGD2XWu9vqFoKx7E0rQ1ZpSvgl8SvO8Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTPBqT8KzbYidpxYGpmCMsoPezwSZqBA4qKOH4p-zTkdGi1oLqEfUeUVqoJzYQO5IJaGD2XWu9vqFoKx7E0rQ1ZpSvgl8SvO8Y&google_hm=f34e9699c4cead1113nzu400lneocoqg
Request Chain 486
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=629782633211601364&gdpr=0&gdpr_consent=
Request Chain 487
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=0
Request Chain 489
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F234278A-FF23-49C5-AC6A-4A3E15A5F26A
Request Chain 494
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F234278A-FF23-49C5-AC6A-4A3E15A5F26A
Request Chain 495
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 496
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=99feb903dc8cbd21a9cdc3267f2ac2b6
Request Chain 497
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=5efb3099-2227-0051-26e0-899775b2195d
Request Chain 498
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156
Request Chain 499
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=666586948737432634043
Request Chain 507
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LNEOCGWP-1F-LQJT HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LNEOCGWP-1F-LQJT
Request Chain 516
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAMZBiU3tOP3K3AkNHAJQP4&google_cver=1&google_push=AXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5zS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5zS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAMZBiU3tOP3K3AkNHAJQP4&google_cver=1&google_push=AXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5zS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5zS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 517
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELIKGIobdN8RVn2YkpRZPaw&google_cver=1&google_push=AXcoOmQ6uxHkvyYlby04DFNYrTt1ef95_yBbxOE6NgFaFujsEtIN41feAjUgW4i558q905kgsmksfxPiiN-cPYONgVVK7hclWSmt HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
Request Chain 518
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAPpcKsgaDszt12DZsyzZoc&google_cver=1&google_push=AXcoOmRq5cbBczCJFlxoITKEG0iZtS9U54M4K4GJ_yUfpV-6ALzTz61nTCjLrX_Qq1aGjPkHSJ-LChSPONi2bZrgYd5eJihl6v4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0MjYwOTM3MzQ4MDg1ODc1Ng&google_push=AXcoOmRq5cbBczCJFlxoITKEG0iZtS9U54M4K4GJ_yUfpV-6ALzTz61nTCjLrX_Qq1aGjPkHSJ-LChSPONi2bZrgYd5eJihl6v4
Request Chain 519
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMLnqB-gOTorkxe3HHFqsm4&google_cver=1&google_push=AXcoOmQG7miP53nyXt8wdpL7W25vkYzcuBkbcBgJz4IWWUFoZssFo1nX3bEbavOEA7hfDuMQZTH55GZROViyd0EK61EgRVxV_dkd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQG7miP53nyXt8wdpL7W25vkYzcuBkbcBgJz4IWWUFoZssFo1nX3bEbavOEA7hfDuMQZTH55GZROViyd0EK61EgRVxV_dkd&google_hm=GPRYofQzhiu4DNzX5qipAg==
Request Chain 520
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPkYtC9R2kMTlvYuGHOJJ-w&google_cver=1&google_push=AXcoOmQv-hJUXreY5M_HNDHBo2l9iEEk_USKQ7qAz__r_tUVFE1tzvNWzRHRiYht920WE4tfY9zX6ActTdhEVDQ8Gd1HYSW9VWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=H0XNyiJ5Sel2_5uUVbIpVQ&google_push=AXcoOmQv-hJUXreY5M_HNDHBo2l9iEEk_USKQ7qAz__r_tUVFE1tzvNWzRHRiYht920WE4tfY9zX6ActTdhEVDQ8Gd1HYSW9VWA
Request Chain 521
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEPIHEUO2B5mVijzMHrHtAY&google_cver=1&google_push=AXcoOmQjOJkmYJIbNVwKcbRNiOIkuYe5wOceHnFB-VFTob5F3syK0P2Fnwm00gUK0mfjYpXpBWPBSccKUbWmmHr-83fukZngiewZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FT0NHV1AtMUYtTFFKVA==&google_push=AXcoOmQjOJkmYJIbNVwKcbRNiOIkuYe5wOceHnFB-VFTob5F3syK0P2Fnwm00gUK0mfjYpXpBWPBSccKUbWmmHr-83fukZngiewZ
Request Chain 522
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQlMcppMuyWFt8_pyNyvIETUNVcy2lfaO4XvPZD91Yq4oJsTCk9a687hLy86VL_A-2Kgo4pRSY3TveNl4nolP_aAqXyrK4%26google_hm%3D%5BUID%5D&google_gid=CAESEAI1dB-Y0wz6R4heBtm0r8U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQlMcppMuyWFt8_pyNyvIETUNVcy2lfaO4XvPZD91Yq4oJsTCk9a687hLy86VL_A-2Kgo4pRSY3TveNl4nolP_aAqXyrK4&google_hm=2564f93d-da97-4abe-8193-99694cc30720

545 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
www.bg3.co/a/ 		57 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d8dbf4d0f5a1ca947aecf5f60bf11aef8644894b76b733bc9c5988b084853f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 06 Oct 2023 14:00:56 GMT
etag
"e3dc-VPJ9LM2wctgEGJcqfvb53lPyfs8"
expires
Fri, 06 Oct 2023 14:01:56 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
8756d3367261f5dfcbef03be86fb4b956f889917fbdd3b72c300d8e1dcdc5f47
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Oct 2023 14:00:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73066
x-xss-protection
0
server
sffe
etag
"1743d73101b212e4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Oct 2023 14:00:57 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
e4c827a216d3b126750b0202c5793003f24d6002f21ff2300200c6019829929e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Oct 2023 14:00:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9658
x-xss-protection
0
server
sffe
etag
"642b972f2c805cc6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Oct 2023 14:00:57 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
3ced8ef62a879690b14ea0fa6c73d48a906cca1cc03ac25e71b1ffc9ff80136a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29626
x-xss-protection
0
server
cafe
etag
941 / 19636 / m202310020101 / config-hash: 12631718780053314049
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:00:57 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1c63b9c824b71c2dcf01d4e630880397ed4cf2fc534d64648507a1663b9844da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91381
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 14:00:57 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 10:26:35 GMT
server
cloudflare
age
11423
etag
W/"651e8f5b-a1c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
811e6efc5e610e4e-MXP
expires
Fri, 06 Oct 2023 22:50:34 GMT
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF4) /
Resource Hash
e81762698c7bbd69398b2d96f233c32b78b71bdda62829c985ba9b4324c586ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
age
15499
x-cache
HIT
x-client-device
desktop
content-length
10023
x-ap-device
DESKTOP
last-modified
Fri, 06 Oct 2023 07:00:13 GMT
server
ECAcc (frc/4CF4)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Fri, 06 Oct 2023 15:00:57 GMT
adpushup.js
cdn.adpushup.com/42753/ 		681 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
age
622801
x-cache
HIT
x-client-device
desktop
content-length
145467
x-ap-device
DESKTOP
last-modified
Thu, 28 Sep 2023 16:35:35 GMT
server
ECAcc (frc/4CC5)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Fri, 06 Oct 2023 15:00:57 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		563 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3da1d0f5ab67b7c78dc07fd90c7151d40102cb0656f64cc76ae2f99c53cf94f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AA52bHUCZ9XhXbNUo6jVpBoYKfytDUcV
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
6FKTDRGQK3X0X001
age
44
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
55244
x-amz-id-2
tVlMew2qiMnusYY3nIDobKOW7RkNFwwdF7CwEJ7kdodV0qciQCAHYRiu2NMphd9gJDspa8IhZls=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 12:21:35 GMT
server
AmazonS3
x-timer
S1696600857.014673,VS0,VE2
etag
"014ee4690d48fd248b59023b0dddfbcf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
97
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7264
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxd%2Ba9snCZFD7XbntcAeHMXHHAqPHCQ4NXBbZbd7hv0lF1j3FiNOIeYO0JFjlivxobyyZRcLca5sbRFLxXowQB4sGcsk6eI6YV1x7M9lnJFMFmkwFGvxn7mqKJ2BSk63sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
811e6f04ed040e2b-MXP

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
player.js
cdn.unibotscdn.com/player/mvp/ 		316 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
b9ca88ff32a453c0d8a5bd64d52474826dd9225343b12bca882251daf5448682

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
09/30/2023 06:49:35
cdn-pullzone
873945
last-modified
Sat, 30 Sep 2023 06:49:13 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
656
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6517c4e9-4eedb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
acfa15bf9d203da51ec3475771bc0edb
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
impl.20231005-5-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
56bb634245b7b25ecb78ab1639e9d916c097684096acffb4b8d02e3fcd99557d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UDckBi_dYgkvA6KfwnPPY8Hiski8Fxy8
content-encoding
br
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
5DS0P35PRK31YRYP
age
17883
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171845
x-amz-id-2
pdOOI7I78If90eJVeHkToTJ1E7mWCnto5gAHRBAbpdfQTVXYI1bnrRM6fhq5L1hFCtmFwDFrPwA=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 08:55:01 GMT
server
AmazonS3-br
x-timer
S1696600857.108829,VS0,VE0
etag
"dff646170ee7a85f3bc08642c9709075"
vary
Accept-Encoding
content-type
application/javascript
abp
82
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
60894
t.php
c.statcounter.com/ 		192 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=3E23205C0A994F9AC2EAB760FB6663AF&java=1&security=dd738f34&sc_snum=1&sess=95cc7e&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&t=%E6%A1%83%E6%A9%9F%E6%96%B0%E5%A1%94%E8%87%BA%E7%88%86%E3%80%8C%E6%9C%AA%E9%81%8E%E6%B6%88%E9%98%B2%E5%AE%89%E6%AA%A2%E3%80%8D%E6%8F%90%E6%97%A9%E5%81%B7%E8%B7%91%EF%BC%81%E6%B0%91%E8%88%AA%E5%B1%80%EF%BC%9A%E7%B3%BB%E7%B5%B1%E6%B8%AC%E8%A9%A6%E4%B8%AD%E6%9C%AA%E6%AD%A3%E5%BC%8F%E5%95%93%E7%94%A8%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=3746&sc_rum_e_e=3751&sc_rum_f_s=0&sc_rum_f_e=3695&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
811e6efd3f5f0e4e-MXP
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1800227
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230114-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696600858.685087,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 28715
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1362757
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230114-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696600858.685070,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 1209398
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
237041
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		39 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=16%3A00%3A57.216&lti=deflated&data=%7B%22id%22%3A309%2C%22ii%22%3A%22%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696508486488%2C%22vi%22%3A1696600857213%2C%22cv%22%3A%2220231005-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html%22%2C%22vpi%22%3A%22%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3389%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1933.578125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4de9d6e28d209be346b11ecae6fd408f203b541de18d85394a3309e03328865

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
362
date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.9595833333333333
x-fastly-to-nlb-rtt
64119
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230056-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1696600857.239018,VS0,VE362
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3a40&_p=1100245420&cid=1082112845.1696600858&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696600857&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&dt=%E6%A1%83%E6%A9%9F%E6%96%B0%E5%A1%94%E8%87%BA%E7%88%86%E3%80%8C%E6%9C%AA%E9%81%8E%E6%B6%88%E9%98%B2%E5%AE%89%E6%AA%A2%E3%80%8D%E6%8F%90%E6%97%A9%E5%81%B7%E8%B7%91%EF%BC%81%E6%B0%91%E8%88%AA%E5%B1%80%EF%BC%9A%E7%B3%BB%E7%B5%B1%E6%B8%AC%E8%A9%A6%E4%B8%AD%E6%9C%AA%E6%AD%A3%E5%BC%8F%E5%95%93%E7%94%A8%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f98a830e2cb7e43224f5daaac2ea0eaa.jpg
static.bg3.co/imgs/202106/ 		0
0
f61ea702ceddc2abf9709cc06a77d2ed.jpg
static.bg3.co/imgs/202201/ 		0
0
2cb4a15e46259d6c3d4cb9c01c705225.jpg
static.bg3.co/imgs/202309/ 		0
0
e84db7fbf3db322b45029eb08881a8ba.jpg
static.bg3.co/imgs/202309/ 		0
0
36cc00e1eb582ab06db3d496c03ad641.jpg
static.bg3.co/imgs/202106/ 		0
0
8e498ff9a6c2615211d80eb788eced22.jpg
static.bg3.co/imgs/202105/ 		0
0
55d43892c955347626338b004b8e7251.jpg
static.bg3.co/imgs/202309/ 		0
0
6aac83551d9b18791dd863eac5e1ae97.jpg
static.bg3.co/imgs/202106/ 		0
0
306585db6c09d1830b86833d78a3742f.jpg
static.bg3.co/imgs/202309/ 		0
0
9fb376a86240ec8874db29a52e946525.jpg
static.bg3.co/imgs/202106/ 		0
0
93ce77cd3e10398361f5975cea967e04.jpg
static.bg3.co/imgs/202309/ 		0
0
bc560a7088ec3370d33527f3d136c569.jpg
static.bg3.co/imgs/202106/ 		0
0
ed0757f427d79d5b6db961a35c3ea38c.jpg
static.bg3.co/imgs/202105/ 		0
0
eddf977944a278dc85541a1bcce62b79.jpg
static.bg3.co/imgs/202105/ 		0
0
ae7c89fae0f9f5b86da829936fe2dd41.jpg
static.bg3.co/imgs/202106/ 		0
0
66612f19c83ed5ed012132a01e1568e7.jpg
static.bg3.co/imgs/202106/ 		0
0
5eebb0a991b92915e87898867abda99d.jpg
static.bg3.co/imgs/202106/ 		0
0
d500691a335d9524f6ff7018530b999b.jpg
static.bg3.co/imgs/202309/ 		0
0
e7bfe6296021c6b9252ccfc3bc719c76.jpg
static.bg3.co/imgs/202106/ 		0
0
2808758f5734c6151993f55d23c0210a.jpg
static.bg3.co/imgs/202105/ 		0
0
86a6dcdc11f433f36226a36b4749475c.jpg
static.bg3.co/imgs/202309/ 		0
0
d9c429601ca35c11888240f657c9852f.jpg
static.bg3.co/imgs/202201/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012309181453000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
d4de6c8a24d8959593744ade6de22ed29b5404dcdd0243d43e52209b56383f66
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 03 Oct 2023 20:49:10 GMT
age
234708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2976
x-xss-protection
0
server
sffe
etag
"38f77e2398a961a5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 02 Oct 2024 20:49:10 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012309181453000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
71c87286b7656c279d8c6276b6602373709af8c8d4405cf94dc74e71ac9fd3b4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Oct 2023 18:36:01 GMT
age
69897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3930
x-xss-protection
0
server
sffe
etag
"2c64beef00f20bbc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Oct 2024 18:36:01 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
10141
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135332
x-xss-protection
0
server
cafe
etag
13275702515393991500
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Oct 2024 11:11:56 GMT
floating-unit.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db4ca408171c572363cd1e6a48565cac33fd0a55943ca9dc1df0ae8611461409

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OUh1dEfyajWSTA0vbdxZhGN05CTxpMuj
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
7B1CB1CJ4KRE2MCN
age
84355
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
Z9WJ4A0xGcdmBGPof4ZfvxdLSeo2yr23obwrBrDUEf2yBnAR6UeJyJRYFSIVHYLwwDQSsEMYOg4=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 14:35:03 GMT
server
AmazonS3
x-timer
S1696600858.669936,VS0,VE0
etag
"2454c2bd4f06a6cb801de9c78d323db8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
76
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
16147
tb
15.taboola.com/ 		31 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=palmate-bg3co&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Feed&uuip=Feed%20-%20Below%20Article%20Feed&cisrf=&cirf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&encoded=1&uid=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1696600857652&tagid=&cntry=CH&platform=1&sesid=99006546f0528c67db2fe9b483766b1d&itemid=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&viewid=1696600857213&geolat=&geoing=&deviceifa=&appid=&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ri=4f878f814b943974b6fd488e599665fc&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1524057&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=TI&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1231993&prcnt=&layer=&normp=1&gvv=10882
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
10403ab1f09ffd4d81b297f3aa5bca87d4f79b9ee23d9e7e5c1d65a13405056e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1414
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra-eddf8230056-FRA
pragma
no-cache
server
nginx
x-timer
S1696600858.686011,VS0,VE18
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
122bbb82786de45f899024e30ba46be0ffe396c5db6d68060671ffd83ab6c76f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
x3LUvMOi.ErsvLi0WZLoUEWSc6EFDRqn
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
654BQYPSSJNKW16M
age
84371
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
zqtnvcew37b9MR68V3ObCAkN67mik7NkMNOvfoUlkfWzccChuzi+q5pA9b6pwbTa7xK0/tRssYw=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 14:34:46 GMT
server
AmazonS3
x-timer
S1696600858.669920,VS0,VE0
etag
"85cba1ea192707579f92c3cb4e1e588d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
88
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
145783
userx.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2260074041e8fd0d66221a864f90c5e6946fd01f8043bdd96fed3587ccebce86

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YWbsZDzlKwxeakVdEW4iecKrSPOQLf8z
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
Y1WAMWEJF42G8KXJ
age
84288
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
UzzwzNIj3KLAdqyqKXfDVZ5TvUyvQGcBDu3vL7ZXdTrLHx9UaRBSAXmrPp2OnvRLun4XnVOE510=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 14:36:10 GMT
server
AmazonS3
x-timer
S1696600858.686840,VS0,VE0
etag
"4738353038981e781d2ef7a3930ffbf5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
68
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
33728
distance-from-article.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef1dcaf299e01d8c9274e7640eaba287bbb24be138d81d59a4377883f9c1512c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0eHZAkXRalpmt8X0UB0UI4pFWBbpfHCn
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
HRFT3T59T9ENVG0Z
age
84391
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
hRq+s+DKDSaHa/PPQmFar/LqA4aFoc2VPgyWoG67NWChiwji1SfvogM9B8rFU8JOdfZT0CorCKI=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 14:34:26 GMT
server
AmazonS3
x-timer
S1696600858.686069,VS0,VE0
etag
"7b19a6b6aab01474d6430893f66cf7d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
159346
article-detection.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8256a3552d7b5718e1893c202df5514114c7f824a817a566bd90341e1329585d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cV9mHHhZtc5TvN6Df8K2LcdEVn4lrYsn
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
JKZNC6YFCNZE9M9N
age
84422
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
ct4gB0V0I/D1ZYveHeIMd5WAaLI28VrdkE0xwdS4QMyNZyhO5VF2GMSNr5hvY3par/A3yDRBbbo=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 14:33:56 GMT
server
AmazonS3
x-timer
S1696600858.686045,VS0,VE0
etag
"4f9543a2a53bc9619f111dff09bce430"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
85
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
159444
article-and-feed-area-scanner.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0764cbc4ae21601aaf7702bf0439228522077d0f51bc0c13fa8eb782bccb030a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7JoAF421VkEJfujMm9cBU3CVdAYPuctP
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
65NR8ET23E2MWXY3
age
84430
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1147
x-amz-id-2
kXoW4BcoEpfiO75kddISGxUreBC1joywG7MuoaI1wox/e9jORjBn6pDq5ZZ10vUsyPWi7BAyQQo=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 14:33:47 GMT
server
AmazonS3
x-timer
S1696600858.686023,VS0,VE0
etag
"084dc38bc58b26420d5e3a899c858975"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
54087
explore-more.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfbf1436bf452e5623d63496ca8ec4fecd68b518f2b8f461f4a62d3c8f1cd55c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nzLq9ONcfE_htyhLXO9NsXqaHJwe93dv
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
1FQVM9AHBSD1C0WW
age
84377
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7705
x-amz-id-2
UyTBp1aud+6A241hiHqJF0TYu/3OxJhnx+QaFWR5qvuIzIuurNk0RC2amUh5PGVUZu06SiFU4AYulEAwRNE5pg==
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 14:34:40 GMT
server
AmazonS3
x-timer
S1696600858.703586,VS0,VE0
etag
"b01b35aca56f500625fb346048afd931"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
76260
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=10882&lti=deflated&ri=8903bb25b8156bafa089357ae5ee5949&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&pi=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&wi=1212729851991602534&pt=text&vi=1696600857213&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=16%3A00%3A57.650&id=8764&llvl=2&cv=20231005-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Oct 2023 14:00:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubs-generic
trc.taboola.com/palmate-bg3co/log/3/ 		0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/pubs-generic?route=AM:IL:V&tvi48=12611&tvi50=10882&lti=deflated&ri=8903bb25b8156bafa089357ae5ee5949&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&pi=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&wi=1212729851991602534&pt=text&vi=1696600857213&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1696600857654%7D&tim=16%3A00%3A57.654&id=182&llvl=2&cv=20231005-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
65
date
Fri, 06 Oct 2023 14:00:57 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64021
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230056-FRA
pragma
no-cache
server
nginx
x-timer
S1696600858.729970,VS0,VE65
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A00%3A57.654&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=9905&cv=20231005-5-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22taboola-below-article-feed%22%5D&vi=1696600857213
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
48433
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12611&tvi50=10882&lti=deflated&ri=8903bb25b8156bafa089357ae5ee5949&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&pi=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&wi=1212729851991602534&pt=text&vi=1696600857213&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696600857661%7D&tim=16%3A00%3A57.661&id=3524&llvl=2&cv=20231005-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Oct 2023 14:00:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=10882&lti=deflated&ri=8903bb25b8156bafa089357ae5ee5949&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&pi=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&wi=1212729851991602534&pt=text&vi=1696600857213&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A00%3A57.684&id=4835&llvl=2&cv=20231005-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Oct 2023 14:00:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A00%3A57.688&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=7851&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
48433
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A00%3A57.690&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=5315&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
48433
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A00%3A57.699&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=8381&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
50329
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A00%3A57.701&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5728&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
50329
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A00%3A57.710&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9867&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
50329
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
56
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1696600858.729409,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
87
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
68
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 06 Oct 2023 14:00:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
4339220
edge-cache-tag
461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
329
expiration
expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/Calcio/Nazionale/13-09-2023/frattesi-due-gol-per-la-storia-felice-ma-non-mi-fermo.shtml
content-length
77796
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200159-IAD, cache-iad-kiad7000113-IAD, cache-iad-kjyo7100056-IAD, cache-fra-eddf8230056-FRA
last-modified
Thu, 10 Aug 2023 20:02:04 GMT
server
nginx
x-timer
S1696600858.795924,VS0,VE2
etag
"71e7328a598628fe3e7dc8b93d19f889"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 31, 1
68ed89b2f48f183ee7d774531a337a14.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68ed89b2f48f183ee7d774531a337a14.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c34dd689c3d2e5e3369e0d0df84b5d852225767b5c8fbb642d4472d14a09cdb9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Oct 2023 14:00:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68ed89b2f48f183ee7d774531a337a14.jpg
age
3193541
edge-cache-tag
365167194386843551026551192643542346029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
365167194386843551026551192643542346029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
31
expiration
expiry-date="Sat, 02 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://duckswire.usatoday.com/
content-length
5782
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100151-IAD, cache-iad-kiad7000049-IAD, cache-sna10722-LGB, cache-iad-kiad7000128-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 02 Aug 2023 06:02:02 GMT
server
nginx
x-timer
S1696600858.828198,VS0,VE1
etag
"14f814674a4c5035c7121c01614bff66"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 220, 1
e0730e1a72cea41161f52eb5184b0420.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0730e1a72cea41161f52eb5184b0420.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f17ac025db29c0b8c3106da2f84f60e428aee923e9b2d610d602246f13d0b9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Oct 2023 14:00:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0730e1a72cea41161f52eb5184b0420.jpg
age
2676618
edge-cache-tag
331698633940257662538203428489257450726,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
331698633940257662538203428489257450726,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
524
req-referer
https://noticiasdodia.online/
content-length
25356
x-request-id
ed6f718bf80ba9590357a1dc237c21fd
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200145-IAD, cache-iad-kiad7000105-IAD, cache-iad-kiad7000073-IAD, cache-fra-eddf8230056-FRA
last-modified
Thu, 24 Aug 2023 07:21:49 GMT
server
nginx
x-timer
S1696600858.850617,VS0,VE1
etag
"872f43b171c57c207142c559b670bb64"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 14, 1
46c4bfc88edd35b898ac6b5b5d7fdf61.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2944cb90199155797753e32e674ec4180513251c71b5d74a9f3baa9d62194aad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Oct 2023 14:00:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
age
732783
edge-cache-tag
449086405388078158053108571683208432630,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
449086405388078158053108571683208432630,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
331
req-referer
https://www.elmundo.es/
content-length
13880
x-request-id
3564a6b4d40fb098c56e6534b8ce7917
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200154-IAD, cache-iad-kcgs7200154-IAD, cache-lax10623-LGB, cache-iad-kiad7000125-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 27 Sep 2023 09:15:30 GMT
server
nginx
surrogate-reporting
width=635,height=317,bytes=14100,owidth=635,oheight=430,obytes=258520
x-timer
S1696600858.876234,VS0,VE1
etag
"2500b727175cbe5cc65e71bf6fff690d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 4, 1
cb2f2b8791823561e4043db1d806293a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2f2b8791823561e4043db1d806293a.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fd89413af5fff2bb182707a17c39d6ffaec67b567f0b4af756a1d432f83faa6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Oct 2023 14:00:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2f2b8791823561e4043db1d806293a.jpg
age
1226930
edge-cache-tag
488490386920394958419180526252434716045,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
488490386920394958419180526252434716045,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
102
expiration
expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
23322
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100152-IAD, cache-iad-kjyo7100082-IAD, cache-iad-kcgs7200068-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 30 Aug 2023 20:09:53 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=1600,oheight=900,obytes=251539
x-timer
S1696600858.904572,VS0,VE1
etag
"8cc4a1d347765eddd37ad47312a7bf23"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 17, 1
59424d11b67a146f36ab9dc351cbb9a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59424d11b67a146f36ab9dc351cbb9a9.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2354f741a326d70b34d378a8a5e0fef00124d74ac84034264ef39eb8b25a6899

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Oct 2023 14:00:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59424d11b67a146f36ab9dc351cbb9a9.jpg
age
857599
edge-cache-tag
319346970086859471899891715690691255847,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
319346970086859471899891715690691255847,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
109
expiration
expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
25384
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200109-IAD, cache-iad-kcgs7200109-IAD, cache-sna10727-LGB, cache-iad-kiad7000144-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 30 Aug 2023 15:57:53 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=1000,oheight=667,obytes=577708
x-timer
S1696600858.949628,VS0,VE1
etag
"832c608b7c272bb0fb590a0495622395"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1188, 1
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 06 Oct 2023 14:00:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
2105796
edge-cache-tag
461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
261
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://joydelivery.com/
content-length
89246
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100068-IAD, cache-iad-kjyo7100170-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 16 Aug 2023 19:59:42 GMT
server
nginx
surrogate-reporting
width=1344,height=746,owidth=1344,oheight=896,obytes=2183212
x-timer
S1696600858.975831,VS0,VE2
etag
"ecebe3f0b20bc86f86907281770c8cb6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 36, 1
46c4bfc88edd35b898ac6b5b5d7fdf61.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6090302c974abaf082b19cafc3af71e27c761ec5b07c98f4f19ba4b59af9d0f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
age
794727
edge-cache-tag
449086405388078158053108571683208432630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
449086405388078158053108571683208432630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
243
req-referer
https://frequence-turf.fr/
content-length
15790
x-request-id
ecb9eae3cd2ba4fc98ed930a32b6eabc
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000065-IAD, cache-iad-kjyo7100101-IAD, cache-iad-kiad7000044-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 27 Sep 2023 09:15:31 GMT
server
nginx
surrogate-reporting
width=635,height=352,bytes=15435,owidth=635,oheight=430,obytes=258520
x-timer
S1696600858.010332,VS0,VE1
etag
"9eef29181348c91fd85eeaf4c8fef123"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
68ed89b2f48f183ee7d774531a337a14.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68ed89b2f48f183ee7d774531a337a14.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf60c06060903c9d2dacfd0383985421f99a470a0e4703c87feb4833d8fd3e27

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68ed89b2f48f183ee7d774531a337a14.jpg
age
3712461
edge-cache-tag
365167194386843551026551192643542346029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
365167194386843551026551192643542346029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
305
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
12838
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000120-IAD, cache-iad-kiad7000120-IAD, cache-sna10729-LGB, cache-iad-kcgs7200026-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 16 Aug 2023 08:00:11 GMT
server
nginx
x-timer
S1696600858.383358,VS0,VE1
etag
"6f48e343060aad5b328465f280d3ae9c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 9, 1, 125, 1
e0730e1a72cea41161f52eb5184b0420.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0730e1a72cea41161f52eb5184b0420.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29dc6f6bfbb1c653c4d903d3a78b0fd4b5652e91fac04e6cde2f4d5f822d57f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0730e1a72cea41161f52eb5184b0420.jpg
age
3812120
edge-cache-tag
331698633940257662538203428489257450726,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
331698633940257662538203428489257450726,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
229
expiration
expiry-date="Tue, 19 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://joydelivery.com/
content-length
82760
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000138-IAD, cache-iad-kiad7000095-IAD, cache-sna10744-LGB, cache-iad-kjyo7100092-IAD, cache-fra-eddf8230056-FRA
last-modified
Sat, 19 Aug 2023 06:59:26 GMT
server
nginx
x-timer
S1696600858.383331,VS0,VE2
etag
"bef653333853796c5de81a959a1ad31d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 10, 1, 2, 1
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.4.1/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06dbd194f8dd1ea2dada8e73f5c7ad05157e3821ca00ce6a4cd65845014763c3

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
VIE50-C2
age
110158
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34291
x-served-by
cache-fra-eddf8230069-FRA
last-modified
Thu, 05 Oct 2023 07:24:55 GMT
server
AmazonS3
x-timer
S1696600859.566652,VS0,VE0
etag
"06281ced7888ead68c46169c4976ecd6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
oIkfuCKz0TMqMP1B9szi-8pAw8wAHO5AB7CiWIPmtDEJSU6eRYFhrg==
x-cache-hits
20550
next-up-widget.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca4ac0e6739de3f74265d0d315e01c79304d7c806d3b4e60b348e8d0d6b0f255

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ba0r1Ta6wpqXP4e8O6DpcqLr0dRlf.Tk
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:57 GMT
x-amz-request-id
BSERZXA4NMVJHJMD
age
84343
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
c8FzmbXwTsSnozfiNshjilEXZVCHW+vuVx/w4y3UwgKZxWwvK+dTuhV+U4idy3zzCdibEYk3acc=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 14:35:14 GMT
server
AmazonS3
x-timer
S1696600858.828202,VS0,VE0
etag
"a3cf22a21dd2d4b686ce14a9e2834a9a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
80
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15811
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8C) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
age
1887474
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (frc/4C8C)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Oct 2024 14:00:57 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD4) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
age
2774676
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (frc/4CD4)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Oct 2024 14:00:57 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 06 Oct 2023 14:00:57 GMT
content-encoding
br
age
1887473
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (frc/4D07)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Oct 2024 14:00:57 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTY2MDA4NTc4ODMsInBhY2tldElkIjoiMDAwMEE3MDEtOTA1NzhmOWQtODYxOC00YzkyLWFjODAtYWJjMGZmYmY5NjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Rhby1qaS14aW4tdGEtdGFpLWJhby13ZWktZ3VvLXhpYW8tZmFuZy1hbi1qaWFuLXRpLXphby10b3UtcGFvLW1pbi1oYW5nLWp1LXhpLXRvbmctY2Utc2hpLXpob25nLXdlaS16aGVuZy1zaGktcWkteW9uZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=4517.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1696600857983
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 05 Oct 2024 14:00:58 GMT
date
Fri, 06 Oct 2023 14:00:58 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (frc/4CC2)
age
4331134
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A00%3A58.020&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2434&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
50808
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=10882&lti=deflated&ri=8903bb25b8156bafa089357ae5ee5949&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&pi=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&wi=1212729851991602534&pt=text&vi=1696600857213&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.5%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A00%3A58.036&id=2436&llvl=2&cv=20231005-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 13:19:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Oct 2023 14:00:58 GMT
spa-detector.20231005-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231005-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07484cc5c4459104a809bfb7d227ac3beaaf0424da333e640669339201943e66

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lQH2_VFKv6gmc4GuKBb9CZFD.KKQHW7I
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:00:58 GMT
x-amz-request-id
TRP7HVREC19SVYBD
age
84324
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
m96c2tOlFN9fmVISRZFmhcRnXfayd9W3CqHGzNBY0ZwOV3fsN8C32UuTxWxcQMjEMt+wiTsJYZg=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Thu, 05 Oct 2023 14:35:34 GMT
server
AmazonS3
x-timer
S1696600858.383282,VS0,VE0
etag
"2d2ae3a73b62b76cf931a21826ba643a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
66
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
78218
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=10882&lti=deflated&ri=8903bb25b8156bafa089357ae5ee5949&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&pi=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&wi=1212729851991602534&pt=text&vi=1696600857213&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A00%3A58.043&id=1339&llvl=2&cv=20231005-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12611&tvi50=10882&lti=deflated&ri=8903bb25b8156bafa089357ae5ee5949&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&pi=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&wi=1212729851991602534&pt=text&vi=1696600857213&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1696600858044%7D&tim=16%3A00%3A58.044&id=9528&llvl=2&cv=20231005-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=10882&lti=deflated&ri=8903bb25b8156bafa089357ae5ee5949&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&pi=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&wi=1212729851991602534&pt=text&vi=1696600857213&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A00%3A58.046&id=1093&llvl=2&cv=20231005-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12611&tvi50=10882&lti=deflated&ri=8903bb25b8156bafa089357ae5ee5949&sd=v2_99006546f0528c67db2fe9b483766b1d_0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899_1696600857_1696600857_CNawjgYQ2YJdGP20qqqwMSABKAEwKziy0A1Ay4gQSISc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&pi=/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&wi=1212729851991602534&pt=text&vi=1696600857213&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1696600858048%7D&tim=16%3A00%3A58.048&id=9064&llvl=2&cv=20231005-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTY2MDA4NTgwNjIsInBhY2tldElkIjoiMDAwMEE3MDEtOTA1NzhmOWQtODYxOC00YzkyLWFjODAtYWJjMGZmYmY5NjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Rhby1qaS14aW4tdGEtdGFpLWJhby13ZWktZ3VvLXhpYW8tZmFuZy1hbi1qaWFuLXRpLXphby10b3UtcGFvLW1pbi1oYW5nLWp1LXhpLXRvbmctY2Utc2hpLXpob25nLXdlaS16aGVuZy1zaGktcWkteW9uZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=4696.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTY2MDA4NTgwNjgsInBhY2tldElkIjoiMDAwMEE3MDEtOTA1NzhmOWQtODYxOC00YzkyLWFjODAtYWJjMGZmYmY5NjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Rhby1qaS14aW4tdGEtdGFpLWJhby13ZWktZ3VvLXhpYW8tZmFuZy1hbi1qaWFuLXRpLXphby10b3UtcGFvLW1pbi1oYW5nLWp1LXhpLXRvbmctY2Utc2hpLXpob25nLXdlaS16aGVuZy1zaGktcWkteW9uZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4702.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTY2MDA4NTgwNzIsInBhY2tldElkIjoiMDAwMEE3MDEtOTA1NzhmOWQtODYxOC00YzkyLWFjODAtYWJjMGZmYmY5NjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Rhby1qaS14aW4tdGEtdGFpLWJhby13ZWktZ3VvLXhpYW8tZmFuZy1hbi1qaWFuLXRpLXphby10b3UtcGFvLW1pbi1oYW5nLWp1LXhpLXRvbmctY2Utc2hpLXpob25nLXdlaS16aGVuZy1zaGktcWkteW9uZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4706.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		183 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=537479108776316&correlator=1800934838255574&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696600858094&lmt=1696593658&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1082112845.1696600858&ga_sid=1696600858&ga_hid=1100245420&ga_fc=true&dlt=1696600856886&idt=1073&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_7_0_pv%26cluster_reporting%3Dchrome_DESKTOP_7_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26adro%3Dv6_c%26faid%3Dfalse&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
cea1dc5f16dedd188ea378fdd5cece5e469c9bb5dd04c1dd7f02c6d494765532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52416
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC20 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:00:58 GMT
expires
Sat, 05 Oct 2024 14:00:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
193851be4b21cb5abd35752d000f4e44ed8c09e2ea3880458e69c780d935398e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:43:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
8252
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13142
x-xss-protection
0
server
cafe
etag
17226072091034798249
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Oct 2024 11:43:26 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTY2MDA4NTgwNjIsInBhY2tldElkIjoiMDAwMEE3MDEtOTA1NzhmOWQtODYxOC00YzkyLWFjODAtYWJjMGZmYmY5NjEwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Rhby1qaS14aW4tdGEtdGFpLWJhby13ZWktZ3VvLXhpYW8tZmFuZy1hbi1qaWFuLXRpLXphby10b3UtcGFvLW1pbi1oYW5nLWp1LXhpLXRvbmctY2Utc2hpLXpob25nLXdlaS16aGVuZy1zaGktcWkteW9uZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4756.700000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 13 Oct 2023 14:00:58 GMT
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
1450402
edge-cache-tag
461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
209
expiration
expiry-date="Sun, 24 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://footballitarin.com/video_page.php?id=127686
content-length
7746
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000088-IAD, cache-iad-kiad7000084-IAD, cache-iad-kcgs7200049-IAD, cache-fra-eddf8230056-FRA
last-modified
Thu, 24 Aug 2023 01:18:11 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=1344,oheight=896,obytes=2183212
x-timer
S1696600858.497218,VS0,VE1
etag
"d0128170b80ae3f72d7f0bc017645d98"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 13, 1
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231006
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c550961c64fcfc26e556c028ef9747b25f32e5eb0fc45a20a2ef0d87ee52e8e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35999
x-jsd-version
1.0.1834
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4554-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-zdz8vCIamZSvo1edzkJrU6FjXkY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X577h%2FnsFxAeHAPJDDgQ10Uz14pWQGXzpUJQYiVP6uX6KneX%2FKBBoy0to1%2FocLRkFGQVB4Vy3eTYqnK4XhPCl24xxY%2BIRVdFEB59hGsxWjFWpS879f%2BRpQ%2BWV2GZCXOR2vo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
811e6f06cddc3c75-CDG
adreq
ads.servenobid.com/ 		981 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=168
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 06 Oct 2023 14:00:57 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
server
envoy
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=48440199844&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
75895e2593ec9355793eb5bab3b2d81d5ffcc1852ebfc161c76ed63c49b09ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.251.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-251-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
37
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
811e6f063bc60e73-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
811e6f063bc80e73-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid-request
a.teads.tv/hb/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		255 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e7a8c5b89164a108da44f51f27d4fdabf677c00aeea719f396900b16b15950bb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
an-x-request-uuid
a56eab44-8068-463a-9c5f-4547cf505829
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
255
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
95b69205ecd37bfee85b36b56f4af39d6831b2d31be7270e17dd63a2d795dd3c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 14:00:58 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
acd59d2794884b1800060b8fbdf753e5b40203ead7cba8964ecc6f42effa60ba

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=f17b0198-a1f7-41aa-b80f-6d79aa2e297f%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%A1%83%E6%A9%9F%E6%96%B0%E5%A1%94%E8%87%BA%E7%88%86%E3%80%8C%E6%9C%AA%E9%81%8E%E6%B6%88%E9%98%B2%E5%AE%89%E6%AA%A2%E3%80%8D%E6%8F%90%E6%97%A9%E5%81%B7%E8%B7%91%EF%BC%81%E6%B0%91%E8%88%AA%E5%B1%80%EF%BC%9A%E7%B3%BB%E7%B5%B1%E6%B8%AC%E8%A9%A6%E4%B8%AD%E6%9C%AA%E6%AD%A3%E5%BC%8F%E5%95%93%E7%94%A8&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=52566aa1-a320-4342-9dbd-7d48ffab0ec7%3B7f243241-07cb-4551-9384-97db2c91d57a&l_pb_bid_id=417c3c81a72f982%3B42d2efd4999d08a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=52566aa1-a320-4342-9dbd-7d48ffab0ec7%3B7f243241-07cb-4551-9384-97db2c91d57a&rp_maxbids=1&slots=2&rand=0.6926718720915079
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ff4b20ee645caebd0d768c181d959616a76d475d446439f3d7164da14a36c19f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.181.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-181-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		33 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.241.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-241-158.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a05309f62b59c824b832a89a8f42ffec837961f77eb20e81344b2ac3668ba44e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 06 Oct 2023 14:00:58 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
16328
pbjs
htlb.casalemedia.com/openrtb/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d72006f7bea225e08ce410eacd1f9694890eaae23076e5a6577309e0fa3c02a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeMK6Zddcs5B9Vs5j2RtEiPnRUNJa8qtx6Ak3X6raJkNx7f6ph9agNw5%2FvDGBQNnuRgPsw6NVzolTtZxncgdMAE3HWxsQSAk1HkNw9X9krvo%2BaPQK0pCLW0TfHOaj7AEo6%2F73y6d"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
811e6f065c5ef8c9-CDG
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f97ac06bd8b7faef4fbe9e0ca1452fbca79ca50da84c3cf6b51daf6385a5ca0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdyKGCGLCqI4BHYrRrcBpH8jNbE%2BP9KTCzHiLll6byz8tBI7kfYwB%2F5FoA%2BFNZAE6wx47MtrcQ3jxMm7fWyimNJ2xUPSnGNT%2BZUx9cXj15fuFkslOsH9%2BlnY66EsV6QCcJq1Wcjz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
811e6f065c60f8c9-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f97ac06bd8b7faef4fbe9e0ca1452fbca79ca50da84c3cf6b51daf6385a5ca0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:00:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KteCPU0AgwmWueG9CLDHQkJyoZeD%2Fo6xiqHUwqvnHxs3ohMvI70kUjNj7LVwTs1A8pMor3Jv0PjyUvBrLm8etTcO0jGN%2BUL43oVu15nBKyu0X2t%2FwS030SbNvMUVMxfWrlpGwgc7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
811e6f065c5ff8c9-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b044754da3561e96b9a2ab55c3cad5db568bad1377ca0dcee183fd8258d4cc42

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
46c4bfc88edd35b898ac6b5b5d7fdf61.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
782c942b06bffc2d4601b284b77627d35394c044b55aab733bf714bb27303cee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
age
724398
edge-cache-tag
449086405388078158053108571683208432630,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
449086405388078158053108571683208432630,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
423
req-referer
https://de.ccm.net/download/downloaden-4422-tftpd64?n=1
content-length
3694
x-request-id
f6abc60acc19c6b89e20f98d72ea2a95
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000118-IAD, cache-iad-kiad7000032-IAD, cache-iad-kjyo7100081-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 27 Sep 2023 09:15:30 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=4966,owidth=635,oheight=430,obytes=258520
x-timer
S1696600859.512241,VS0,VE1
etag
"e240b75b7042eb74f1696e88a19c6b84"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 9, 1
68ed89b2f48f183ee7d774531a337a14.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68ed89b2f48f183ee7d774531a337a14.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e9bb5290a970d50005fc48f1324eccd13600b4e93cf08d435051e4e296e64cf0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68ed89b2f48f183ee7d774531a337a14.jpg
age
4783312
edge-cache-tag
365167194386843551026551192643542346029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
365167194386843551026551192643542346029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
94
req-referer
https://freehotnet.site/2020/02/18/what-is-micro-niche-how-to-create-a-micro-niche-blog-in-2020/
content-length
2926
x-request-id
5587b918f4050578ed8df0b120759de0
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200070-IAD, cache-iad-kjyo7100092-IAD, cache-sna10741-LGB, cache-iad-kcgs7200130-IAD, cache-fra-eddf8230056-FRA
last-modified
Wed, 09 Aug 2023 21:35:35 GMT
server
nginx
x-timer
S1696600859.576200,VS0,VE6
etag
"60ab4728c39000405d0d7a91cd2001b3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 0, 1863, 1
playerConfig
socket.unibots.in/website/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.104.206.52 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-104-206-52.ip.linodeusercontent.com
Software
/ Express
Resource Hash
16c1a8284ac22bac6889f84dcbc193f8ffd78f080d9e4378406b3a67b6b555b3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 06 Oct 2023 14:00:58 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
3609
etag
W/"e19-vwRj2d0Nu4XpH6939n9fbHUAS6s"
content-type
application/json; charset=utf-8
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5538
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7Rk6uFhgA6Y3CaZXI0EgrPbzoap4Cgdn9csYFuen5o3tCG9oj1dyBAN2%2FnzGe71mW8k8u7ctKiathX2TZBdHgsVMA9%2Bf6KuNSow3nu7Dt1FBQDNPuLWRbDyX%2FldW5kDxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
811e6f05ce790e2b-MXP
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
f64ccfc496220652ae255da6af6ccdf88c2c7b36f8b5516b45f0185baef42ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:00:58 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9414997441529775&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:00:58 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=12611&tvi50=10882&route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
80
date
Fri, 06 Oct 2023 14:00:58 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64092
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230056-FRA
pragma
no-cache
server
nginx
x-timer
S1696600859.829447,VS0,VE80
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
container.html
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC44 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:00:58 GMT
expires
Sat, 05 Oct 2024 14:00:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
st
imprammp.taboola.com/ Frame 0C92 		422 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&cmcv=&pix=undefined&cb=1696600858918&uv=3345&tms=1696600858918&abt=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2e500ecf-1765-455f-a3f2-ce7506d9e011&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e7e6da2db355f479ede2876da910d74b6c30ea49dc0237eea075526e574b0a2a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 06 Oct 2023 14:00:58 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230056-FRA
x-timer
S1696600859.943421,VS0,VE10
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&cmcv=&pix=31589837&cb=1696600858917&uv=3345&tms=1696600858917&abt=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1696600853366.6!ts:1696600858917&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:59 GMT
content-length
0
server
nginx
sync
am-match.taboola.com/ Frame BAFE 		439 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
dd7f1e4b0fca1a03ff565597b64bab622fd1db5135dc45a951dce1018b2620d7

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 06 Oct 2023 14:00:59 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1696600858927&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1558&pt=-242769158&tz=120&viewable=true&ddast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 06 Oct 2023 14:00:59 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1411
x-cache
MISS
x-served-by
cache-fra-eddf8230056-FRA
pragma
no-cache
server
nginx
x-timer
S1696600859.962855,VS0,VE360
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
socket.io.min.js
cdn.socket.io/4.5.4/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-80.fra50.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 13:22:18 GMT
content-encoding
gzip
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA50-C1
age
4193066
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
fra1::hff6x-1696252938493-701d121ca797
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
daKHVwkVUnWiOHEQbqEcZ39bCUo1nWEiZyheBnv_40EHQOMY7DVYUA==
prebid.js
cdn.unibotscdn.com/player/prebid/ 		465 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
3518aec29d9d15101a5c9a36164c0d18bf4cc9a38f870a5174ad9e3292201867

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-588
cdn-cachedat
09/22/2023 04:09:06
cdn-pullzone
873945
last-modified
Wed, 02 Aug 2023 08:32:45 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64ca14ad-7435c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
fbe5884fd78368958eff0aef788c7987
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ Frame BC44 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 13:51:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Oct 2023 14:00:58 GMT
css
fonts.googleapis.com/ Frame D4A2 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Oct 2023 14:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 13:51:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Oct 2023 14:00:58 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D4A2 		2 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
1365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:38:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame D4A2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
1452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:36:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7DC0 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 13:23:55 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D4A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1866
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:29:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D4A2 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
1639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D4A2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:01 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame D4A2 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 15:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 15:26:24 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame BC44 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:52:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
11420928434021954480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:52:29 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC44 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:08:26 GMT
x-content-type-options
nosniff
age
132755
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 04 Oct 2024 01:08:26 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC44 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 11:42:48 GMT
x-content-type-options
nosniff
age
181093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 03 Oct 2024 11:42:48 GMT
generic
match.adsrvr.org/track/cmf/ Frame 0C92 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&cmcv=&pix=undefined&cb=1696600858918&uv=3345&tms=1696600858918&abt=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2e500ecf-1765-455f-a3f2-ce7506d9e011&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 0C92 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&cmcv=&pix=undefined&cb=1696600858918&uv=3345&tms=1696600858918&abt=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2e500ecf-1765-455f-a3f2-ce7506d9e011&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.234.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-234-224.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 0C92 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&cmcv=&pix=undefined&cb=1696600858918&uv=3345&tms=1696600858918&abt=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2e500ecf-1765-455f-a3f2-ce7506d9e011&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.51.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-51-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:46:56 GMT
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
846
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
y_mGz92vjsaBWS1aSJq_HRwJx_aL0Jj_ypeklmT6leloISlL-sX_Uw==
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 06 Oct 2023 14:00:59 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
27197
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1696600859.080547,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
11
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
20602
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 345B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
dc8fd0b6545074728bdbbdab57992681a9f5569a07fe21d0ee3ebfce59a53601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7901
x-xss-protection
0
server
cafe
etag
3040809214605069177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:02 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 147C 		714 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3048
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
811e6f098bdd0e2b-MXP
content-encoding
br
content-type
text/html
date
Fri, 06 Oct 2023 14:00:59 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwvnbL0WxHD7A%2Fr5UOPs0JB%2B1HtxXCH0SoWJTvQdSuY2cILHpp6mVVLTLBBDnzsAgzuEOpNSerIQCLdzUDkWD1ZKQjF%2BNRY7nokq34TLFLQxEiTjNy58W3%2BtukiqiuDzrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B2FA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Oct 2023 14:01:02 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 06 Oct 2023 14:00:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/88e990de-1373-33a7-984b-18818bea2e0d?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-NXgF_9VE2oUaMK5p8qdmoKr3MUTtmOmjsb8SU3Y-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-NXgF_9VE2oUaMK5p8qdmoKr3MUTtmOmjsb8SU3Y-~A&redirect=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:03 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Fri, 06 Oct 2023 14:01:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-NXgF_9VE2oUaMK5p8qdmoKr3MUTtmOmjsb8SU3Y-~A&redirect=
content-length
0
L2EvdGFvLWppLXhpbi10YS10YWktYmFvLXdlaS1ndW8teGlhby1mYW5nLWFuLWppYW4tdGktemFvLXRvdS1wYW8tbWluLWhhbmctanUteGktdG9uZy1jZS1zaGktemhvbmctd2VpLXpoZW5nLXNoaS1xaS15b25nLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvdGFvLWppLXhpbi10YS10YWktYmFvLXdlaS1ndW8teGlhby1mYW5nLWFuLWppYW4tdGktemFvLXRvdS1wYW8tbWluLWhhbmctanUteGktdG9uZy1jZS1zaGktemhvbmctd2VpLXpoZW5nLXNoaS1xaS15b25nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 05 Oct 2024 14:00:59 GMT
date
Fri, 06 Oct 2023 14:00:49 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
generic
match.adsrvr.org/track/cmf/ Frame BAFE 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899
pr-bh.ybp.yahoo.com/sync/taboola/ Frame BAFE 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.234.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-234-224.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame BAFE 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 147C 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
bb6def9dd44c74e41ef002023e3ce149585927fb9b6db7316c4aa05cbf856466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29550
x-xss-protection
0
server
cafe
etag
410 / 19636 / 31078497 / config-hash: 12631718780053314049
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:00:59 GMT
/
pro.ip-api.com/json/ 		117 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
6cd9b5fa32ce00b95eeb055134d3ee1866ee5dafbeff80b19558280d3c702e69

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Oct 2023 14:01:02 GMT
Content-Length
117
Content-Type
application/json; charset=utf-8
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ Frame 147C 		419 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078497
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 10:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
12255
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134829
x-xss-protection
0
server
cafe
etag
3697166202567710199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Oct 2024 10:36:44 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_4_5/infra/ 		882 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c930218a7329f9a602afceefc667804448908afb5048d9db9bbb31ea85486562

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696324689
date
Fri, 06 Oct 2023 14:00:59 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
Z3HN305F4BYJJD72
age
276054
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696324690
x-amz-meta-mode
33188
content-length
147342
x-amz-id-2
0458jpKlcHtyqmxP5zkJMjfcV3ZVfGwp4x9iL6YNqXh4iLFA2v1piYXjQhXHkAVtDJq36H9KyRE=
x-served-by
cache-fra-eddf8230069-FRA
last-modified
Tue, 03 Oct 2023 09:18:11 GMT
server
AmazonS3-br
x-timer
S1696600859.398319,VS0,VE0
etag
"506fa4da9ad74d978d49cd3219439d0e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
57776
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_5/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_5/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696324708
date
Fri, 06 Oct 2023 14:00:59 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
AAB07MP3Z0BRKB90
age
276058
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696324709
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
5zlPQrxkHXYPWMBB+EHlzkEfvuhsb1WuCuNJYZ/zDtQvkzfgK1ihN8wqrUFlyz8QYKidyM+16Xk=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Tue, 03 Oct 2023 09:18:30 GMT
server
AmazonS3-br
x-timer
S1696600859.398587,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
258409
ads
securepubads.g.doubleclick.net/gampad/ Frame 147C 		492 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076299621344905&correlator=2982503171018092&eid=31078497%2C31077692%2C31078602&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1696600859464&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=5dfvo3y5jrcn&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=478294346.1696600859&ga_sid=1696600859&ga_hid=282152186&ga_fc=false&dlt=1696600859170&idt=276&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
c352ba04042adcb3e96ac28a557b0dd1d24d1747994447fe4ced46bef39ad006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:00:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f35c994a8e911d8cd26d8d961078aa39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA0A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f35c994a8e911d8cd26d8d961078aa39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:01 GMT
expires
Sat, 05 Oct 2024 14:01:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:01:01 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
763
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1696600861.471764,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
45
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4834
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Oct 2023 14:01:01 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
16750
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1696600861.471786,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
66
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
27579
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS90YW8tamkteGluLXRhLXRhaS1iYW8td2VpLWd1by14aWFvLWZhbmctYW4tamlhbi10aS16YW8tdG91LXBhby1taW4taGFuZy1qdS14aS10b25nLWNlLXNoaS16aG9uZy13ZWktemhlbmctc2hpLXFpLXlvbmcuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTkwNTc4ZjlkLTg2MTgtNGM5Mi1hYzgwLWFiYzBmZmJmOTYxMCIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNDA2MjI5Y2EtNzMwMC00ZWYzLWI1MTgtZGIxMDc5YTZkMmZlIiwidGltZU9mQXVjdGlvbiI6MTY5NjYwMDg1ODIwMiwiYmlkcyI6W3siY3BtIjowLjAzLCJhZElkIjoiNzZkODI5N2E4YThiODljIiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjU3MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY2MDA4NTg4MDh9LHsiY3BtIjowLjAxNywiYWRJZCI6Ijc3NmIwMDM4NzllODE1ZSIsIm9yaWdpbmFsQ3BtIjowLjAxNywiYmlkZGVyIjoib3BlbngiLCJyZXZlbnVlIjowLjAwMDAxNywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTY2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjYwMDg1ODgxMX0seyJjcG0iOjAuMDEsImFkSWQiOiI4MDQ5OTk3MjgxOGUwZTUiLCJvcmlnaW5hbENwbSI6MC4wMSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY3NCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY2MDA4NTg5MDJ9LHsiY3BtIjowLjA4NDY4NTUwMDAwMDAwMDAxLCJhZElkIjoiODEyNmIzZWU0YTYxM2E4Iiwib3JpZ2luYWxDcG0iOjAuMDk5NjMwMDAwMDAwMDAwMDEsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDA4NDY4NTUwMDAwMDAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2NjgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2NjAwODU4OTA0fV0sInRpbWVkT3V0QmlkZGVycyI6WyJ0ZWFkcyIsInRlYWRzIiwidGVhZHMiLCJ0ZWFkcyIsInRlYWRzIiwidGVhZHMiLCJ0ZWFkcyJdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhZGxpdmV0ZWNoIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI4MTI2YjNlZTRhNjEzYTgiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDg0Njg1NTAwMDAwMDAwMDF9LHsic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNDA2MjI5Y2EtNzMwMC00ZWYzLWI1MTgtZGIxMDc5YTZkMmZlIiwidGltZU9mQXVjdGlvbiI6MTY5NjYwMDg1ODIwMiwiYmlkcyI6W3siY3BtIjowLjAzLCJhZElkIjoiNzU4ZmRkNjNjZjU1ODY2Iiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjU2NywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY2MDA4NTg4MDV9LHsiY3BtIjowLjAxMDgwMDAwMDI4MDE0MTgzLCJhZElkIjoiNzg0MzQ0NzE0Y2M4MzdhIiwib3JpZ2luYWxDcG0iOjAuMDEwODAwMDAwMjgwMTQxODMsImJpZGRlciI6ImNyaXRlbyIsInJldmVudWUiOjAuMDAwMDEwODAwMDAwMjgwMTQxODMsImZvcm1hdFR5cGUiOiJ2aWRlbyIsInJlc3BvbnNlVGltZSI6NjgwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjYwMDg1ODg5Nn0seyJjcG0iOjAuMDIsImFkSWQiOiI3OTRhMWEwMDViYTdlYzgiLCJvcmlnaW5hbENwbSI6MC4wMiwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY3MywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY2MDA4NTg5MDF9LHsiY3BtIjowLjA0OTI2NiwiYWRJZCI6IjgyZjZhZTU5MzMwOWU0YyIsIm9yaWdpbmFsQ3BtIjowLjA1Nzk2LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwNDkyNjYsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY2OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTY2MDA4NTg5MDV9XSwidGltZWRPdXRCaWRkZXJzIjpbInRlYWRzIiwidGVhZHMiLCJ0ZWFkcyIsInRlYWRzIl0sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFkbGl2ZXRlY2giLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6IjgyZjZhZTU5MzMwOWU0YyIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwNDkyNjZ9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=7349.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:01 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=537479108776316&correlator=1721680277143942&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&arp=1&abxe=1&dt=1696600860726&lmt=1696593660&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=1082112845.1696600858&ga_sid=1696600858&ga_hid=1100245420&ga_fc=true&dlt=1696600856886&idt=1073&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_7_0%26cluster_reporting%3Dchrome_DESKTOP_7_1_active_0%26refresh27Split%3Drefresh_control_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.08%26hb_ap_adid%3D8126b3ee4a613a8%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_7_0%26cluster_reporting%3Dchrome_DESKTOP_7_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.04%26hb_ap_adid%3D82f6ae593309e4c%26hb_ap_bidder%3Dadlivetech%26hb_cache_host_criteo%3Dprebid.adnxs.com%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26adro%3Dv6_c%26faid%3Dfalse&adks=1420297610%2C2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ce0249dfac0bd00a7ee8b19df4ce1855cdb40a3c302b547f3d52506918568a8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20812
x-xss-protection
0
google-lineitem-id
5221339618,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138441555754,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 07 Oct 2023 14:01:02 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1755468
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1696600862.238294,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
121464
sync
am-match.taboola.com/ Frame 473D 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
dd7f1e4b0fca1a03ff565597b64bab622fd1db5135dc45a951dce1018b2620d7

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 06 Oct 2023 14:01:02 GMT
machineid
3407
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Fri, 06 Oct 2023 14:01:02 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
1418795
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1696600862.238301,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
454827
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/ 		465 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696237416
date
Fri, 06 Oct 2023 14:01:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2EK0MFKQJ582WGF5
age
363377
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696237429
x-amz-meta-mode
33188
content-length
89004
x-amz-id-2
uWnSXRPNxYC47yYqArglm/Yl1WFzirwr1h4h6dCkk/tO4FFf9RUbOHfsYVNsTCpw+wNcNXoFYxA=
x-served-by
cache-fra-eddf8230069-FRA
last-modified
Mon, 02 Oct 2023 09:03:50 GMT
server
AmazonS3-br
x-timer
S1696600862.203506,VS0,VE0
etag
"585652628115b4409d6c93eb98f8e63c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
357357
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&cmcv=&pix=31579697&cb=1696600861643&uv=3345&tms=1696600861643&su=3&abt=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-length
0
server
nginx
js
www.googletagmanager.com/gtag/ 		269 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6fc93bdd7464b39572e18da5366a14c3e9697ea06f0f19e8b71d7e4b5748b9bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91635
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 14:01:02 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-141.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
sodar
pagead2.googlesyndication.com/getconfig/ Frame 147C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
accb009d6e09e82e0671e08a604ac345b866976d92303e011cfbd55d090db9b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12078
x-xss-protection
0
/
pips.taboola.com/ 		4 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230069-FRA
date
Fri, 06 Oct 2023 14:01:02 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame B2FA 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 22:01:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28751
Connection
keep-alive
Content-Length
10539
Expires
Fri, 06 Oct 2023 22:00:13 GMT
generic
match.adsrvr.org/track/cmf/ Frame 473D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 473D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.234.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-234-224.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 473D 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bg3.co_1695642730139.js
cdn.unibotscdn.com/clientdata/js/ 		667 B
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-662
cdn-cachedat
09/26/2023 10:16:02
cdn-pullzone
873945
last-modified
Tue, 26 Sep 2023 10:14:53 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6512af1d-29b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
c5a36813020089ea29740f85c9cbacc3
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
/
pro.ip-api.com/json/ 		117 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
6cd9b5fa32ce00b95eeb055134d3ee1866ee5dafbeff80b19558280d3c702e69

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Oct 2023 14:01:02 GMT
Content-Length
117
Content-Type
application/json; charset=utf-8
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-680
cdn-cachedat
09/28/2023 14:29:50
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
19d59dccd80de8809e2c775da353af9b
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-165
cdn-cachedat
09/22/2023 13:07:19
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
cbdbc54bfafe5ebb5451bd70ff5ce1fb
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-662
cdn-cachedat
09/28/2023 12:52:20
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
eb921f8d9d7ee5e61ee2bcb617526bf1
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
cdn-edgestorageid
1078
cdn-storageserver
DE-680
cdn-cachedat
09/28/2023 12:54:34
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 05:21:29 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e83a59-1333"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
0505e384354d461ca303641436c37cb4
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		359 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
81d346cd690e79e7a6c9c5150088ba24600d44f1cf682e4d0974c6c45b3c97d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125855
x-xss-protection
0
expires
Fri, 06 Oct 2023 14:01:02 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7DC0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:02 GMT
expires
Fri, 06 Oct 2023 14:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 345B 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
f95c14cfa2139ba13b3608f9f7640f49e540e15760c50e252c44bbb8f33b2803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50771
x-xss-protection
0
server
cafe
etag
3301446072800474263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:02 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1696600862509&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1558&pt=1754198848&tz=120&viewable=true&ddast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1401
x-cache
MISS
x-served-by
cache-fra-eddf8230056-FRA
pragma
no-cache
server
nginx
x-timer
S1696600863.670329,VS0,VE158
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 06 Oct 2023 14:01:03 GMT
cache-control
no-store
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 94C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6lZL8rcDehT7vxeaIwk5tsIxR86RItGZesLb1UgBoPxs9eHoaDmGOm6vI82n_k_yu6UMskaqIP2o5V_g_4xWsfK-tJ5sGOuiUqYht7DYsq4jOfQyQRdGvGUOlb5S5weerLMVignT8t_PzF50jhexVXk49o2jDi-1NGw9E5V6JRYJszYyFr7uaAPC2ervJzig4yRWAScDKBVm_YFoaHcfmr9020Yp270i8sra-XeSZ1IieJxk0loC1XFAuB4voHgx6h1kAhbVUp_0FRRjaxpMT3nRwVk8vROAKugx_GcVqVbEFb1K_KLmQB3o_MqFXEMk&sai=AMfl-YRBZ8wpnXl4FGUxtnzaDfR5BxGiReFGHZqAMgK3HHuvOdSJOIcSNFooHTtDFVadQCuRTb3XC4XDHVAEF3BgP9tKfU_MIIiX6g9K_LoZooQ9d0dLYhjYhLLcN_jUC_g&sig=Cg0ArKJSzKdZk-0YOc35EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-141.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2F09 		281 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIeUqAIQmbeZmgMY2vWE8AEwAQ&v=APEucNU3_ls1IH-g2XJ9rJaUTHBWCXpDFnv9PeWTLtiq_j-S5-EtrIXSQSiVhtO22AMYWBUqVBDG3PQeJpgjFHU84Q0VaO6GYZXiZJEwmB2doBtSblDIO8s
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 94C2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:02 GMT
sync
x.bidswitch.net/ Frame 94C2
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=b7692853-1c14-4883-b2dc-a1e6d4d6c864&google_hm=Yjc2OTI4NTMtMWMxNC00ODgzLWIyZGMtYTFlNmQ0ZDZ...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPZdMMPZIWj0PEOfLKDLERM&google_cver=1&ssp=themediagrid&bsw_param=b7692853-1c14-4883-b2dc-a1e6d4d6c864
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPZdMMPZIWj0PEOfLKDLERM&google_cver=1&ssp=themediagrid&bsw_param=b7692853-1c14-4883-b2dc-a1e6d4d6c864
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Server
3.65.51.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-51-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPZdMMPZIWj0PEOfLKDLERM&google_cver=1&ssp=themediagrid&bsw_param=b7692853-1c14-4883-b2dc-a1e6d4d6c864
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
365
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCncSoGhMgZd2vKP____wx____APltu42AOv1IivcJ7T46____HEWQQASCD____...
media.grid.bidswitch.net/imp/1So3712LrOr4rejwa_16owxAqjQ-nyqd1pcL2Q0W3lbXsPjCZI0a5087IgVNi3QdUhV2DfGO9Xh_zJX5fqh59BzJAaRKFgPJNIcCKu2mWeX5wnvAzgdee5AExGigK1GWJxr9bGLV3KiaG4o-a87LR1FnZ-4p4cmB4Jkg2LFA... Frame 94C2 		43 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.grid.bidswitch.net/imp/1So3712LrOr4rejwa_16owxAqjQ-nyqd1pcL2Q0W3lbXsPjCZI0a5087IgVNi3QdUhV2DfGO9Xh_zJX5fqh59BzJAaRKFgPJNIcCKu2mWeX5wnvAzgdee5AExGigK1GWJxr9bGLV3KiaG4o-a87LR1FnZ-4p4cmB4Jkg2LFAbn5qcrPzwy-fWe4UcyJkcE4rj5PCKNlGEMB9luv1Wqde9PgXcHkm6kb2KLJTcNJQ8spgbJNS8_a5NsS0Tj-5kNh7h2SVHcF_AExh-NPDh4Psi2K6AvNTbvZ4xOv5iojhyEH-u0tCdxxtIpy16ZJi7iaUnW3DkLJhs6Jh6Ijpcw5DrLve8djju0rMssQ7vwupSBXPqBmoc7zeZeaOrMqY5qtoDvhmf-k993jF-Do9zvK_gl48j_5VQrHXhO-lcCVcG3STJ6fGO38SDCq9JXzeFFo2zZdhpIu12_XhW8kShDhFFmYUwNEK8fPxMWE5Rd6jIHIJr8RxJw_M2xRl3-NSha0AdRVFI10pktEhGVXJo8uURZPZbC2xylUXu6CF-hc-r4vZ_-FfgehEpl1IAk0yv96cyfuD1fSDM7_LBhkoGr2Xe_4kTxVaAmXgFR2DokrmseB6wlkR8z5Zfs6zNYcqPncP_LgHSSAOD7o-BNL-JXqiRFekffG9c3_JtQIQXoA6TPJWAqng_btQDrz0ZmhifhdlxrJqp3G6R45ndOEJzcffJO2-dQ3mWCyhaW9eWWGaB1zA9I09Xl2d7tC461aLv9sS8julc9XyYLxg9NF-Z-gG9fxyKAwj-aOxVMOPZ36AW9cmrcCTqi8oTDRW4apV0xa7ftLSZz_q8LOWrDb0M5RdAAcS-kPDTHD4BG1aCpxrVrKINju3KX2L0uII_9zppiuhfxWcqHo2SL5w3G0tKJH4Au3Kc3RWH90_orulZ9it64Gyade-Z5kS9K2pWH02eLVfBYzNvdUKuYd0Bn2Yxzm-rTYtiVYVM2bvu-qqSKLecCDgaKLVk9cV6U0npam7-eCXSiQG3iOekdmsTC9FUBPUN56yV7r0LkBK2ego64llsnLXd__oAKpmThFVtAfbdua-6JpGuapqxq1YtTksLNLefOi1uCNroAhOuA2xT_xFa4K0NHc9Y3SvYMjU0QavPCGRmM1VFrfKmHzAahn0-zWThE074AVcWe57ViScGXVBU4LaIfAzt87inC6WNhnaVloabxM3sFakLcJeoiCTalK1Z-pI7_vAqY0c7HJJ4B8qKsDtp7ymUUZdvWpGwyU-KRw0RXqPJH5l/billing_LJDZ-BnXH_O0rjZwTnutKN-XS62KyKcBgGnMr9rHfWbuGK5fA/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCncSoGhMgZd2vKP____wx____APltu42AOv1IivcJ7T46____HEWQQASCD____eYfYPWFgIDUBKAB6IGQuCjIAQmpAhUm7JieZLI-qAMByAObBKoEiAJP0OYJ6wf9yjgi9TTRFQGsPdK4E58awqryFq3xlTsakPOsJ18QIij6JZ45tWGvOj9b4yJ5nR0ZPV3Bt0c2ibcpIT3i4akz2dU4NtMdEwoLYDvhqsIiV9tDvYHFVdjEx4o3xGZFGnFEjQnlrRcQEQy6TKZwkq732VuX5zav____3cAX3g0psNKa____cqRSg5WhdF1qpxPNQ3JWC5ttvaLrvrOqVB1YpImymIAp6q6rWnf183BuOL3LaOjk3zgvtCU72vuTPI9u7qaidQt06Fb9tRexaC53pHbnaEn8cwY1-45sF5naE4EcPHviaWinMbFEeg6z03woGyPBuH6Rcm9OR____X8LrZXbafYVV7izABP7IuNukBOAEA4gFz7X24EqSBQYIAxAFGAqSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBkyAB-i54JcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH____p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ8eAGGNr1hPAB0ggUCIBhEAEYXzICigI6AoBASL39wTryCBRiaWRkZXItdGhlbWVkaWFncmlkX4AKBMgLAdoMEAoKEKC0xP7Q17W3dxICAQOwE9vdnhPIE4C8x-ID2BMN2BQB0BUBgBcBshcICgYIABIAGAA__Jsigh__RL____4ajwwmtlo__Juach____m__R__EUACH__F__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNt-LcHAc____28b-J8JWJn2kk7hH5YqPrfoP4DJ0MaLfaJhOhj33qK59j1n6pZmxGAE_BANsC3cnLJOjhUPiAAcRYvwnp9xgvum09LFobYam00BfKmC__MyHvl-bFGKQcTuiIDaDnSLuHw2yXW8pt0in2fWfa3s7HeeQg8CYB6pWNX9rB5ReNGFcjeKvjXfR4BumxWBKsmhKrYNs0RkAVMmuPc6A7ZZRB-JENKw9kO0bGwsAoOBgw6ys6I7abeK1HHflry8OnercM2EC0l29syYYQdmQpVEh0qe37bnZEy7__rzo6cN8F25YKFeBRr0SrN81mURfT3pFrtNPXsyr6zOogSMgAuqdozM5Bl9pm4tID7qaezq0pQL1tnkQ8dJWKhw9eU9tFeq1nVt0Gf3wgfdhZIFnJjyNtTHhwTBGNSeom-zLh7cSZ-tQukx3N7d9PynkgTRV7RQklQomTeNyszr9LYGffAbwnCKDXkqLzFj__s-79lvK4vWnI7zD46TpUAUFyqyetxSLoKgGLhpeQhCJPaSXfzJk66B01YU9blFVIsPqDQDQig5L5Az8OIKb1tRB73WvCYNp1Rw__k3-FJdSm4zflh4xpxbk7TqzW4lbB19NYhFex5Zw2UfbKpexn-AducUeKAY4ShKGM7uCi01__9imA1eHz4jirdBWzvfVB6eWsJDA8InHYP__K4IFCW0Fb4d1bBOw6FSnBe3bfkYB2j2aRTdx2j55bGL-vQ2aio3oe7DXRS9iOkg0xLTY-RFygFiELWLheM8NdTOvXLpkjK5-mALkQPEak63Noca__oTCoVzGHF5Kw8EH5PRWzLLgiSiN0d-GgE2i1jjS70G7MCeachRhbsj1qSOxV__AB8WFAap2a2iWzhYx8cuzaHERTxmBQJR4N0Gaa4iJWaRzdCg59eTbQf-mtctp01jfNzQP06HbF4lgWbLFiD2cZSXWnVBe5Uvv0HwoKSPP8SS3rqNTnggbo0R1xq-2lLR1FSuBSiXE8ShJcKSD9ZJX4MDt0HmHw-5N3zGqmnuelQ__wlkA__xcKSOVzIjqaDeEki2QtagvSyLFE4Yjb7VHDnRiyrXPnNsiria-hjfAyWytGa6Ta0WIdzbvaN6TN2cEo88B5Io4xZTRyKEjiJ1spCiSLUmz7pB02jsYPek7dTGA2PM3H-4vuhw6X4J817qCPDEjDERT1PkQirenP9fi__a0tBh1VWNPEC1JzJkOPZOqLC55wC5xAKtsna1FyC6wLS7m1c3SuQVa0m0dwE65gVNh9ZUqzMRijVRy8Ufspy9yF7xDP0SrEXvR4kxWek9PQoXLkXcM6vZEpzAl8w-nSHLkErJ4ZQ_B
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
43
Content-Type
image/gif
cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 94C2 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=bg3.co&bid_id=92a3b6c4-8c70-4492-9b41-e6be8ce6c52d&ads_txt_id=GJXPHY&has_bsw_id=0&bid_price_usd=0.09963
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.62 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C2 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B8pG5Fu53jm7J5q4v-r9pAY6GTBM4bhfRK4HSOkgbluKkSv6ExCYdu9_jBNzbAJZ5rLVFmvewKckP6YsaOluDYWOTyza9SQCcJR5NnrQKhuxH64C0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C2 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5067503468709120264&x=38&ct=76
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94C2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:02 GMT
container.html
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A6B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:00:58 GMT
expires
Sat, 05 Oct 2024 14:00:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS90YW8tamkteGluLXRhLXRhaS1iYW8td2VpLWd1by14aWFvLWZhbmctYW4tamlhbi10aS16YW8tdG91LXBhby1taW4taGFuZy1qdS14aS10b25nLWNlLXNoaS16aG9uZy13ZWktemhlbmctc2hpLXFpLXlvbmcuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTkwNTc4ZjlkLTg2MTgtNGM5Mi1hYzgwLWFiYzBmZmJmOTYxMCIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDA4NDY4NTUwMDAwMDAwMDAxLCJyZXNwb25zZVRpbWUiOjY2OCwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiYWRsaXZldGVjaCIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMDg0Njg1NTAwMDAwMDAwMDEsIndpbm5lckFkVW5pdElkIjoiODEyNmIzZWU0YTYxM2E4IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6IjQwNjIyOWNhLTczMDAtNGVmMy1iNTE4LWRiMTA3OWE2ZDJmZSIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=9170.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:02 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3a40&_p=1100245420&cid=1082112845.1696600858&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696600862&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&dt=%E6%A1%83%E6%A9%9F%E6%96%B0%E5%A1%94%E8%87%BA%E7%88%86%E3%80%8C%E6%9C%AA%E9%81%8E%E6%B6%88%E9%98%B2%E5%AE%89%E6%AA%A2%E3%80%8D%E6%8F%90%E6%97%A9%E5%81%B7%E8%B7%91%EF%BC%81%E6%B0%91%E8%88%AA%E5%B1%80%EF%BC%9A%E7%B3%BB%E7%B5%B1%E6%B8%AC%E8%A9%A6%E4%B8%AD%E6%9C%AA%E6%AD%A3%E5%BC%8F%E5%95%93%E7%94%A8%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame B2FA 		7 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame BFD3 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUAkYfcADkOPpLUNdbpHDFq5z64n1N6iiDdd8xT6GDqE-XOFSkzO_iSRMg3FTBV0kEt2LiWiiT80gTmnM1QBiNRFFhTfQ
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A6B6 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A6B6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6V9yGAnj6dv4ViSbcb9h5lWAtoJhKFPQkrq0FwB-zebzI6H-b-Rd_nkRD8-bkWs7uPfgQHiX_kbDJa4UxwhTYb90R66eXr3fvYD0QhOqiLlWtuKc
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A6B6 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2597981467365244547&x=1&ct=77
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame A6B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:29:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame A6B6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
1642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame A6B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHfxs4lbj2SwE-4bcUQNLSbsRbB06F2JidhldKLTeMV5cHj0qicq7vdjfnSi1JhGgsWp-VvwkkExJnKxPQSCzj-v85FQ
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A6B6 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:02 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2F09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESECEGMzMx8Zpitae8hIE3KZ4&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESECEGMzMx8Zpitae8hIE3KZ4&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=98802a5f35ede768afcaa6e746f2d2a8&uid=98802a5f35ede768afcaa6e746f2d...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIeUqAIQmbeZmgMY2vWE8AEwAQ&v=APEucNU3_ls1IH-g2XJ9rJaUTHBWCXpDFnv9PeWTLtiq_j-S5-EtrIXSQSiVhtO22AMYWBUqVBDG3PQeJpgjFHU84Q0VaO6GYZXiZJEwmB2doBtSblDIO8s
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:03 GMT
Last-Modified
Fri, 06 Oct 2023 14:01:03 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F09 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIeUqAIQmbeZmgMY2vWE8AEwAQ&v=APEucNU3_ls1IH-g2XJ9rJaUTHBWCXpDFnv9PeWTLtiq_j-S5-EtrIXSQSiVhtO22AMYWBUqVBDG3PQeJpgjFHU84Q0VaO6GYZXiZJEwmB2doBtSblDIO8s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ Frame 345B 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4d7b8e1a2a8b9d9d62465dd38ed6068ec3e69505e59c196387332b0d778e6037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131763
x-xss-protection
0
server
cafe
etag
14144066493543354552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 5545 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
264
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 13:56:38 GMT
etag
2603938475786422795
expires
Fri, 20 Oct 2023 13:56:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C2 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6922416022793&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C2 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6922416022793&version=m202309260101&ct=76&x=38&cor=5067503468709120000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 94C2 		89 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7m_q9AJy-zAkSTJCi1nd8h4oCKTpmyQup_XOSAejVHRVO6vebJBvM0WN11LjuszUB8ZZSs4mV3XajzkQjeue_TIi4Wxe6Rf7ocBzm0-7kcDJR1IFgXTvF8EDU7jUmf_J2s3T4HeI9H-k0jJzFM1fQsmID0_ZT4Y_ssw6vt57jedSho7k&dbm_d=AKAmf-Cnks_f-j9JFp70y-LHB92lyCM2cOKKnCk5POQ_l00XKVERj4-nNOMeC_ABxsBLbqndU6mvaIaxyvVFHIGszdkqMbvXsu73X9e4DtFPY4Jk95rrn5S8rn2g0L0yP3WOeAA9TCkgNqHJchZDvXEHAn6_wY08zFype8wqdVgjbPYoOz8z7puXeGMVVQFm2T4Q8iJA5ENF315vgxeg6DxDHVx_MRyUlL5KS6pGQrRY-5zoOpvqi3BO8yHGrveFO_kwBU98VHdSMYb-D9mKgdP-6y-VuuBRWISz3ifZo39VZ9m4dBQpxCjZTnQiFJii5Diy0AJ3UrgeLYoQT0MU3x5BQ9Dsm1kupvWlRQe1aRzLhvIqOiWY8_leLPv1ib-cYrjCj18r9saWf2Wd4YGsB9hkqzGrqEM4wbaIAJ3SGuLzafBIuc4Xba_QwfA3BPmZicnnSXg1FsFP-WT84l_0lAjT2cRWFdr5SHmh_qsCD9KGF8yaqBpvFAcPzchOlfjffNt5R7d-GgLVti_pJ66JwVR4dVKii5z_4QYrNcEyCN6Ay0z0EKvQcQQKhAyNzA76xYyggAFzqZRmyJulbq470UHCP7csFDiaFpDw1wDu_GYkbVAQKePnPNlErQ4X8HlF6DbChd7VS73l3kT3QeaFOIm_i_Mx-GONvRA6SDYJ4ZIsYFaacUd9CB3uP9DGSsndDyCc1Us9G6NFV9qhZrXk026CDut21PIAftc_sHj4wT_vG1JvpdbhmSjIRJReHbIgRD_SzGH-ev83f-aypB14eO8crecdukmtRFADn_yXOTSn2_k9EGcHRD5KwRf5-2psWUdPNkP5eCVOfbMoIDd2iDjwc906koK4t_s3UCsZ1myGvUscsv7JQHdNw1XD8pDpvFVVzfUlnJexyHKqtpxjsJIDm30B42rBEPLIDaF0Lx8p6bWjCCVyRsc8szsSnU4RN09ik3xAEPvsvs5FlXgJmLZ4bDzbl6nsRctqvaPaeDaxC4IGrXXsqo3YoDTGE1s_lWqsGmpbL_u178C4N1bLJjD9eUItDAOUI2BqfB49515ZLIKqJU7X27DDEqPXATeAmo67u-rVvaraQ5BaibRDpMsmh0i55Yq_1bUjysb5aH1ZmDo47p_ObXHeENOxdJ4rtnEUr30OOVLo2vu6dI3fng4dcyaX6ayUm1edpAmgtYpoxCsNakHxpfWQmX44ccqQjlrnYJpeAKAPlzw2BNxkjulhl_87kEGc3Gkz2GwDAml7AHahTfjwPSwKFK5dnmjkYJZ1qL7BBCDe7s1_Z6NjUZtj62aNZ0L4DDfHwGEAXziYA99rZVQmRc2ljLgiC1LcxfTY_TP2yGpAjXi7NxWnAsgmDHkUOXJ1ZLT42NuVtlScTGigruSYP3MPj5dNe4EGKJLq-IGL2esh03ydWzHmVnSqV1b7katjNZyGXAlGDIJBDZjg8Tx1RFXrCNT_eBarfQFybXe6DbLnfeF--Avw0wxaKNJbwYZH4Typ7on86iF3H28TynRYeksF9FK54pXiy6GN6HGU0vvpkoAS1w66bqdmHJzdl9A1zQ80qqYip2Z7ly4f_bIvrnuGxTeaQY7h3EpMiY0KEoYmow4G0O9kHwToxJXMC5OXI79c8J5euhMElPjHfrX84YbWrnecbnhhjCFwfl8Cjh6y7534L6Fl2PShf8P8-gjGsVcEt0TgWhTyWeDhM1VJbQY0VP0aqs9fYRmICv2sdQCDV5Q9wifHzPQpfcjllowyBGikuhxcELE-IbktmG6FcEOnbS5ZtBn3rGzBhcdPPXQIwWh1jh9b_lzn-AH1AcsSIljr3bnK4_GMd06gKAaGkcXK-5-2c2l8bWQqob22-zgcgjfGm4xmOE5b_-HOgq0Hi3BI1J5IEwgfhZ4MGfYAxvdtQP0mlALH9LxqBB39wK9DvUizgerbC18zkJt_eUr0ySBRaLuhM57jibfSesTEcVUJPFs25GB9nr5XkYCBoqCte9WHnGj447hLyxhIiEL5eIo18POZZRC4ApbW9EMs1vCdvXkOf4WKnnw0ikMeAPQ7OHcCcQR1dCutytJM2Xbw8KLJ0fAvU9Js5gM_Nre_58yNDuKsr1u5QNB9IKnX5QXIMdYxMCa3o8r8j6IiuOQhbDAwWQfY6rnhxo2VwKFMSHORsJ0NH7vy9fg__gayRa32AqOpph7f1nE7QWTTioxfNfrt8wvOiVvM6H1rqLVh40Kx3W_7IEHMWiWeb61nJdQ6iqkljr6xYDn4clo8ygEqVKIgRI48G6OkwvG4eiUyKZUS6BFD1Qcc_4bCfvHNxjlj35TxSMgIqpVDywbyMO4JmUbNPZ3rnRsN4Ero1BAGs8vY1BzhIVPOdPmV1JtOEAh9JNMuDMtacSvGY8YXMVxQEe4L3BByDuX2bgwJvYZNiJt44ZGQ3vUspHFT2ZZb57tcHCPQnbWYVSx-WzD5HXgmAit0Hn2T2TfiF7XYvNMZ5damPxtSDMZ67wDMcM6GJrI3Q0ZK3mKlyZUuJa0FxTXsTWvTTyDA6x-6U7oTshDHZ4t9HXfwj5Qgwj1wZRS4XVgZRACdMhQHA1O3_6NzD6hmVDrt8GAGG61ITk6npfB6AzBIemKPDdSXwCDxbYQE6HXHfYsS1602d9SE3djEJSFEZWcniTqonVmVy0j-af8fXFC2Mji3LFJruAx9ZFj4hET992pIV4XTs1pmnJbn6LWnmA-t81_hdLqRWv3di2ZfaVQJ8ww6R0pqb8J9v437qZGSvcivUtEf1DxogfooHtTAjlFFn9HouxTqusLnvXpq8DYqfIXUzlrRw3Q1SdRrhcr_xomNBA4E0yjmYhUZ33lYmaARuqJoHDBFCguYOL60soAZafnZY5xHSOR27ME-AugLWyiC8H6e_DxVr0Ff_KUUXm1YPK_gbPd_jiijciTvxoC22YkKtejsMRkqb7FFQ0-4-u7evKrgq7cx8R919WoQCr-W93gVEiYJ1U6jhwHOjxL4i4yezk_4VYzUa6mfI_sdwO_0fe7CN5lV36bjVD19jA1aYKvIOoKl6t6rdP462D5i-9_kbRz5pjQvN7QJnzQDy-zSvq_XkZQGFnDXhtgJCvA9TCheIX8xuzRtOiXR8sjr9xcPCVbOgftsiud95CdzyrvwqG3da-_nNUA5N5yTa7e4ZRtdP6prFjTXei9oNDhuoiHXzSGMFbvVEr2vyQ0ce5RtIWo4MmdzSjQ_3neyRVL9tZ4A5k5MW5BB_uWzzEl3xepVEAYJNYGk2XbiYNIpHBAUjd4KZ0bdNeYjk2bMLBH-j5N0DZRpNaXSIBjlaJIv6DXYBTGkvqYJh0nIyPIk_77MRe2-YGLAKE0mVZIpaz1Y0J-dPzHg5KxRYHvisG4yMq_NH_jnz3oPGy6zbfVFc16dP4aSLUF2jXzjg1HuaDBrRKeDBqbE6S1tQnMB0XiHPiRmIqcSpxTreMjuG9bzoh5TjzKj0GJRS5-wnHQ95EB7TnQviHdp93MGgyxBhxouvksmpc268rN6YkJso_BCIie8qTqU-9hl5EWhyazP2V_UWsw6RPElRLnoPj2Vd6oH9iI2-fM6cSbFSXdL8lxzP6USSi_Coo4PA4DBvz5je759wSX8VwaM2J8DIL55mBU7eFnSfhRXJkp967aftFeRiwoGoPGXSq8FTH8YvboLXu89WCzoIRDrvUFcgpCVO6hnY6N0UQfv-OQTPJDtQzBsob8_hhjuO5Gs86wDQykXxf8KoKv5rNMmzMhk2uJY2HShUYER9soxACjz2cD-S5l4nxTe_cSjXq5ugBioI1_iH-ns_edEjtz2C3LdBbIRffbRIwBIxmESA-z4Je0xzL73PWFZu3FsTQpXFH53FoTQPQ&cid=CAQSMgDICaaNt-LcHAc_28b-J8JWJn2kk7hH5YqPrfoP4DJ0MaLfaJhOhj33qK59j1n6pZmxGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ds=l&xdt=0&iif=1&cor=5067503468709120000&adk=2199241599&idt=252&cac=0&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
798697bd2e21414cb4890b2a64818022b32553c819be183ee165b72df3d5fe3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38214
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFD3 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUAkYfcADkOPpLUNdbpHDFq5z64n1N6iiDdd8xT6GDqE-XOFSkzO_iSRMg3FTBV0kEt2LiWiiT80gTmnM1QBiNRFFhTfQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BFD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK312KX7nPYyuoTr1F3VCUA&google_cver=1
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK312KX7nPYyuoTr1F3VCUA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUAkYfcADkOPpLUNdbpHDFq5z64n1N6iiDdd8xT6GDqE-XOFSkzO_iSRMg3FTBV0kEt2LiWiiT80gTmnM1QBiNRFFhTfQ
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsjC3gzclh5oiAPgBSxRj00OzX1ski9WVUGirXLp6Hczm13cS76obDDTZfRBbmgHcZQTkLGIhgHSeslwKvB3Zx8fJjHbaDXyoB2onw8kwPHO8j%2BSVKCMksVYGotYjZQjPopO8SAmEYrk1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f22ecabf8c9-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK312KX7nPYyuoTr1F3VCUA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BFD3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSATHrSpNka.Qd7w4Rb4KgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK312KX7nPYyuoTr1F3VCUA&google_cver=1&google_hm=2
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK312KX7nPYyuoTr1F3VCUA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNUAkYfcADkOPpLUNdbpHDFq5z64n1N6iiDdd8xT6GDqE-XOFSkzO_iSRMg3FTBV0kEt2LiWiiT80gTmnM1QBiNRFFhTfQ
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qaU1OUrEkZAm5hkqnVpyAnjX0EaeQajvb%2FmGOCUmYju4FvKjLxGCFngt1heLBsuUaPmFKhqbKrBQRp2xH9JrkkDbIRo%2Fd8yN8y3JhE0v5FiuNsCyJFuuISUBhg8xyr4G9R2yxBLUGuPQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f238daaf8c9-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK312KX7nPYyuoTr1F3VCUA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 07 Oct 2023 14:01:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 147C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 14:01:03 GMT
17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
pagead2.googlesyndication.com/bg/ Frame 5C51 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
105831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 08:37:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A6B6 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9450370589138&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A6B6 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9450370589138&version=m202309260101&ct=77&x=1&cor=2597981467365244400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A6B6 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3eDbaxSgBSsvLuAJKDvOJNWa_zIn2RA4DVjFVL3hDRomd1AJLDLHd4vLvDpWB7s4WXQodK6XEPTqpQcva9uRdjV-Xyba4HvGzBFU2YWQkPkr9ODPa77-Idhke8Kz4DyuaY5VK_CPu_5CgrjOrbtJ7L6w5yhfuW98-r1SfjET3b1pfi_0&cry=1&dbm_d=AKAmf-Dz7zWVpI5ChPz7MheMvmWUSsYnJst_JFWBLYJ6HbqsmQpzUDi_LVquMxqGfphempQkRCXxapggsBsm_qdDtaD7HAKj2xf22e7cBF5qjZhEmkCWLq5rMohCmT8X7Hr0i99-CO3SZFHGODXZcd302a9CaGyiJHmx9Qq0lNEUevFpDuIN3FHfhzVXP9E-eeLjy6RsfBJSgHpaWaUeHJE9CencfsWdKAPS-08b5Kln3E3-tFAe_9IeS4kHHozHgUVGoW9mlaFHES6jXo09xPGavHO63qW3zk1DMH0BFZTCaoqhoreWqS28eH5ACrhQxmXV87ymE0QJSnQ4uO2AYox-9zgX-OMPWicmoQ0lNzjAIIZJRwBa0oCX4VUPKnRkuh6-7txjhTrd62HSxIXEVpz4n35MXzTDKQuosjpUhK-uLZpfy3oyN-x4aftgrfiQwLOncZM7LjiIPUuZ4hwi5lF1S7AODcbGyPUb7T6oCAs-Qjo-R1WjW1MwpLVwl-kr3qvcDq9lkmxhJXNPchEzIFwtkzp8_loNzv9k_4cG7z357b7pCx9KIRQmDpGsX4zVNkgg4q5m2S20loMAmNGP7I9BPAGKfd0eMMs5N2dyCbdUN2Toh19Nb0QgYSaBa1f4cgBNmBQqekmi3QW3pkY9UZNWpdyy7x_r7PlX4qO3aF_jmcPIhgg7sLVVN9Fsve1MhNrPhQnUeHfUE1x2QzelvdHpi23Xn5Ld2WgSwR8JtRvccBZ9TovFaT2pSpRAvYwp7Wl5L0MqIfu5A0T4ce5upJybfEbpp27ZiIs5YVYlzXBc-RXJaPk-v0UKaLZjk0qZtqoO_9wTx6a6ubSP2puB0iYWvyuQSL1Z6U2FQTxvqs8F6-VW4AIRyEty2JYpPGe0ejDCUhydktpMqvNOr-SBgMtYM-76KOgSlj2YlYb6EbPUfb7uuE5uN37cAXTF70I1FXkF3_O7_WlkLOe2pFEJWcTzP74WcTOxiclSDSYrNPp_Wg0JOeS9rA3SbsCGrwa_Bng_kySZ6yYXenOPQ6XXIFkwH-0RKSWx3x15bnyOVA1ULxglPoydEzz1BZvScL6Je5dDG62WBsDdGn4hQaowquqIYwJALaymX41hpSTdKVNy1R-19ptFhJjpUzGYSjMCaC4AoyY3yC1ncqJJ0J5MHnqKQeldbXoNZACKKKZ0dOPGFXeCTAWODnMTMf1JAegpd5LstQEYePFTuEMxF-CHargvIAtu6dcaEQYjxb1RZJ2fhsa0lL0TEj-gSq3h3zxgqcHHtj8RUhHC487SK6siPc7Nv4obyCbf5wYN67RYaLD9GgfxzBvwCh3ZPGs9Xu0W68onBJ3tR2rRVDPEw4e7RihXcDDi5Aeb9SB6q2Jztts0_bQyraDBWySe6yaQ02W11jD9yCj3ZMoSpE-1ilbbrmcpzTzv0Xe5K5k4IxSePqvnnyfFTybmHndzqbNT7_s42uMsKqtUhLeEjcp_IZ86cK8RNqyg7NmhbHrw4cEpmhqPnbXuk6sk8KN_wN-Pmx8NsWhWwgFfH4oMEedNxgwku6eJ30sYIAb2aX3yQbXZ0ADkSThrImHpidqqLnBUAHTDI1mbvbGJzW2u6Lx_FTmr8a_17LnmseedFtPhHPZ63BWJUQ12qOq8qEEGpkpCZzEE7yZVZbF2gSxFuVLrf6ly-V3dRXzBCPhbQEzQh8y-t6SA21eDuMbXBjEQhmzsm5bs_XMCUWjrwrm4IbnDRWXsh3T-UWm2Rln84qxRWAIDIgcXQg20SJgJ-vbVT9zHaH7epI8mKE9eK3fleHlOcpl6Bq7ZnTLIPXvrIywSOOt0MhnfaNW64c7t6cADJMCaJD1yXHLqpKWgCW-T325ysH6G7l9bXvnVuLjxVyQXW-Olb5xJtz1-e0hynfmWeSgMUUsNLi1MeF5r0dJqJNudCjCPbrAhnBrTu4YibdWkUF-hwOK_7YmYvuGi25F4hBfKce82YgkCG7hLdfKp148iNdiEe7YOiG5ZVBhnk7-8tUmIX1Lv2v1s8-9NXR4Kgn1--ebZWnA3f5vldB5Y4kMDlUp9m4Q5kYWBL9jkYer9sH9ov25TftEapwwDpFQFzchDI1v5bBzfeZ5Qv9LJ33DqtKeCftXTycnYliJNz0UVgyE4weu8Q5Uc3S4IW_HFL8WawK-M1sJ15oJ6tQMeDiP_xfngxgHnV9BwyPPEMzo1bv8J-eeDcTUsQ1M7CCrEx17ia8XUeqF7M0nJuGkx7HPyCP7qkgPvc49zNrlNbBClTueJQ8DVDyTpuhnGDBpwDH3P4xPhwquYWMFoQDRLzf9Su_anMkF0HN664IWKxR9yiYuC8M29h2Fv-Z4egnbfKOAYTzSXp3qAedXyGjVNZKUdYaDyyTdK0UeVz9EF8IamsdztXE9hEhAoX1CZHztnSZR1dELQENapK5iekVo286yjgT5sfA0tAGuvKNrhYN8iDW7P2FIa_G_7KMyoJm4gsv2YHh5HW10dYpg1Fx32wsz9-lj1tFec0pJ9P5VWWCeGSP5xbkoCqTyhDtxOBBLyEDRXq3Rn4RjktQotYiR2lukXk2h1IaFM4xBlOWU1XCW1Fl0m7oXIBwvEAZAJv7TDYfG1jNGdOZSatkazGA081BXpCG2MLqd3puaqYzIEuspROzTB7q4zycwMfbkS1AjhJiwLo3ZCuJ3yoyaARTVRDl01AhWPwgNtgx_yX7mlGXQKxW4zZV2UAcK3Vk_1PGhswPtbMCveCbg6d7sQiwaghxbkeE3tk6bTr_j43tLTbZx8QQ0zeiLKV2ggPhpPTwCcb6LtzbBFzgi65PPA-QJWq505PJcXCah2MCqanKbFZa-XdM4hZwJpmX0XJS0s7grYJ3Wkh86Nii3sPn3nrA0wYqW_S3j53agLJO24e8qNXvHEpg9wWdFql1b4ldw7PRRLEFaOV_XvRB4-s1RMmQbsM1U5x99uJoA7E5BDqd_kJFsXwDNHMLcMAujVNnNZRjOTBGuitYgBwSqvg9K3pug3Z7JK-FIigsmRK6JR40tjVsz8yHM7ok721p1mKIsxbcJ4SLDPsKkAsyhw9glgRm3rtkjmQFzMEiJBdWtWSwlZZALm8qV_6mDKHQltKKf56HCQKRvRWapyMeXh_WgWYUraM534O_StnCr52d6ut2LipuTTHoJEKQhzpHvI-VP_w3lFIfYOauweAOrVvsqRxIS1EwgUTul0JGsnRxdwLlmvWcEvbJ-Hwe-v62r7wVlE8N9NcMOB5POD37dztrR6STnywcoXA8uPhx2RUyN4wRuD34Xj55-6UQgL5r20giaVc_B41Ugaoj3YZ-FjUzdhylgSgaorrGDOmfG2jWM2vYr5x_dK3yKTj060bYeJ0LzYf7Jc9_le8fqpsvcGcTLpBK7tB0fidQbSbJu_1ZZmmfP-cp6CXIA287BmoOcufO9GrDKq5oURUGlrTjdxjwWqDdc4r3Xtxe2FR-gV5J3FtF8hI-FskGfmLAViG6gazBBlifpGz4OdDdZeCISR9dZPNq0klATtWP6baaLq42DQ4ug_BULb3Jl7ZCVuaeXPQE2JzC9iAMAS9TTBQiJN4biKi0W4vRndoOXoERxFA_yFkn2bgASWIT034s1rNvBMQ9XrGSakSgZk0bzt-_eAA_CgUkPUEdDpPhRyBpYDhAdKboNgqIV0o0zkV8OqxHBoxnTyJl4CzJspG2yP9iG0-lKMyCcRV_ZvOL8FdCy1CN7f2-oKIJYCQzP5TKgGQ-yFTvOXwP6-E2j_OOgu2f340UPxTLd-Dsu2j4zSR5IX19dZFjIjLWj9iZQ-S6xw1_0KvPkNwBJaEeuWa4oXigseGVruyLlIm_0slaH3VtSxKR_vho5AQvXXMBqGQG2-4wqfswtU2TeBApSc4FlQYsuV-ah0r8PAtOo8da0XF8gOqgS5zNx6VQ02rvtNoApUnx2RJfeCmBQfcikqzZazYuO5BEveX1fr6eHp9zLi3l9yYNpe6Ae8pybyJ_sfoPFSfRawkqm1cTS2GhLoh5wnTixVVabnLy9A8rbb4nZ40TKIkmy8fcbnsB3y7RcZ_a6_GMulkW2D7xBXqrZZXmI-m5BCHAMT-X1wQXTb5igmSRKb4AirKvdPMGZmkWjDSK7LqW4iCc7v8vQSkw4dc3nXWgVQgOAc50ik-whiOnIClj_hmyd49yhnC87OFKa7Y29F_ReG9urorGHQfurreqVve8jA49Ty9WmZ&cid=CAQSPADICaaN497VuSPRiP4jYTcbr53e81Z62-99CFuBq7-7OfviOWxcEgHdRX6HzCiqb44QQ3Awi7KVhcKbfhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=2597981467365244400&adk=3944675600&idt=237&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3ba37a7d6ab8d140e53539d80441045580bc626b86ee781f07201d5f392db8e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12396
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 94C2 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 94C2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7m_q9AJy-zAkSTJCi1nd8h4oCKTpmyQup_XOSAejVHRVO6vebJBvM0WN11LjuszUB8ZZSs4mV3XajzkQjeue_TIi4Wxe6Rf7ocBzm0-7kcDJR1IFgXTvF8EDU7jUmf_J2s3T4HeI9H-k0jJzFM1fQsmID0_ZT4Y_ssw6vt57jedSho7k&dbm_d=AKAmf-Cnks_f-j9JFp70y-LHB92lyCM2cOKKnCk5POQ_l00XKVERj4-nNOMeC_ABxsBLbqndU6mvaIaxyvVFHIGszdkqMbvXsu73X9e4DtFPY4Jk95rrn5S8rn2g0L0yP3WOeAA9TCkgNqHJchZDvXEHAn6_wY08zFype8wqdVgjbPYoOz8z7puXeGMVVQFm2T4Q8iJA5ENF315vgxeg6DxDHVx_MRyUlL5KS6pGQrRY-5zoOpvqi3BO8yHGrveFO_kwBU98VHdSMYb-D9mKgdP-6y-VuuBRWISz3ifZo39VZ9m4dBQpxCjZTnQiFJii5Diy0AJ3UrgeLYoQT0MU3x5BQ9Dsm1kupvWlRQe1aRzLhvIqOiWY8_leLPv1ib-cYrjCj18r9saWf2Wd4YGsB9hkqzGrqEM4wbaIAJ3SGuLzafBIuc4Xba_QwfA3BPmZicnnSXg1FsFP-WT84l_0lAjT2cRWFdr5SHmh_qsCD9KGF8yaqBpvFAcPzchOlfjffNt5R7d-GgLVti_pJ66JwVR4dVKii5z_4QYrNcEyCN6Ay0z0EKvQcQQKhAyNzA76xYyggAFzqZRmyJulbq470UHCP7csFDiaFpDw1wDu_GYkbVAQKePnPNlErQ4X8HlF6DbChd7VS73l3kT3QeaFOIm_i_Mx-GONvRA6SDYJ4ZIsYFaacUd9CB3uP9DGSsndDyCc1Us9G6NFV9qhZrXk026CDut21PIAftc_sHj4wT_vG1JvpdbhmSjIRJReHbIgRD_SzGH-ev83f-aypB14eO8crecdukmtRFADn_yXOTSn2_k9EGcHRD5KwRf5-2psWUdPNkP5eCVOfbMoIDd2iDjwc906koK4t_s3UCsZ1myGvUscsv7JQHdNw1XD8pDpvFVVzfUlnJexyHKqtpxjsJIDm30B42rBEPLIDaF0Lx8p6bWjCCVyRsc8szsSnU4RN09ik3xAEPvsvs5FlXgJmLZ4bDzbl6nsRctqvaPaeDaxC4IGrXXsqo3YoDTGE1s_lWqsGmpbL_u178C4N1bLJjD9eUItDAOUI2BqfB49515ZLIKqJU7X27DDEqPXATeAmo67u-rVvaraQ5BaibRDpMsmh0i55Yq_1bUjysb5aH1ZmDo47p_ObXHeENOxdJ4rtnEUr30OOVLo2vu6dI3fng4dcyaX6ayUm1edpAmgtYpoxCsNakHxpfWQmX44ccqQjlrnYJpeAKAPlzw2BNxkjulhl_87kEGc3Gkz2GwDAml7AHahTfjwPSwKFK5dnmjkYJZ1qL7BBCDe7s1_Z6NjUZtj62aNZ0L4DDfHwGEAXziYA99rZVQmRc2ljLgiC1LcxfTY_TP2yGpAjXi7NxWnAsgmDHkUOXJ1ZLT42NuVtlScTGigruSYP3MPj5dNe4EGKJLq-IGL2esh03ydWzHmVnSqV1b7katjNZyGXAlGDIJBDZjg8Tx1RFXrCNT_eBarfQFybXe6DbLnfeF--Avw0wxaKNJbwYZH4Typ7on86iF3H28TynRYeksF9FK54pXiy6GN6HGU0vvpkoAS1w66bqdmHJzdl9A1zQ80qqYip2Z7ly4f_bIvrnuGxTeaQY7h3EpMiY0KEoYmow4G0O9kHwToxJXMC5OXI79c8J5euhMElPjHfrX84YbWrnecbnhhjCFwfl8Cjh6y7534L6Fl2PShf8P8-gjGsVcEt0TgWhTyWeDhM1VJbQY0VP0aqs9fYRmICv2sdQCDV5Q9wifHzPQpfcjllowyBGikuhxcELE-IbktmG6FcEOnbS5ZtBn3rGzBhcdPPXQIwWh1jh9b_lzn-AH1AcsSIljr3bnK4_GMd06gKAaGkcXK-5-2c2l8bWQqob22-zgcgjfGm4xmOE5b_-HOgq0Hi3BI1J5IEwgfhZ4MGfYAxvdtQP0mlALH9LxqBB39wK9DvUizgerbC18zkJt_eUr0ySBRaLuhM57jibfSesTEcVUJPFs25GB9nr5XkYCBoqCte9WHnGj447hLyxhIiEL5eIo18POZZRC4ApbW9EMs1vCdvXkOf4WKnnw0ikMeAPQ7OHcCcQR1dCutytJM2Xbw8KLJ0fAvU9Js5gM_Nre_58yNDuKsr1u5QNB9IKnX5QXIMdYxMCa3o8r8j6IiuOQhbDAwWQfY6rnhxo2VwKFMSHORsJ0NH7vy9fg__gayRa32AqOpph7f1nE7QWTTioxfNfrt8wvOiVvM6H1rqLVh40Kx3W_7IEHMWiWeb61nJdQ6iqkljr6xYDn4clo8ygEqVKIgRI48G6OkwvG4eiUyKZUS6BFD1Qcc_4bCfvHNxjlj35TxSMgIqpVDywbyMO4JmUbNPZ3rnRsN4Ero1BAGs8vY1BzhIVPOdPmV1JtOEAh9JNMuDMtacSvGY8YXMVxQEe4L3BByDuX2bgwJvYZNiJt44ZGQ3vUspHFT2ZZb57tcHCPQnbWYVSx-WzD5HXgmAit0Hn2T2TfiF7XYvNMZ5damPxtSDMZ67wDMcM6GJrI3Q0ZK3mKlyZUuJa0FxTXsTWvTTyDA6x-6U7oTshDHZ4t9HXfwj5Qgwj1wZRS4XVgZRACdMhQHA1O3_6NzD6hmVDrt8GAGG61ITk6npfB6AzBIemKPDdSXwCDxbYQE6HXHfYsS1602d9SE3djEJSFEZWcniTqonVmVy0j-af8fXFC2Mji3LFJruAx9ZFj4hET992pIV4XTs1pmnJbn6LWnmA-t81_hdLqRWv3di2ZfaVQJ8ww6R0pqb8J9v437qZGSvcivUtEf1DxogfooHtTAjlFFn9HouxTqusLnvXpq8DYqfIXUzlrRw3Q1SdRrhcr_xomNBA4E0yjmYhUZ33lYmaARuqJoHDBFCguYOL60soAZafnZY5xHSOR27ME-AugLWyiC8H6e_DxVr0Ff_KUUXm1YPK_gbPd_jiijciTvxoC22YkKtejsMRkqb7FFQ0-4-u7evKrgq7cx8R919WoQCr-W93gVEiYJ1U6jhwHOjxL4i4yezk_4VYzUa6mfI_sdwO_0fe7CN5lV36bjVD19jA1aYKvIOoKl6t6rdP462D5i-9_kbRz5pjQvN7QJnzQDy-zSvq_XkZQGFnDXhtgJCvA9TCheIX8xuzRtOiXR8sjr9xcPCVbOgftsiud95CdzyrvwqG3da-_nNUA5N5yTa7e4ZRtdP6prFjTXei9oNDhuoiHXzSGMFbvVEr2vyQ0ce5RtIWo4MmdzSjQ_3neyRVL9tZ4A5k5MW5BB_uWzzEl3xepVEAYJNYGk2XbiYNIpHBAUjd4KZ0bdNeYjk2bMLBH-j5N0DZRpNaXSIBjlaJIv6DXYBTGkvqYJh0nIyPIk_77MRe2-YGLAKE0mVZIpaz1Y0J-dPzHg5KxRYHvisG4yMq_NH_jnz3oPGy6zbfVFc16dP4aSLUF2jXzjg1HuaDBrRKeDBqbE6S1tQnMB0XiHPiRmIqcSpxTreMjuG9bzoh5TjzKj0GJRS5-wnHQ95EB7TnQviHdp93MGgyxBhxouvksmpc268rN6YkJso_BCIie8qTqU-9hl5EWhyazP2V_UWsw6RPElRLnoPj2Vd6oH9iI2-fM6cSbFSXdL8lxzP6USSi_Coo4PA4DBvz5je759wSX8VwaM2J8DIL55mBU7eFnSfhRXJkp967aftFeRiwoGoPGXSq8FTH8YvboLXu89WCzoIRDrvUFcgpCVO6hnY6N0UQfv-OQTPJDtQzBsob8_hhjuO5Gs86wDQykXxf8KoKv5rNMmzMhk2uJY2HShUYER9soxACjz2cD-S5l4nxTe_cSjXq5ugBioI1_iH-ns_edEjtz2C3LdBbIRffbRIwBIxmESA-z4Je0xzL73PWFZu3FsTQpXFH53FoTQPQ&cid=CAQSMgDICaaNt-LcHAc_28b-J8JWJn2kk7hH5YqPrfoP4DJ0MaLfaJhOhj33qK59j1n6pZmxGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ds=l&xdt=0&iif=1&cor=5067503468709120000&adk=2199241599&idt=252&cac=0&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
1032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 94C2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7m_q9AJy-zAkSTJCi1nd8h4oCKTpmyQup_XOSAejVHRVO6vebJBvM0WN11LjuszUB8ZZSs4mV3XajzkQjeue_TIi4Wxe6Rf7ocBzm0-7kcDJR1IFgXTvF8EDU7jUmf_J2s3T4HeI9H-k0jJzFM1fQsmID0_ZT4Y_ssw6vt57jedSho7k&dbm_d=AKAmf-Cnks_f-j9JFp70y-LHB92lyCM2cOKKnCk5POQ_l00XKVERj4-nNOMeC_ABxsBLbqndU6mvaIaxyvVFHIGszdkqMbvXsu73X9e4DtFPY4Jk95rrn5S8rn2g0L0yP3WOeAA9TCkgNqHJchZDvXEHAn6_wY08zFype8wqdVgjbPYoOz8z7puXeGMVVQFm2T4Q8iJA5ENF315vgxeg6DxDHVx_MRyUlL5KS6pGQrRY-5zoOpvqi3BO8yHGrveFO_kwBU98VHdSMYb-D9mKgdP-6y-VuuBRWISz3ifZo39VZ9m4dBQpxCjZTnQiFJii5Diy0AJ3UrgeLYoQT0MU3x5BQ9Dsm1kupvWlRQe1aRzLhvIqOiWY8_leLPv1ib-cYrjCj18r9saWf2Wd4YGsB9hkqzGrqEM4wbaIAJ3SGuLzafBIuc4Xba_QwfA3BPmZicnnSXg1FsFP-WT84l_0lAjT2cRWFdr5SHmh_qsCD9KGF8yaqBpvFAcPzchOlfjffNt5R7d-GgLVti_pJ66JwVR4dVKii5z_4QYrNcEyCN6Ay0z0EKvQcQQKhAyNzA76xYyggAFzqZRmyJulbq470UHCP7csFDiaFpDw1wDu_GYkbVAQKePnPNlErQ4X8HlF6DbChd7VS73l3kT3QeaFOIm_i_Mx-GONvRA6SDYJ4ZIsYFaacUd9CB3uP9DGSsndDyCc1Us9G6NFV9qhZrXk026CDut21PIAftc_sHj4wT_vG1JvpdbhmSjIRJReHbIgRD_SzGH-ev83f-aypB14eO8crecdukmtRFADn_yXOTSn2_k9EGcHRD5KwRf5-2psWUdPNkP5eCVOfbMoIDd2iDjwc906koK4t_s3UCsZ1myGvUscsv7JQHdNw1XD8pDpvFVVzfUlnJexyHKqtpxjsJIDm30B42rBEPLIDaF0Lx8p6bWjCCVyRsc8szsSnU4RN09ik3xAEPvsvs5FlXgJmLZ4bDzbl6nsRctqvaPaeDaxC4IGrXXsqo3YoDTGE1s_lWqsGmpbL_u178C4N1bLJjD9eUItDAOUI2BqfB49515ZLIKqJU7X27DDEqPXATeAmo67u-rVvaraQ5BaibRDpMsmh0i55Yq_1bUjysb5aH1ZmDo47p_ObXHeENOxdJ4rtnEUr30OOVLo2vu6dI3fng4dcyaX6ayUm1edpAmgtYpoxCsNakHxpfWQmX44ccqQjlrnYJpeAKAPlzw2BNxkjulhl_87kEGc3Gkz2GwDAml7AHahTfjwPSwKFK5dnmjkYJZ1qL7BBCDe7s1_Z6NjUZtj62aNZ0L4DDfHwGEAXziYA99rZVQmRc2ljLgiC1LcxfTY_TP2yGpAjXi7NxWnAsgmDHkUOXJ1ZLT42NuVtlScTGigruSYP3MPj5dNe4EGKJLq-IGL2esh03ydWzHmVnSqV1b7katjNZyGXAlGDIJBDZjg8Tx1RFXrCNT_eBarfQFybXe6DbLnfeF--Avw0wxaKNJbwYZH4Typ7on86iF3H28TynRYeksF9FK54pXiy6GN6HGU0vvpkoAS1w66bqdmHJzdl9A1zQ80qqYip2Z7ly4f_bIvrnuGxTeaQY7h3EpMiY0KEoYmow4G0O9kHwToxJXMC5OXI79c8J5euhMElPjHfrX84YbWrnecbnhhjCFwfl8Cjh6y7534L6Fl2PShf8P8-gjGsVcEt0TgWhTyWeDhM1VJbQY0VP0aqs9fYRmICv2sdQCDV5Q9wifHzPQpfcjllowyBGikuhxcELE-IbktmG6FcEOnbS5ZtBn3rGzBhcdPPXQIwWh1jh9b_lzn-AH1AcsSIljr3bnK4_GMd06gKAaGkcXK-5-2c2l8bWQqob22-zgcgjfGm4xmOE5b_-HOgq0Hi3BI1J5IEwgfhZ4MGfYAxvdtQP0mlALH9LxqBB39wK9DvUizgerbC18zkJt_eUr0ySBRaLuhM57jibfSesTEcVUJPFs25GB9nr5XkYCBoqCte9WHnGj447hLyxhIiEL5eIo18POZZRC4ApbW9EMs1vCdvXkOf4WKnnw0ikMeAPQ7OHcCcQR1dCutytJM2Xbw8KLJ0fAvU9Js5gM_Nre_58yNDuKsr1u5QNB9IKnX5QXIMdYxMCa3o8r8j6IiuOQhbDAwWQfY6rnhxo2VwKFMSHORsJ0NH7vy9fg__gayRa32AqOpph7f1nE7QWTTioxfNfrt8wvOiVvM6H1rqLVh40Kx3W_7IEHMWiWeb61nJdQ6iqkljr6xYDn4clo8ygEqVKIgRI48G6OkwvG4eiUyKZUS6BFD1Qcc_4bCfvHNxjlj35TxSMgIqpVDywbyMO4JmUbNPZ3rnRsN4Ero1BAGs8vY1BzhIVPOdPmV1JtOEAh9JNMuDMtacSvGY8YXMVxQEe4L3BByDuX2bgwJvYZNiJt44ZGQ3vUspHFT2ZZb57tcHCPQnbWYVSx-WzD5HXgmAit0Hn2T2TfiF7XYvNMZ5damPxtSDMZ67wDMcM6GJrI3Q0ZK3mKlyZUuJa0FxTXsTWvTTyDA6x-6U7oTshDHZ4t9HXfwj5Qgwj1wZRS4XVgZRACdMhQHA1O3_6NzD6hmVDrt8GAGG61ITk6npfB6AzBIemKPDdSXwCDxbYQE6HXHfYsS1602d9SE3djEJSFEZWcniTqonVmVy0j-af8fXFC2Mji3LFJruAx9ZFj4hET992pIV4XTs1pmnJbn6LWnmA-t81_hdLqRWv3di2ZfaVQJ8ww6R0pqb8J9v437qZGSvcivUtEf1DxogfooHtTAjlFFn9HouxTqusLnvXpq8DYqfIXUzlrRw3Q1SdRrhcr_xomNBA4E0yjmYhUZ33lYmaARuqJoHDBFCguYOL60soAZafnZY5xHSOR27ME-AugLWyiC8H6e_DxVr0Ff_KUUXm1YPK_gbPd_jiijciTvxoC22YkKtejsMRkqb7FFQ0-4-u7evKrgq7cx8R919WoQCr-W93gVEiYJ1U6jhwHOjxL4i4yezk_4VYzUa6mfI_sdwO_0fe7CN5lV36bjVD19jA1aYKvIOoKl6t6rdP462D5i-9_kbRz5pjQvN7QJnzQDy-zSvq_XkZQGFnDXhtgJCvA9TCheIX8xuzRtOiXR8sjr9xcPCVbOgftsiud95CdzyrvwqG3da-_nNUA5N5yTa7e4ZRtdP6prFjTXei9oNDhuoiHXzSGMFbvVEr2vyQ0ce5RtIWo4MmdzSjQ_3neyRVL9tZ4A5k5MW5BB_uWzzEl3xepVEAYJNYGk2XbiYNIpHBAUjd4KZ0bdNeYjk2bMLBH-j5N0DZRpNaXSIBjlaJIv6DXYBTGkvqYJh0nIyPIk_77MRe2-YGLAKE0mVZIpaz1Y0J-dPzHg5KxRYHvisG4yMq_NH_jnz3oPGy6zbfVFc16dP4aSLUF2jXzjg1HuaDBrRKeDBqbE6S1tQnMB0XiHPiRmIqcSpxTreMjuG9bzoh5TjzKj0GJRS5-wnHQ95EB7TnQviHdp93MGgyxBhxouvksmpc268rN6YkJso_BCIie8qTqU-9hl5EWhyazP2V_UWsw6RPElRLnoPj2Vd6oH9iI2-fM6cSbFSXdL8lxzP6USSi_Coo4PA4DBvz5je759wSX8VwaM2J8DIL55mBU7eFnSfhRXJkp967aftFeRiwoGoPGXSq8FTH8YvboLXu89WCzoIRDrvUFcgpCVO6hnY6N0UQfv-OQTPJDtQzBsob8_hhjuO5Gs86wDQykXxf8KoKv5rNMmzMhk2uJY2HShUYER9soxACjz2cD-S5l4nxTe_cSjXq5ugBioI1_iH-ns_edEjtz2C3LdBbIRffbRIwBIxmESA-z4Je0xzL73PWFZu3FsTQpXFH53FoTQPQ&cid=CAQSMgDICaaNt-LcHAc_28b-J8JWJn2kk7hH5YqPrfoP4DJ0MaLfaJhOhj33qK59j1n6pZmxGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ds=l&xdt=0&iif=1&cor=5067503468709120000&adk=2199241599&idt=252&cac=0&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 94C2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
25359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
truncated
/ Frame 94C2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20bf03675e0bcde5da263544cb280a9107b98d516e2fff20225abba9aa603ce9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
video.min.js
vjs.zencdn.net/7.11.4/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.11.4/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230065-FRA
date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 16:37:54 GMT
etag
"dca7de69f28da40d65353c2e9323442b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
148475
x-cache-hits
20
cookie.js
partner.googleadservices.com/gampad/ Frame 345B 		210 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ab49d2c42e6a33be518e0fe8813edde3811059123d3f7eb99e84573e972550d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D392 		27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
94243e72d46b0386bf3284cbb5e330bb6ad3a8943f26e99df0c62b17aaa656f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12644
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:03 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
idsync
sync.aralego.com/ Frame B2FA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNEOCGWP-1F-LQJT
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNEOCGWP-1F-LQJT
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNEOCGWP-1F-LQJT
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:04 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNEOCGWP-1F-LQJT
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CBC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1869
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 13:29:54 GMT
expires
Sat, 05 Oct 2024 13:29:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5499 		829 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
c4e3ae4cd618335e965051dbb7d2ba8a1d6db85dc91911c16c4bf3af1e631808
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lw6aE1vR2YLcjKLVhf62dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lw6aE1vR2YLcjKLVhf62dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:03 GMT
expires
Fri, 06 Oct 2023 14:01:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A6B6 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3eDbaxSgBSsvLuAJKDvOJNWa_zIn2RA4DVjFVL3hDRomd1AJLDLHd4vLvDpWB7s4WXQodK6XEPTqpQcva9uRdjV-Xyba4HvGzBFU2YWQkPkr9ODPa77-Idhke8Kz4DyuaY5VK_CPu_5CgrjOrbtJ7L6w5yhfuW98-r1SfjET3b1pfi_0&cry=1&dbm_d=AKAmf-Dz7zWVpI5ChPz7MheMvmWUSsYnJst_JFWBLYJ6HbqsmQpzUDi_LVquMxqGfphempQkRCXxapggsBsm_qdDtaD7HAKj2xf22e7cBF5qjZhEmkCWLq5rMohCmT8X7Hr0i99-CO3SZFHGODXZcd302a9CaGyiJHmx9Qq0lNEUevFpDuIN3FHfhzVXP9E-eeLjy6RsfBJSgHpaWaUeHJE9CencfsWdKAPS-08b5Kln3E3-tFAe_9IeS4kHHozHgUVGoW9mlaFHES6jXo09xPGavHO63qW3zk1DMH0BFZTCaoqhoreWqS28eH5ACrhQxmXV87ymE0QJSnQ4uO2AYox-9zgX-OMPWicmoQ0lNzjAIIZJRwBa0oCX4VUPKnRkuh6-7txjhTrd62HSxIXEVpz4n35MXzTDKQuosjpUhK-uLZpfy3oyN-x4aftgrfiQwLOncZM7LjiIPUuZ4hwi5lF1S7AODcbGyPUb7T6oCAs-Qjo-R1WjW1MwpLVwl-kr3qvcDq9lkmxhJXNPchEzIFwtkzp8_loNzv9k_4cG7z357b7pCx9KIRQmDpGsX4zVNkgg4q5m2S20loMAmNGP7I9BPAGKfd0eMMs5N2dyCbdUN2Toh19Nb0QgYSaBa1f4cgBNmBQqekmi3QW3pkY9UZNWpdyy7x_r7PlX4qO3aF_jmcPIhgg7sLVVN9Fsve1MhNrPhQnUeHfUE1x2QzelvdHpi23Xn5Ld2WgSwR8JtRvccBZ9TovFaT2pSpRAvYwp7Wl5L0MqIfu5A0T4ce5upJybfEbpp27ZiIs5YVYlzXBc-RXJaPk-v0UKaLZjk0qZtqoO_9wTx6a6ubSP2puB0iYWvyuQSL1Z6U2FQTxvqs8F6-VW4AIRyEty2JYpPGe0ejDCUhydktpMqvNOr-SBgMtYM-76KOgSlj2YlYb6EbPUfb7uuE5uN37cAXTF70I1FXkF3_O7_WlkLOe2pFEJWcTzP74WcTOxiclSDSYrNPp_Wg0JOeS9rA3SbsCGrwa_Bng_kySZ6yYXenOPQ6XXIFkwH-0RKSWx3x15bnyOVA1ULxglPoydEzz1BZvScL6Je5dDG62WBsDdGn4hQaowquqIYwJALaymX41hpSTdKVNy1R-19ptFhJjpUzGYSjMCaC4AoyY3yC1ncqJJ0J5MHnqKQeldbXoNZACKKKZ0dOPGFXeCTAWODnMTMf1JAegpd5LstQEYePFTuEMxF-CHargvIAtu6dcaEQYjxb1RZJ2fhsa0lL0TEj-gSq3h3zxgqcHHtj8RUhHC487SK6siPc7Nv4obyCbf5wYN67RYaLD9GgfxzBvwCh3ZPGs9Xu0W68onBJ3tR2rRVDPEw4e7RihXcDDi5Aeb9SB6q2Jztts0_bQyraDBWySe6yaQ02W11jD9yCj3ZMoSpE-1ilbbrmcpzTzv0Xe5K5k4IxSePqvnnyfFTybmHndzqbNT7_s42uMsKqtUhLeEjcp_IZ86cK8RNqyg7NmhbHrw4cEpmhqPnbXuk6sk8KN_wN-Pmx8NsWhWwgFfH4oMEedNxgwku6eJ30sYIAb2aX3yQbXZ0ADkSThrImHpidqqLnBUAHTDI1mbvbGJzW2u6Lx_FTmr8a_17LnmseedFtPhHPZ63BWJUQ12qOq8qEEGpkpCZzEE7yZVZbF2gSxFuVLrf6ly-V3dRXzBCPhbQEzQh8y-t6SA21eDuMbXBjEQhmzsm5bs_XMCUWjrwrm4IbnDRWXsh3T-UWm2Rln84qxRWAIDIgcXQg20SJgJ-vbVT9zHaH7epI8mKE9eK3fleHlOcpl6Bq7ZnTLIPXvrIywSOOt0MhnfaNW64c7t6cADJMCaJD1yXHLqpKWgCW-T325ysH6G7l9bXvnVuLjxVyQXW-Olb5xJtz1-e0hynfmWeSgMUUsNLi1MeF5r0dJqJNudCjCPbrAhnBrTu4YibdWkUF-hwOK_7YmYvuGi25F4hBfKce82YgkCG7hLdfKp148iNdiEe7YOiG5ZVBhnk7-8tUmIX1Lv2v1s8-9NXR4Kgn1--ebZWnA3f5vldB5Y4kMDlUp9m4Q5kYWBL9jkYer9sH9ov25TftEapwwDpFQFzchDI1v5bBzfeZ5Qv9LJ33DqtKeCftXTycnYliJNz0UVgyE4weu8Q5Uc3S4IW_HFL8WawK-M1sJ15oJ6tQMeDiP_xfngxgHnV9BwyPPEMzo1bv8J-eeDcTUsQ1M7CCrEx17ia8XUeqF7M0nJuGkx7HPyCP7qkgPvc49zNrlNbBClTueJQ8DVDyTpuhnGDBpwDH3P4xPhwquYWMFoQDRLzf9Su_anMkF0HN664IWKxR9yiYuC8M29h2Fv-Z4egnbfKOAYTzSXp3qAedXyGjVNZKUdYaDyyTdK0UeVz9EF8IamsdztXE9hEhAoX1CZHztnSZR1dELQENapK5iekVo286yjgT5sfA0tAGuvKNrhYN8iDW7P2FIa_G_7KMyoJm4gsv2YHh5HW10dYpg1Fx32wsz9-lj1tFec0pJ9P5VWWCeGSP5xbkoCqTyhDtxOBBLyEDRXq3Rn4RjktQotYiR2lukXk2h1IaFM4xBlOWU1XCW1Fl0m7oXIBwvEAZAJv7TDYfG1jNGdOZSatkazGA081BXpCG2MLqd3puaqYzIEuspROzTB7q4zycwMfbkS1AjhJiwLo3ZCuJ3yoyaARTVRDl01AhWPwgNtgx_yX7mlGXQKxW4zZV2UAcK3Vk_1PGhswPtbMCveCbg6d7sQiwaghxbkeE3tk6bTr_j43tLTbZx8QQ0zeiLKV2ggPhpPTwCcb6LtzbBFzgi65PPA-QJWq505PJcXCah2MCqanKbFZa-XdM4hZwJpmX0XJS0s7grYJ3Wkh86Nii3sPn3nrA0wYqW_S3j53agLJO24e8qNXvHEpg9wWdFql1b4ldw7PRRLEFaOV_XvRB4-s1RMmQbsM1U5x99uJoA7E5BDqd_kJFsXwDNHMLcMAujVNnNZRjOTBGuitYgBwSqvg9K3pug3Z7JK-FIigsmRK6JR40tjVsz8yHM7ok721p1mKIsxbcJ4SLDPsKkAsyhw9glgRm3rtkjmQFzMEiJBdWtWSwlZZALm8qV_6mDKHQltKKf56HCQKRvRWapyMeXh_WgWYUraM534O_StnCr52d6ut2LipuTTHoJEKQhzpHvI-VP_w3lFIfYOauweAOrVvsqRxIS1EwgUTul0JGsnRxdwLlmvWcEvbJ-Hwe-v62r7wVlE8N9NcMOB5POD37dztrR6STnywcoXA8uPhx2RUyN4wRuD34Xj55-6UQgL5r20giaVc_B41Ugaoj3YZ-FjUzdhylgSgaorrGDOmfG2jWM2vYr5x_dK3yKTj060bYeJ0LzYf7Jc9_le8fqpsvcGcTLpBK7tB0fidQbSbJu_1ZZmmfP-cp6CXIA287BmoOcufO9GrDKq5oURUGlrTjdxjwWqDdc4r3Xtxe2FR-gV5J3FtF8hI-FskGfmLAViG6gazBBlifpGz4OdDdZeCISR9dZPNq0klATtWP6baaLq42DQ4ug_BULb3Jl7ZCVuaeXPQE2JzC9iAMAS9TTBQiJN4biKi0W4vRndoOXoERxFA_yFkn2bgASWIT034s1rNvBMQ9XrGSakSgZk0bzt-_eAA_CgUkPUEdDpPhRyBpYDhAdKboNgqIV0o0zkV8OqxHBoxnTyJl4CzJspG2yP9iG0-lKMyCcRV_ZvOL8FdCy1CN7f2-oKIJYCQzP5TKgGQ-yFTvOXwP6-E2j_OOgu2f340UPxTLd-Dsu2j4zSR5IX19dZFjIjLWj9iZQ-S6xw1_0KvPkNwBJaEeuWa4oXigseGVruyLlIm_0slaH3VtSxKR_vho5AQvXXMBqGQG2-4wqfswtU2TeBApSc4FlQYsuV-ah0r8PAtOo8da0XF8gOqgS5zNx6VQ02rvtNoApUnx2RJfeCmBQfcikqzZazYuO5BEveX1fr6eHp9zLi3l9yYNpe6Ae8pybyJ_sfoPFSfRawkqm1cTS2GhLoh5wnTixVVabnLy9A8rbb4nZ40TKIkmy8fcbnsB3y7RcZ_a6_GMulkW2D7xBXqrZZXmI-m5BCHAMT-X1wQXTb5igmSRKb4AirKvdPMGZmkWjDSK7LqW4iCc7v8vQSkw4dc3nXWgVQgOAc50ik-whiOnIClj_hmyd49yhnC87OFKa7Y29F_ReG9urorGHQfurreqVve8jA49Ty9WmZ&cid=CAQSPADICaaN497VuSPRiP4jYTcbr53e81Z62-99CFuBq7-7OfviOWxcEgHdRX6HzCiqb44QQ3Awi7KVhcKbfhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=2597981467365244400&adk=3944675600&idt=237&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
138566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Oct 2024 23:31:37 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CC2C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
87091
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
29okurnprew3
hal9000.redintelligence.net/zone/ Frame A6B6 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/29okurnprew3?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DConmnHRMgZc2pLMnQgAegpa_YCpHB0Jtpm-iDktwP8C4QASC6hMAzYPWFgIDUBMgBCakCCIfFM7W0sT6oAwHIA5sEqgSZAk_Qf-wo488gW71uJQ2M6nAtTGaqU4anEXW1qxLGyaTTAwX4SEgqPWECpQWxgKYnB7nV7D6aihcpRvEE-pYf8YUjbfjsvkhvkxsPBwmqSCt9T6yqNNTsNiyEphMCy-hOIctV33atpv8_gVtqk2XG9_2jG570ujmmQLYZhX4G-MgO4GkzgJX1LiHVzQH9sH6_rx2Ss8LyE7DUMcbUAIw0SaT4_MJ5qHu1TmuGzE5Ws1tks1y1wFx6w61KzQ9CWb-tFUwOYzT_NDXQvthIXKzC1STUVfbmCdTM2cyQsTSZ4u268pf5K55gPvt0CmWQykvfhScb2JBPT12nr9YeHoRPcig-RmEWcivtxPk26zE_zDKj8W7POHnUHKz8wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCLu6vt3K4YEDFUko4AodoNILq7ATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjazB3crhgQMVSSjgCh2g0gurEAEYASAAEgKncfD_BwE%26num%3D1%26cid%3DCAQSPADICaaN497VuSPRiP4jYTcbr53e81Z62-99CFuBq7-7OfviOWxcEgHdRX6HzCiqb44QQ3Awi7KVhcKbfhgB%26sig%3DAOD64_3hjNicwy5w07na8yHfLPT8dwGpeQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CFOFzZcB-Skt5KpdDDsXPOWATr1Go_DT8BxYRKs9fhoxY6njSf26grbg6OppUvIz4-s6a8wyQdCrnSFLhj7EBrxpo2WWJIWLt4OTPWKPV49ZNfNRMY7YrtlXcicL9o8uDJlzV5Z99NrneLRhZ_vzzvLzLLBimV0sMJpPbtnAqoe4p9Z2g%26cry%3D1%26dbm_d%3DAKAmf-CQeRbneBXVuDWCEOOMfYXUm40N2NaJX9IzPFySlCpz_DK7gHl5cI0Hx29LgpV3SWCZs2i5jtpYROYRcdTPBOOVGDbt-kYJJSzeVH-bxd2BWky86ZzBgs2mDa9FQ09kC2XFKeud6vJMtxsdg0hYbGxu0apz7gNQp0nieMs3wwnz8VAiaOgaWdstqEyBFPQVuKOl8p5zzAThqPaNihMwa7NOHC2YtvTkSrc-NGEeCqmuIta_6FD95rrzFnzYI-VRlsNbwNN5xeTWxV7JzWgfsZTgQXYZ1vEjNdKxI9Xd_nLkQjikGNnZ5yxEHO39UcbJFunyBuETZs2KWjhTgsaudIToklhQ99dO8VHWjGbPjSHJ9jA22Gco25t8cHEGFv9uQ18VfkEclyzNqy13wpPqz94JyesbWfSOgWCPXRVE2dkyBD7K0nBe8EqoNTJdOAV7WANHQsO5lSrAnEi_qNfb1lfU2iOQVEywRndAZISSrYBRXZJdXugh7M-4eb5EtVn2ii_DoEVyvRoK_ALCua53km1gIwAq0pawVbdvB7NImWnaEykIAT7Sa06igEwfqT3ILFPWfwxXeRhIHusVSLmXo11lYTizGFOEk0VJe_Hw_1VMb01QPQvTSIYw5QH7Xsg2slsaSDKfvybDPL5pFrCeKTFdS1NVWerbGAWmecdnaOoh0VgWN4v5QZRkWP9yx4g-5tnbmZ0m_0cxpu06UTH7wrw9uXTF3g%26adurl%3D
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2cd717e3d8c177eb4a61fea6e17eb9d93b1807ae008c26bdcd317391d895ac72

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4403
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame B2FA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=enuUuFUbSkGNxqOr61lvGQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=enuUuFUbSkGNxqOr61lvGQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=enuUuFUbSkGNxqOr61lvGQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SY8WSS9ZKX4HF06EBDAD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=enuUuFUbSkGNxqOr61lvGQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B2FA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmU4Y2UxZGEzMTMwY2I4Mzk4YzhmM2M2NDE1MWQ5ZjdkNmU5YmUzOA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmU4Y2UxZGEzMTMwY2I4Mzk4YzhmM2M2NDE1MWQ5ZjdkNmU5YmUzOA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmU4Y2UxZGEzMTMwY2I4Mzk4YzhmM2M2NDE1MWQ5ZjdkNmU5YmUzOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame B2FA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
setuid
px.ads.linkedin.com/ Frame B2FA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNEOCGWP-1F-LQJT
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNEOCGWP-1F-LQJT
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 78291800ED6B499AA4C839BC8481170B Ref B: ZRHEDGE1816 Ref C: 2023-10-06T14:01:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHDKvWYpvHWKcBnZq6Cg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNEOCGWP-1F-LQJT
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B2FA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-BFMNJXIVA3G9Haq7qY4Ycn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RoYJAjFE2oIOVPL7H1DBgqwJsu8gVYcYL34Cmg--~A
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RoYJAjFE2oIOVPL7H1DBgqwJsu8gVYcYL34Cmg--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 06 Oct 2023 14:01:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RoYJAjFE2oIOVPL7H1DBgqwJsu8gVYcYL34Cmg--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B2FA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lrJm7awPTgmX4BICVF-Nnw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lrJm7awPTgmX4BICVF-Nnw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lrJm7awPTgmX4BICVF-Nnw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PZE8PA5NFASHEH5S8KNZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=lrJm7awPTgmX4BICVF-Nnw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B2FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpYhAMcqJo-AHq-cKFIjcs&google_cver=1
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpYhAMcqJo-AHq-cKFIjcs&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpYhAMcqJo-AHq-cKFIjcs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B2FA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5FT0NHV1AtMUYtTFFKVA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEPIHEUO2B5mVijzMHrHtAY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FT0NHV1AtMUYtTFFKVA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FT0NHV1AtMUYtTFFKVA==&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FT0NHV1AtMUYtTFFKVA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B2FA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADmK07KQCYAABeXLZj-Hw&expires=30
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADmK07KQCYAABeXLZj-Hw&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADmK07KQCYAABeXLZj-Hw&expires=30
Date
Fri, 06 Oct 2023 14:01:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame B2FA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=abaa872d-7377-4316-b98c-33221f78225c&expires=30
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=abaa872d-7377-4316-b98c-33221f78225c&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=abaa872d-7377-4316-b98c-33221f78225c&expires=30
Date
Fri, 06 Oct 2023 14:01:03 GMT
Connection
keep-alive
X-CI-RTID
f7e0bfa9-8f5a-4992-8c8b-ea9b7841121e
Content-Length
144
Content-Type
text/html; charset=utf-8
liveCS.php
live.primis.tech/live/ Frame B2FA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNEOCGWP-1F-LQJT
0
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNEOCGWP-1F-LQJT
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Server
13.32.99.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-61.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
content-encoding
gzip
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
HmEP4NXJhTfAgtIFKYPHpEZsmPsmNbYdUVfjfnOz4CgqyuP7BBYlNA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNEOCGWP-1F-LQJT
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame B2FA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNEOCGWP-1F-LQJT
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNEOCGWP-1F-LQJT
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNEOCGWP-1F-LQJT
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNEOCGWP-1F-LQJT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
ib.adnxs.com/prebid/ Frame B2FA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNEOCGWP-1F-LQJT
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNEOCGWP-1F-LQJT
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
an-x-request-uuid
5c5a1a59-0ac0-4ea8-8c70-b86a72d12bf4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNEOCGWP-1F-LQJT
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
cksync
hb.yahoo.net/ Frame B2FA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNEOCGWP-1F-LQJT&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNEOCGWP-1F-LQJT&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1TOEpnTm1GRTJ1RVJjQnhDUXpYRkhGUDFqNkJHN05VeH5B&ovsid=LNEOCGWP-1F-LQJT&dpid=58160
53 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1TOEpnTm1GRTJ1RVJjQnhDUXpYRkhGUDFqNkJHN05VeH5B&ovsid=LNEOCGWP-1F-LQJT&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Server
23.48.23.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 06 Oct 2023 14:01:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Fri, 06 Oct 2023 14:01:08 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1TOEpnTm1GRTJ1RVJjQnhDUXpYRkhGUDFqNkJHN05VeH5B&ovsid=LNEOCGWP-1F-LQJT&dpid=58160
date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame B2FA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=2uwBx8lOTPlMXR8UyIWrng
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=2uwBx8lOTPlMXR8UyIWrng
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=2uwBx8lOTPlMXR8UyIWrng
Date
Fri, 06 Oct 2023 14:01:05 GMT
Connection
keep-alive
Content-Length
116
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame B2FA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=af0bba0e-0554-4653-aa34-88576835f9b8
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=af0bba0e-0554-4653-aa34-88576835f9b8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=af0bba0e-0554-4653-aa34-88576835f9b8
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1551877
content-length
0
expires
Fri, 06 Oct 2023 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 94C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_DIKA5fWNc8JSZORhnuvRVNAdgY5wz4Oth2mOcQQLLfb4B8ZGGjfxxOIWeEWXrPT1coXYA1CbO7QSZZjS9Yed92QUCebRnsWX5ARX4SulB7GHr8TwkXZ-u5QXG1oqLcux4H5NiafDPiZYM8fPFjywzO4t6SWe4TsPR2I9Q5vDliQMrGz_9bn9qzb4nEA-j-YSvAthJL9BTPbxmQ6M-cWiTEM0H6zXTrA-2x9SY-z7EEyF34pVsh0dlk_Qy5qUk-wPpciz0YmDb1ZyK74yU4O0atHDnlR_qqbI5rLcX0UkDTvvu9XlPrUV2Cpjv9QyXJqSAA&sai=AMfl-YTxJBoMMS-q0PWRx7yOiYiZE1cl-S2yJeAxpWCGPb9_e4e3m5CcA8naGDzkObgpYfcjFf6Pb4hOq9rCoHFwKDoOr6PqLdJn8QtsoBKfKWeaDE04gqJHCUCWkQmKuIs&sig=Cg0ArKJSzKO92HSBXtJhEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 06 Oct 2023 14:01:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5499 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310030101&jk=4076299621344905&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 3CBC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 12:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
4394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Oct 2024 12:47:49 GMT
17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
pagead2.googlesyndication.com/bg/ Frame CC2C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
105831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 08:37:12 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame FC10 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
134072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 00:46:31 GMT
expires
Fri, 04 Oct 2024 00:46:31 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
pagead2.googlesyndication.com/bg/ Frame FC10 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
105831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 08:37:12 GMT
generate_204
tpc.googlesyndication.com/ Frame 3CBC 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1pob7g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
request.php
hal900010.redintelligence.net/ Frame A6B6
Redirect Chain
  • https://hal900010.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=97f363118d&subid=&uid=b3446b1440ed68e3&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900010.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=97f363118d&subid=&uid=b3446b1440ed68e3&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=97f363118d&subid=&uid=b3446b1440ed68e3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DConmnHRMgZc2pLMnQgAegpa_YCpHB0Jtpm-iDktwP8C4QASC6hMAzYPWFgIDUBMgBCakCCIfFM7W0sT6oAwHIA5sEqgSZAk_Qf-wo488gW71uJQ2M6nAtTGaqU4anEXW1qxLGyaTTAwX4SEgqPWECpQWxgKYnB7nV7D6aihcpRvEE-pYf8YUjbfjsvkhvkxsPBwmqSCt9T6yqNNTsNiyEphMCy-hOIctV33atpv8_gVtqk2XG9_2jG570ujmmQLYZhX4G-MgO4GkzgJX1LiHVzQH9sH6_rx2Ss8LyE7DUMcbUAIw0SaT4_MJ5qHu1TmuGzE5Ws1tks1y1wFx6w61KzQ9CWb-tFUwOYzT_NDXQvthIXKzC1STUVfbmCdTM2cyQsTSZ4u268pf5K55gPvt0CmWQykvfhScb2JBPT12nr9YeHoRPcig-RmEWcivtxPk26zE_zDKj8W7POHnUHKz8wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCLu6vt3K4YEDFUko4AodoNILq7ATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjazB3crhgQMVSSjgCh2g0gurEAEYASAAEgKncfD_BwE%26num%3D1%26cid%3DCAQSPADICaaN497VuSPRiP4jYTcbr53e81Z62-99CFuBq7-7OfviOWxcEgHdRX6HzCiqb44QQ3Awi7KVhcKbfhgB%26sig%3DAOD64_3hjNicwy5w07na8yHfLPT8dwGpeQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CFOFzZcB-Skt5KpdDDsXPOWATr1Go_DT8BxYRKs9fhoxY6njSf26grbg6OppUvIz4-s6a8wyQdCrnSFLhj7EBrxpo2WWJIWLt4OTPWKPV49ZNfNRMY7YrtlXcicL9o8uDJlzV5Z99NrneLRhZ_vzzvLzLLBimV0sMJpPbtnAqoe4p9Z2g%26cry%3D1%26dbm_d%3DAKAmf-CQeRbneBXVuDWCEOOMfYXUm40N2NaJX9IzPFySlCpz_DK7gHl5cI0Hx29LgpV3SWCZs2i5jtpYROYRcdTPBOOVGDbt-kYJJSzeVH-bxd2BWky86ZzBgs2mDa9FQ09kC2XFKeud6vJMtxsdg0hYbGxu0apz7gNQp0nieMs3wwnz8VAiaOgaWdstqEyBFPQVuKOl8p5zzAThqPaNihMwa7NOHC2YtvTkSrc-NGEeCqmuIta_6FD95rrzFnzYI-VRlsNbwNN5xeTWxV7JzWgfsZTgQXYZ1vEjNdKxI9Xd_nLkQjikGNnZ5yxEHO39UcbJFunyBuETZs2KWjhTgsaudIToklhQ99dO8VHWjGbPjSHJ9jA22Gco25t8cHEGFv9uQ18VfkEclyzNqy13wpPqz94JyesbWfSOgWCPXRVE2dkyBD7K0nBe8EqoNTJdOAV7WANHQsO5lSrAnEi_qNfb1lfU2iOQVEywRndAZISSrYBRXZJdXugh7M-4eb5EtVn2ii_DoEVyvRoK_ALCua53km1gIwAq0pawVbdvB7NImWnaEykIAT7Sa06igEwfqT3ILFPWfwxXeRhIHusVSLmXo11lYTizGFOEk0VJe_Hw_1VMb01QPQvTSIYw5QH7Xsg2slsaSDKfvybDPL5pFrCeKTFdS1NVWerbGAWmecdnaOoh0VgWN4v5QZRkWP9yx4g-5tnbmZ0m_0cxpu06UTH7wrw9uXTF3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=929797617870&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0375020bc89c561662048d612e0a9d095c569bfd55ade90c607b0870f64396fd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
95442100072044304438466012469010
Connection
close
Content-Length
805
Expires
Fri, 06 Oct 2023 15:01:04 +0200

Redirect headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:04 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=97f363118d&subid=&uid=b3446b1440ed68e3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DConmnHRMgZc2pLMnQgAegpa_YCpHB0Jtpm-iDktwP8C4QASC6hMAzYPWFgIDUBMgBCakCCIfFM7W0sT6oAwHIA5sEqgSZAk_Qf-wo488gW71uJQ2M6nAtTGaqU4anEXW1qxLGyaTTAwX4SEgqPWECpQWxgKYnB7nV7D6aihcpRvEE-pYf8YUjbfjsvkhvkxsPBwmqSCt9T6yqNNTsNiyEphMCy-hOIctV33atpv8_gVtqk2XG9_2jG570ujmmQLYZhX4G-MgO4GkzgJX1LiHVzQH9sH6_rx2Ss8LyE7DUMcbUAIw0SaT4_MJ5qHu1TmuGzE5Ws1tks1y1wFx6w61KzQ9CWb-tFUwOYzT_NDXQvthIXKzC1STUVfbmCdTM2cyQsTSZ4u268pf5K55gPvt0CmWQykvfhScb2JBPT12nr9YeHoRPcig-RmEWcivtxPk26zE_zDKj8W7POHnUHKz8wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCLu6vt3K4YEDFUko4AodoNILq7ATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjazB3crhgQMVSSjgCh2g0gurEAEYASAAEgKncfD_BwE%26num%3D1%26cid%3DCAQSPADICaaN497VuSPRiP4jYTcbr53e81Z62-99CFuBq7-7OfviOWxcEgHdRX6HzCiqb44QQ3Awi7KVhcKbfhgB%26sig%3DAOD64_3hjNicwy5w07na8yHfLPT8dwGpeQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CFOFzZcB-Skt5KpdDDsXPOWATr1Go_DT8BxYRKs9fhoxY6njSf26grbg6OppUvIz4-s6a8wyQdCrnSFLhj7EBrxpo2WWJIWLt4OTPWKPV49ZNfNRMY7YrtlXcicL9o8uDJlzV5Z99NrneLRhZ_vzzvLzLLBimV0sMJpPbtnAqoe4p9Z2g%26cry%3D1%26dbm_d%3DAKAmf-CQeRbneBXVuDWCEOOMfYXUm40N2NaJX9IzPFySlCpz_DK7gHl5cI0Hx29LgpV3SWCZs2i5jtpYROYRcdTPBOOVGDbt-kYJJSzeVH-bxd2BWky86ZzBgs2mDa9FQ09kC2XFKeud6vJMtxsdg0hYbGxu0apz7gNQp0nieMs3wwnz8VAiaOgaWdstqEyBFPQVuKOl8p5zzAThqPaNihMwa7NOHC2YtvTkSrc-NGEeCqmuIta_6FD95rrzFnzYI-VRlsNbwNN5xeTWxV7JzWgfsZTgQXYZ1vEjNdKxI9Xd_nLkQjikGNnZ5yxEHO39UcbJFunyBuETZs2KWjhTgsaudIToklhQ99dO8VHWjGbPjSHJ9jA22Gco25t8cHEGFv9uQ18VfkEclyzNqy13wpPqz94JyesbWfSOgWCPXRVE2dkyBD7K0nBe8EqoNTJdOAV7WANHQsO5lSrAnEi_qNfb1lfU2iOQVEywRndAZISSrYBRXZJdXugh7M-4eb5EtVn2ii_DoEVyvRoK_ALCua53km1gIwAq0pawVbdvB7NImWnaEykIAT7Sa06igEwfqT3ILFPWfwxXeRhIHusVSLmXo11lYTizGFOEk0VJe_Hw_1VMb01QPQvTSIYw5QH7Xsg2slsaSDKfvybDPL5pFrCeKTFdS1NVWerbGAWmecdnaOoh0VgWN4v5QZRkWP9yx4g-5tnbmZ0m_0cxpu06UTH7wrw9uXTF3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=929797617870&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 06 Oct 2023 15:01:04 +0200
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 06 Oct 2023 14:01:04 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
224670
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
258273
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3a78467f4364ae0a2660569092ad62bbd89a877c462c520644234c57a133619a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 05 Nov 2023 14:01:03 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9CA1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 06 Oct 2023 14:01:04 GMT
ETag
"623de86a-cf34"
Expires
Sat, 07 Oct 2023 14:01:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 7994 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-39.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
13178
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 06 Oct 2023 10:21:27 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 6750d77433312fa1bf305e9ae7af80ae.cloudfront.net (CloudFront)
x-amz-cf-id
M5BatcFF-zEm8zTOo0cAHslLNIA_PiMNnKqGi2pKJRpZPuLFRzi_4A==
x-amz-cf-pop
AMS1-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 490B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1696600858639
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
30cd473c2780a6d88c7e62f98a4d9892e7f31e31562657cc84283de7967a70e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1411
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 09A4 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 06 Oct 2023 14:01:04 GMT
isyn
prebid.a-mo.net/ Frame D987 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 06 Oct 2023 14:01:03 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
csync.smilewanted.com/ Frame 5244 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
811e6f26c9500e73-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 14:01:03 GMT
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 7C62 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8491
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 14:01:04 GMT
expires
Sun, 08 Oct 2023 14:01:04 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame F91A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
177
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
811e6f29693c23df-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 14:01:04 GMT
expires
Fri, 06 Oct 2023 18:01:04 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame 2CCD
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5763fe32747d20e48e22c49feaaa4edc823fb1b8bc2363a021158f080febf915

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
415
content-type
text/html
date
Fri, 06 Oct 2023 14:01:04 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 06 Oct 2023 14:01:04 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame D352 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Oct 2023 14:01:03 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC2C 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bqtf3HhMgZdS0N56Z9u8PnIOCgAUAAAAAOAHgBAI&bg=!OjmlOXbNAAYMG8UMLBs7ADQBe5WfOI1ScgkYOJ2iyhdE8WHdEhug8eW0JaWP2jy2Z_4sh8OehEdYp4Q5bQJGTLLKyzzoAgAAAK5SAAAAJGgBBwoAQgUFjsEXCMRopZL1Sqlajuht_ihT3PbNh5eTOGv7w-Sjng7lsHVx2brW2hdItZVB11S4z3ClxrSplhkUHVJrJL_4l5kC1UQt630ZhoEEd8f4Dl3h3Wm5Ap2nJZp6bC-UndRqQl6NuWWz0e-FOW6vkfztPg-pXCmV4ZPAtpyXCJy7zSdz2ltzl-2XK_cJPcEpdKwfSaEc5_LkhQj4ZNdGqXr3YxA_bjp8dORIgahAncFHFJnV64HcPFCuja1VgmjGYu-7dGKxSGGGWDvNK4yHqTGNVGTWe_Uig8Ma8Boacyaumzg_ermiSJWOLWeHum5-EA6Ld4RnqB-1--Gwz3myLm34ETvSO8lia-cSn9c3oHovwJvX0yTZcqhq8ZYzmcT_QgfjmvUiM-Mo-kt0ikfEoNOGkhQl25bazfWLnyVK4cGhtK2OhjadOiNumxqP6AS1iFdjTk47HkQT7ZF7vGB1ow6V4aI1G1gnwjN3Tgmvl7OSvmIcO5hDwq-zWElrUyvc23or_mYQTBdaklgj0pjxbRQuEIr0CvMVJHt8-9ntKM4b02BZiyqrwVVygwQKPsI6-AbXiPVfV1gnbI-JBm-PyRae3kJVF97tggYSWWD4zJOMjMAViNr15cbJyUpZP-6gOHd5VlU3tawlxElzqx1L6Mru34X4rR3i1Eu1d5UIAv93KVmxXbRWBnGg3B0DNza6vLxX-ZZ_X5gwfLC_3n0lcqyB2Q4aC5ca2m9m-v0UPTeTp5tJDyX6w5tLoSD2EGjR962uFE623EtAbTF5WKDW3uTBYJeWzpSm7kFfGL4yuUMhxHWD-zrvUcau4nJKIkG2UEQ3kpOhH5Kw2xnSF9xylLouQs25Chfeg_twuzWYgoNqHVslm_biRDmFxdH5XV5rPfTnsbXafV0kobUdB6_Rh6ZBL9FhWti9WP6yeaXAuFPaK6TdWaNiycxEciUVvQm-9fZbvblIIdg3G5xMo6Fk-ZbeaxVkhavZ3zAnFVQeXypRMaFwUmL5dplUvG1LiZPeTVY-WaK9bd_apKhRJWPwodPbMDJ9NYO62RRv
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aam
aam.a47b.com/ Frame 94C2 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aam.a47b.com/aam?asid=72282255&ad=194756474&adv=10329096&ca=561916012&io=29799490&pl=371246874&ra=3304491912&rid=194739342&st=7724564&tti=j&gdpr=0&gdprac=&gdprc=&dvg=ct=CH&st=&city=0&dma=0&zp=1585&bw=4
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.212.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-212-86.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e1b433c0ef873bfdac5483fba7997d5b86082b24e4896ad267d8bc7cf5846f23

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-encoding
gzip
vary
origin,accept-encoding
content-type
application/javascript; charset=utf-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94C2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:03 GMT
index.html
s0.2mdn.net/sadbundle/7405412422785187387/ Frame 34E2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
ed0b0ec7db78d71f3a334c7107ddc3188053be12f33f374a28bccba7348e4e58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
143396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1472
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 22:11:08 GMT
expires
Thu, 03 Oct 2024 22:11:08 GMT
last-modified
Thu, 06 Jul 2023 13:55:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 94C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5FqA917w4h3qaPMST0yM6JPDjYg3LmGguTmK3eznXoCsx5K6k9R7O-5KDQLkh9k3DXT26a7JiysDMcFmYdX7C3e-x_XeGYtlW-J9KZPi0xXHRmtpZ66irFp7aD5OR-oCZ-YA1KOkPIEy99JXLIfs0tXeZXgD4Cqe5FVwbAw7-CoclH2-ci25wn-VHqmdqIQf8UZKbf8mSuy0&sai=AMfl-YRqLC9IuaS7rGVVtDDT85yy0WXReLOYXPV_sOu-9qp78eFUyU6FC99W6BF5lUFUv5QMiVUXspvFy7PSf8A5FHmcvix1GEjf_dP8owpqiS86NkAxPWeGwqFZsK49YoSYvTok964wKhTmFagZOl_tYpyFE1wCFJ8zpQ&sig=Cg0ArKJSzGYVxV-S_xOXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=802&cbvp=1&cstd=796&cisv=r20231004.43286&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
09/22/2023 01:09:22
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
72f03693a817867b64ac910315a00bde
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-167
cdn-cachedat
09/27/2023 15:06:24
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
a35da0c856f044eef9bc7edb69ef3d5e
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-587
cdn-cachedat
09/10/2023 07:57:09
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
40851f0319ffa8f70d92922b77cf3e37
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-676
cdn-cachedat
09/22/2023 01:10:25
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
81d7b571eea0fc3592511720d2ccdfa6
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
a3b12889-d2ab-4f28-9707-3a1435bae165
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/a3b12889-d2ab-4f28-9707-3a1435bae165
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
img
sync.mathtag.com/sync/ Frame 490B 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master cdg cdg-pixel-x14 config_version:"1438" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:04 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x14 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 06 Oct 2023 14:01:03 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 490B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 490B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=629782633211601364
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=629782633211601364
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
an-x-request-uuid
78d668eb-ac90-471a-b550-043dee1510ad
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=629782633211601364
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 490B
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:04 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696600864431046-578
Expires
Fri, 06 Oct 2023 14:01:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 490B 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=yh9WQ4MOgzp9gfo6XnklP5O7c-QhLb-JcLPctQJNLEY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 490B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKtQxExKpSD_3K2TGXB6Vk0SbuvkxgQA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKtQxExKpSD_3K2TGXB6Vk0SbuvkxgQA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKtQxExKpSD_3K2TGXB6Vk0SbuvkxgQA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 490B 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:03 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 490B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 490B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=7QL-VJhUPQb_0Zhx-CNgCJtdt6g-dLLfsjtRcCtnX0E
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=7QL-VJhUPQb_0Zhx-CNgCJtdt6g-dLLfsjtRcCtnX0E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P50VCTHN88XCGEW7S19D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=7QL-VJhUPQb_0Zhx-CNgCJtdt6g-dLLfsjtRcCtnX0E
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 490B 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:02 GMT
content-length
0
/
onetag-sys.com/match/ Frame 490B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 490B 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 490B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 490B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696600858639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.51.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-51-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame D352 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 22:01:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28749
Connection
keep-alive
Content-Length
10539
Expires
Fri, 06 Oct 2023 22:00:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D392 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ce9Ot29yeAkFpL2sk10umyXsBPN_KageV_av698B86W76pi04ce3kMUz8RylLK5a2JFuxLwrPeYA7N5yQywmTUiPlYaJfA4OiuQlADgQZI77t5_Nc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D392 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11845278548570988601&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D392 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D392 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:29:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D392 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
1644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D392 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 14:01:04 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4C8E 		611 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXOF3RR5CJEVeH9Z96fOBh3vqslhhBLIGnNHHnULh9UyeoMBnpZcNnMitdqHd9_l88PuAOM_Ljel7VZ1DZ4DZfoxrweRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC10 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B701tHxMgZcbLBficjuwP3-ux8A8AAAAAOAHgBAI&bg=!YWKlYi3NAAYMG8UMLBs7ADQBe5WfOLKIWNa7T40WxfbUHzH-NcXvDYSUhCby2sYwvPBplTgFla6PIMPk1ENKhTdwxjWCAgAAASVSAAAACWgBB5kDBT8WXa1aqMjJMz48ruZhutyi_Z7YZKIGFZt4ki83q0iJr_TvzMuRjAEn_JQJ9eiy4_mb0f7C3lEsdXS58V7eN98MyLKhnDZ8W7GjghBqRLVSG4yGX3NFL5such05w3AYYmGpd6lbPw-MkN5XrS51em3NoYF0OoxZ4mypL4tpN38SXR3JdE6vlOec-ILuQh0KIqlkUKY3mUG307utOtb6ZU8wSg3Dv51teEhi5WnZxO48GAqgDnVKB5nBCx2raNzHZOLehXLymn4rnpGw854EpSuNb0T7QmS4vssYaeCx74mq5gVp7nOIyuwHVNdRgtQYOLd7LL7zFxPqH1h8JtJF0fUjCJe4UHNYEZqznODcwhSYbpyPHZyYD0FkgblxWVm7Nx-ir7ZQfEI6lNFelt8KRuc9xuHZUPaL3zKesdVb62w2xKk8SWvpBkVVF5HQo5yETrM0vHkDwozvcQLLujzLv1BxiCOhMuLdniU4QuOBotALch7jM9_7BDVpGwAJniF0LeMXqxPAdHSY-udy3-fKkEyG7CvCTRZDEJW8K9MLGpe13xmaINOhyQdkdRjwHze9FXq7aDcHgHH_cIPtIalUAyzc762JwXNAgrdBssWLsaHqmoiJKhwlokpT0UvWXU6lZ0qKEmbP7vDDnGXDCPPTborXpnRFaRMMR30Coz7_SYrqgZGZINcTxP5B_yOFPUeTDPLQfPXbsOARsoCRidyGH6iqnON9ocZiSEmrIJBrVUDr1cX-dI7c2cwU0rdPZ6LmhStEANHnPLuaFw4xc-Tty3_Qcfa311_k11k0cOvH8IzCTWKp4ib03-pKrBnLtYFCdgTbt5BgJNzOjbjHQkOlKMshbyShKz-BT-azTscxDv1r3Wo2dHdXhC15uPglz3cIrDWYU0AZQbx0Id5KywQqy7Pl2VleF_ilb2EhFFxW7S3-7Jklkv3uawRyi9ZwAoMf1CQ7hvgeeBqINvZ9f3gsPkAo4WiAR6SbcW7wgCVkKdHGGGJgReeR7o6--sj_4F8MJfjRmmZ6
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1287661572;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.ht...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1287661572;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-93179357-1696600858989;pbc=f17b0198-a1f7-41aa-b80f-6d79aa2e297f;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1696600864078;tzo=-120;ogl=;ses=e3e8f5b5-e750-4d3b-976f-b1923ba1ea0d;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 5244 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
768714
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
811e6f296c7b0e73-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 147C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310030101&jk=4076299621344905&bg=!QkGlQQ7NAAbjlzx0w5c7ADQBe5WfOCGPDYirUEL_XHqfyCTj0dC7tj5OGTtrfnXyirLsAvxShwIvGdayzNtx5EdmhmVyAgAAANRSAAAABmgBB5kC2kRjN8wBVX1scZdf90UD677PHNTvL4qm2kZxNU0_pKJiGzASukynON_mTVrdvOhiV_6KS2bA_IXvdrqYJ705Zoy8IYf8pBoyRjbl6jaCAxRuL3nSy1tHJPVvquONNQ-Cmme-bJE_NVCdN7gLt1hjXWGdEUpmou2suX0QKdQnELmGVZD7213ceizNzzYupQ0ew1q6DHF7SnFWFG4qdI4a24GTIRYPDC4t-nGOHSJU3eIyCXVYfq9UN-ySBqC3f60blUouKVhegHOo-uUpQ9q-OPrg99b0neXYQGHbF4oDlWqx2-4k7kLbU1tgnWM1vwzHB1oNIuWrvl3qPPysq6tDk2lwx6u_8XOVL2lj375IHWL1dIfUUMUlfGSRwopM_DDiHk0EOExVFCWxbZVqh6jsSD6sDPn1MY7s57gJcmVwEIVtRhOXA7T8FM0LgXi5wC1yFeNBx44vhemfaTzZQSdcnNf-_vzxfdxq_K_s45RYTWZWLhVSgPkMcsEowBGVbwv7IWsETf4MxtNFaokuKUr2MJ5VTVakE0IzYuZEayUxbPOxvxIveQvez2poqk3QrUrX0AeRjbPPSZbsbOGd8ybv9NywxaZBejNmAu0yVWjeKZjk209GZOzmeK8r2one8OELgVEs6zjo0B4HaGz0k05qpw5Hl-ET5EWa0mR_BTqADSflKeYo0TNA9NlGzZugNdP4EJ6rcE1fBPrcAxcVYrRQuWaYtIeL6OdKWFvul9T9cdXLEEWfJTNDDB0d2ICZ1R_8eVnSNVTeNZg74ZNOffaEOA5lvLU6EKlfAIHnanmHoeL2UX5zXLKqGqbQQujzxJvM7faKyDXi_mrI3e250ZeNClmJ_tUDaHBLX03EgM8Kmcixd2q5aVxB1UYydnFc7chWBkW8dcKw4Whu4BsO4ULWB8aYtzsD4ecVUvlvw3GdMWiA3e2zompL6pgtZIc0KJG9rRiq7LKMeJtBXtM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
34edcdd3917a6ee4fdc252e5c1896228bdea17b40644c2b96c8dffdfcc0829e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92677
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 14:01:04 GMT
js
www.googletagmanager.com/gtag/ 		272 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
93e9590dbdc8f5833f437da27778a68429194a6578e116d1ed21cd30dcf65235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92727
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 14:01:04 GMT
3731eae6-a379-4e46-8f10-f672b469d3e1
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/3731eae6-a379-4e46-8f10-f672b469d3e1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
8f1aa74c-f16e-4c9e-a8ce-84196fb5affd
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/8f1aa74c-f16e-4c9e-a8ce-84196fb5affd
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-34.datapacket.com
Software
BunnyCDN-DE1-1077 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
DE-664
cdn-cachedat
09/06/2023 03:55:39
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
7b644a488e5162b5a4d2b688aa1c3086
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-51
cdn-cachedat
08/02/2023 18:29:37
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:52 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
135
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
3eebb2bb974a8c2ba09d46c73cfff46a
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
activeview
pagead2.googlesyndication.com/pcs/ Frame 94C2 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyX0GS7K7BVCEOwn5Okr0wCpWwLeoKLX2MlLNtrpTKz9zS7KVa75dJAhhgLTkl2eIHRp2PbQmUazV-DRRq3WZiT4t-a3cjU5p0E4Wu2P5PT5uQ-hHmrQTBYtsaZGrJ&sig=Cg0ArKJSzM8JUNrETHvGEAE&id=lidar2&mcvt=1033&p=60,450,310,750&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696600862525&rpt=715&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.594.0_en.html
imasdk.googleapis.com/js/core/ Frame D9E8 		724 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
121618
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237562
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 04:14:06 GMT
expires
Fri, 04 Oct 2024 04:14:06 GMT
last-modified
Wed, 04 Oct 2023 14:44:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Oct 2023 14:01:04 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8EDB 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 06 Oct 2023 14:16:40 GMT
playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 		171 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
NY-267
cdn-cachedat
04/11/2023 16:02:55
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
e894c0d55443bf84c72d3a3ae82a5a7a
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
4000b3d6-fc39-4de2-9979-d41deb87d936
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/4000b3d6-fc39-4de2-9979-d41deb87d936
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
3fe8502b-807e-40a4-a9b6-812e477a1139
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/3fe8502b-807e-40a4-a9b6-812e477a1139
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
ec238e97-9f2a-4ec9-9826-4a7fa642d300
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/ec238e97-9f2a-4ec9-9826-4a7fa642d300
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
setuid
ib.adnxs.com/ Frame 4C8E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOwhv3pjuXVyqpxphd3LcXM&google_cver=1
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOwhv3pjuXVyqpxphd3LcXM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXOF3RR5CJEVeH9Z96fOBh3vqslhhBLIGnNHHnULh9UyeoMBnpZcNnMitdqHd9_l88PuAOM_Ljel7VZ1DZ4DZfoxrweRA
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
an-x-request-uuid
a2ee5d74-0561-4ead-a175-fee5116c48c7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOwhv3pjuXVyqpxphd3LcXM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C8E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI5NzgyNjMzMjExNjAxMzY0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI5NzgyNjMzMjExNjAxMzY0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXOF3RR5CJEVeH9Z96fOBh3vqslhhBLIGnNHHnULh9UyeoMBnpZcNnMitdqHd9_l88PuAOM_Ljel7VZ1DZ4DZfoxrweRA
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
an-x-request-uuid
6bfb2cbf-3274-4eee-a968-1b8ee0fe8487
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI5NzgyNjMzMjExNjAxMzY0
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4C8E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEATVJMhvUNsyL0X-JbQUEIs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEATVJMhvUNsyL0X-JbQUEIs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXOF3RR5CJEVeH9Z96fOBh3vqslhhBLIGnNHHnULh9UyeoMBnpZcNnMitdqHd9_l88PuAOM_Ljel7VZ1DZ4DZfoxrweRA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEATVJMhvUNsyL0X-JbQUEIs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C8E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWJjZDAxNTctOTRjMi02MWExLTRiOTgtY2FkOWZmNTM1ZGQ4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWJjZDAxNTctOTRjMi02MWExLTRiOTgtY2FkOWZmNTM1ZGQ4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNXOF3RR5CJEVeH9Z96fOBh3vqslhhBLIGnNHHnULh9UyeoMBnpZcNnMitdqHd9_l88PuAOM_Ljel7VZ1DZ4DZfoxrweRA
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 06 Oct 2023 14:01:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWJjZDAxNTctOTRjMi02MWExLTRiOTgtY2FkOWZmNTM1ZGQ4
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
13926
g2.gumgum.com/usync/ Frame 5D68 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.185.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d664f539ddbb7708ac2bbb5f3765315c574f697b29c172c6e2e075639d571708

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 06 Oct 2023 14:01:04 GMT
etag
W/"001ccf3c0fa0a5e83f6577e6092320967"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 68A2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
65f4cae6ab4f069d782ef10599d8a3cbcfdc3bb906abb0b0424f3b5e4c3c00c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1432
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 5DFE 		877 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
9e94107a608d453f2db54e1908b56e54db0b02c1404e708ee4e231ecf7127398

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
877
content-type
text/html
date
Fri, 06 Oct 2023 14:01:04 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CA55 		2 KB
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caab777adb978a349550c310cc8236c122b9bda260fc10113cb053a3a4001066

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
811e6f2b5c06f8c9-CDG
content-encoding
br
content-type
text/html
date
Fri, 06 Oct 2023 14:01:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHS3d3kkbskvrwzM%2FDtP6t16xAsuw51eq2XfYZddj2Dhr4t6FB4o%2FXfBo8TsNac90nBOYyHP5Wx%2Fz1e0jK8pinE0RgwyUv4Eti%2BkOIkC9w8igUMUjERe%2BS7OM%2FgqlMI1ffeHqjyQAoJZaA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4678
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Oct 2023 14:01:04 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 06 Oct 2023 14:01:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4822 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36878
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 06 Oct 2023 14:01:04 GMT
expires
Sat, 07 Oct 2023 00:15:42 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 83F8 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
0ad40dc852b7a7c900b5dbf89e044ff0dbb5da5198f669af698a5f7dadb75b99

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Fri, 06 Oct 2023 14:01:05 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-id
EXBZBXHtxjjSobKjrou8FugJXpstHpym_LMCqKj8RvTSqxDmodoikQ==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
7
user-sync
sync.adkernel.com/ Frame B310 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 06 Oct 2023 14:01:05 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 684A 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.178.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-178-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
410b0005ff54f5770ee1cd314fffbf4e5f4ee6343c60709e8dd715ab25360894

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
713
content-type
text/html
date
Fri, 06 Oct 2023 14:01:05 GMT
server
istio-envoy
x-envoy-upstream-service-time
5
sync
ads.servenobid.com/ Frame 7994
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=629782633211601364
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=629782633211601364
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
an-x-request-uuid
04138aca-c5d5-444e-9574-cc5d25b87d47
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=629782633211601364
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 7994
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HcOJsRZHohI4WGdZQTq0Yn_d
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HcOJsRZHohI4WGdZQTq0Yn_d
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HcOJsRZHohI4WGdZQTq0Yn_d
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 7994 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Oct 2023 14:01:04 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
3538602912032252274
sync.1rx.io/usersync/turn/ Frame 7994
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696600864856
  • https://ad.turn.com/r/cs?pid=45&rndcb=6946135067
  • https://sync.1rx.io/usersync/turn/3538602912032252274?dspret=1&gdpr=&gdpr_consent=&us_privacy=
0
0
sync
ads.servenobid.com/ Frame 7994
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5140084927578361049
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5140084927578361049
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5140084927578361049
Date
Fri, 06 Oct 2023 14:01:05 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 7994
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=2564f93d-da97-4abe-8193-99694cc30720
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=2564f93d-da97-4abe-8193-99694cc30720
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-68
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=2564f93d-da97-4abe-8193-99694cc30720
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 7994
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Fri, 06 Oct 2023 14:01:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 7994
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame 7994
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2...
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2...
  • https://ssp.disqus.com/match?bidder=32&buyeruid=9a0070c6-1fba-5217-bd01-8896d8219bb2&r=Cid1YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3...
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-d994d507-0770-398c-b555-49564c04f179&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
0
sync
ads.servenobid.com/ Frame 7994
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 7994 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
sync
ads.servenobid.com/ Frame 7994
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 06 Oct 2023 14:01:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 06 Oct 2023 14:01:05 GMT
async_usersync
ib.adnxs.com/ Frame 9CA1 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
an-x-request-uuid
7458fef7-465f-46ca-8326-93345f9858c4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F0D1 		1 KB
978 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a1bf9a8388b141ddcc6014b2a701c05d32d33d313b04de1530c343e6ce0c90e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
811e6f2b5c0bf8c9-CDG
content-encoding
br
content-type
text/html
date
Fri, 06 Oct 2023 14:01:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEahtPx8i4ETpnIuZAu5R1yNm21ila%2F9aIAPWhReHgCRnM7QdNu9iHk1pKkyqwV6mq2s2hSOmGechD%2FfA%2BLh7neBYbKGvgsWizRcj6o%2FCtjJW1XXNznytxZoHpvSk6xxTF4v%2FL%2Br5ZJRQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame D392 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4751376878631&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D392 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4751376878631&version=m202309260101&ct=77&x=1&cor=11845278548570989000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D392 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1LZGhJjVIyKcVYyN7BBDyiObkCx0qURMuto7vgxt-A46GsuLYQUwP5AzmxWk9BrikhtzP5NPc8oD3dcR27MFMEJFaWFETPzc8VfJpDsOWAEFyMsiZAUdvZiTUBt_21OeHkN8dYSOqr4m8OIQSfKIaN_nmAMh6qWsdgB0UAlI4DSTYSbw&cry=1&dbm_d=AKAmf-ByUgaPk35VGBmPkb1b3vj968VZmsAaz2U5OZZnvC2lNgZRl-RY2SvwHWPZ-Y_8B64Udqjk1lGPXN3TrU7P4J4fHTOr9cW2pIXTSSh-5ITAgo_S_zp4S6BxH90VuuQ60JoUna7vjJiy0MWmqwgj1n__d8BRppeV7yA5MgpuL7ZBppxNWmSg6P-SC-jcHtyO2n8DizVt6FKRD_qwn4zebWCca7cLjJv4F42pvs9uGQofmfP5-nCz9zYej0Z7bZhnKxnJIObO9uU0JLuXgdysqkfI3m_wU9ONmg9QKy0tBhUha2sd4kCbPgVb5xM9PnrDKPLNXsUKPe4M4rGhIi3GrnzyaGIq6vcd9L09fA1fYeYPTbdheuiDYLfZSgCzleKD2_ZBEcEhgzeUphGYGSXyJ5zrzp1FiqYFis1LcgaDUMef9wqb3GZGyiKX2-eX4pHS8dr4QR5Dbfnz3bXPA1hCf-SmRTHH0PWhwxHdupzcQFnnHqysFqKxmKG9xYhdhoz5nIDh8sox5YtoChVzeEVsLG1dGPHTohwXvTHlguk4wtVpT1oB0i6EmwgO9_4x896xbvMj_MVhjRUlCEpNNpcDkbk6_9jakxJg7ArOr4C1e85dsCfg92_tFs-0MIq26mHcBc_5uIxIqX7vS53luaGMLqwcfv4Jk7KdbcChwAEjioQC87jOquG7fv-F7ye_J8E26GOlPM2FrkHc8Lq8p5XCSI_uYtmc66NAQ-7IdiK9d0tjLEY53XYV1JPeR7wvporrxJECr32niRAQf0qkN8hFQDknd1jGdRGBBbI4me32S46_0AgCkGeiImGWZg7lM29jZijc_rJCNmksiHjy4h0PzlRBzyxgTx5kRuuP4DjM7xe-c-LRKt4SiKYz8_xvKywhtDY9rXgW0EVxJhj9KEYVYQ1PuXgBTNpQllUrRemAjsxqKtO7UXz1dLkZ9tpYQmOpqkul-Y0ZSmH3qM0iJe3hHf97C7B8KzxytMI1EyOKtcSpEyPKgZpMosVATNJP7KxWcVQP9qdLPp-QUAKufwwLZFiKcciO60LKiUZC8L7W_lDSAnBeyVaiouf8mafEEBWdyOij8gBkFfw_HBSLWooA4usOpBI4SDYaabTSi8KNO6N2wkUb5TJ4OZHSA_PfJYVrzydk40lkqZVdU_Ntw8LeEx2Rc7zOsDlcB27Ae2FMNI2m5UL5RaTh0CUya6drcYnkwlYg0Tesa_xW3cJsSNdSiKSDkd0YAZL5HT4lTNzyU5ITceC1HrCvQLEM9JaE7_suaxPFxAZwZZJI_qnLi-KR_dI70TK1-J243R9y8TvMJmt9-Q98EDCzWzj6NZmU9qHKJtuPOtiZ5OBUYBPf2Tvdk6z7dNxnl1nodZaMwGmdVD1Vme1RXrNgKD7OQwNlQYOicZGgQD6h3YN5JrnK-SQAz0ZSNpfOPuhaLeazpNKOqBDsTwr8KGXHpshqE26uQKzXJb-8RNhu2mLNDjYDwh_2bfk7h5qC7CDmsMujSkK2aBPln_p6xbYYoZYxsqr0d9t-0bcWGFxAciibIew4xiY1gHzlKvfk78-z755OVQfGFnmFIaz-kBcoxeSnWkFRrqdwQ4ncrnfoaFJfVIUAFAC9-hu_4swoWxJn-grRJdLiV__FsB5ovBesJEriBXINev-x0x_VpSLWIgYtIsFgpf8HMEh4gC8rQbt98UbOiv0dnDqP53Uiz8n74gOAtaR46cKlpajEyVo-nM--aba1DR3ZSYlzovTW09ufkLgLswGKglBchcE1yWNbQUJ2ry6saadaC0jyyPwJyJwsH-G0w6k7bmRblTZ1LvSlo4GUxGM8UUD21qhky1etoahUu2fzQ-CeJIqBMmHdEW_dNoAKrpyQaD5_3FtesxJra0QcyAzao7_LGwI0d0sK4L50NLUErbxdZNkJNkrb715O11qkoWKD7No0g4FJb5er4y9O2EVXpHp0x4BAZ8h7D5JcBco8mTQ6BOmZOD13juIA5ieikXpUkaM58yBBfePS965VreVfnhbzjthddOKs3Kj7wwLa63uiNRfD41ApKdhIBnZhLS1RVCVqMLT7KdW3-9ulYz28IwOFeSYIwUDsjSd8Q8yd0jG1aqIj6ZHPCyofWSylQ9VcIcszLLS20mQ2bVpK3eU0r1iwqyPnQcTURD3DAgvha20aGPwjzhe7MwJkBm9pUYUONY5l3MR9gRd8qutJyX0oQUZPRaG2ncBlA3v0Bz52fXjjkhZvQ3gaBmz19ms_qbrlw941NR24Mit5i_vOt-xfYs9Y8KINNfAJzW1A942W9AqaFTyEHITaoFOSp4GqWGcYszA6djY4Sn8L8WJbBCHlRieuCwAn2x4-EKSbZxQw-Rfq_AzcCh8esEUIYiU1blbA1of_XGCiUCer96R-W1io46XfNQNPWQ5of8_kUv2yPKpMNueoPR0mOvu3i0mZwIwzpkxFPybu-3A6UX9JcvkZTsGGgik_z6_ZrmrsPVsNLV6p8HUgybii0Emj7DZihz3zZ8sBCI-uBr0_qOs0SojN6J59wC4hwn6xrwXna0nIjZKR5u71UK16AOzt0EmjjVROMONhm3FStkX5eZEGIPFdzhizlGpoVP31aPd3vgSgDKfs2ZSj4_mszWxaXhaGLk888hrOYc5sL-fkxTWB1GUQWt0lU5s1ngPgRWEkNpiCYPj9slSso6BLFA3NZEAuvYmcWXrksmFiCgtWOUJYoN8MEINeAX2CxwfCs526hlv4mAbQe9tbUcpXIW8u45ab2OHackymjGbJxAbZQFZ3-c6Udu-2k4pjh2ljluo9sbfjcQXOcZnUfvgu7o19vhc-8tGjdBCpowwyxkmgQNoUqMRj95G8NKFpqKmqzFm8A5pGPmGLODVARSQeikL4Qk-96scmI7D0oG01dGu7roLNOEONhBeKHCgfHU5XuaoQpPWFxz7ZF-9bpEEuYR39pH_b3hUZU2zTrg--jMcqrPa-gxreoPNFe9GTuT_HfSm1J1lKxmB0st8EMkwOrlFSN96i1hJ-dTxlDkXUbkvZJsAxe5DlNzTVHqwpX5K0aqDUdKW6wL8_raYyKtp7cspBsxSf8fuH1qoB7n9__RkM1DYjvGLctyb5t49-9lwg4DshRvYmV_I4n4rgqCmYy7cNQoPluMiKFh30zpQcmfQTcGN6JITG1BjmLX_xqcaWQb_k4HoSCg2UCMDvmsiY2ccCXtlLGpWIQKNM4yofH7UlbQG8IRhHe3PUkNtjJjF6hYYaJbRILvYgWRJmCjnu16OaxVFJzs8LX6YBlwfdzzrRAuwiyb_5ikRq5WpTWlEZPjfzeQSutiOkS4m5H_d3EIH4YmyKvucvAc0huDvEFcBVI5rWjfmwSh-qwNZP4k279WOivdeMCH67wxEkCOg4HGtXvPtNW5tjwIPVGL7FdP5tnVO7XxXO2kkcGF3FF18U_pjAmZNOjg25vZFovlGvvvaHghQakiTRbCQU7iNfMwbDs8xE-ia638JTzPEZKb2XCepMToHEoIkpM3UDvZdzs4uEPRZXEpAI-kpt92N8S_cS0ywrOJJBSkYE59ON7Evuv6GQ0NQbrwNxQn_ccC846d9TTuqF5Z8LQQkzZpSEmTYPi4lVU6WdADgaRf62Rt2A-Tzo5OpZBzwHCkCWqP1TX7cy4hdK5YqA5_qm5J0vRcACfrXGT6sC0V2aycu2EEUP3yvtImleima4h3JU2X2sihNmfe6WkIiT8Ea18C4ctYlDOlES_aymjdPG02ikERkPT-BavU0QZ2nKVjZq-0O6nd0pQaPW_p6HnW17ED3mkWuz_DUHliH4quxt589wPLJb0rZICru5CClL6ETZ5tWVEOZnDAa1h16Eba5wcHtziL_ne9OF-CdBZqLxHvABJzqV6Np-3HopxdN7zHtP1DqK0_VIlkAaqJzOZcELwjEXY0u5faFJTTq2UCFZtPTKfWzjIFHjN3Z8iEL1VkwSGVx7k8Tj8kfZMwg9sKUym3a3DA&cid=CAQSPADICaaNKO-V_crRr0jZDiLMJxsb1IL7ZEKeTOi2uuhXjm83nxMDh6SoHgsWodVxxw-aXsHAQb_Wa3poHxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=11845278548570989000&adk=627576174&idt=353&cac=0&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
386f23c8be6bee4cf3eb5e843d9756bbaa18094e55c60785fba86078a74981be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2CCD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jvHdgIn33YCV99iEivHCgomg14OV9Y7W3aWRMT0h
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jvHdgIn33YCV99iEivHCgomg14OV9Y7W3aWRMT0h
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jvHdgIn33YCV99iEivHCgomg14OV9Y7W3aWRMT0h
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2CCD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6493606842649653529
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6493606842649653529
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6493606842649653529
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2CCD 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=9f74aee0-411f-84ff-9e76-12f75d825858
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DGFGF7BN3NPJN2SGBZ1H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 2CCD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c7a2d29d-5db5-3f05-5e78-906035b193b8&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2CCD 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWJjZDAxNTctOTRjMi02MWExLTRiOTgtY2FkOWZmNTM1ZGQ4
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2CCD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEATVJMhvUNsyL0X-JbQUEIs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEATVJMhvUNsyL0X-JbQUEIs&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEATVJMhvUNsyL0X-JbQUEIs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F0D1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=629782633211601364
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=629782633211601364
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVVFAJk3tuNqO%2F75IXyB8%2F5EKvOPr5C5x5S%2FJaVmZsnt9e95wjhvblKjFSh%2FGh6hJnHeISPN8FsxYypg6%2BrvVOK9TmR%2Bwu14d496%2BsTvdOveSHVBJjuINdPVMGaEyquQugaLIgT9deACsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f2f987f3c9f-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
an-x-request-uuid
e4c172bf-c1ae-487f-87f1-c73259572bca
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=629782633211601364
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F0D1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=OP-jNT_5ozUj-aYxPP-8Nz-uqTYj-_Bja6vX-yTN
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=OP-jNT_5ozUj-aYxPP-8Nz-uqTYj-_Bja6vX-yTN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbQKYMLC7Pf899xQS8KEEO%2BX0x9UAARlv41tx4Yyp6u8yqfr9FG6erIA4a5EUmfJDRRiASXtrUCW9GsdB26glUKpNyJy0yuPO2C%2F%2B%2BCMeK1WpNycWAWbU9NMSi%2FMINdpGgUJSIf3Rip0pA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f2edf923c9f-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=OP-jNT_5ozUj-aYxPP-8Nz-uqTYj-_Bja6vX-yTN
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F0D1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.48.234.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-234-224.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB
date
Fri, 06 Oct 2023 14:01:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame F0D1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABiak7KQCYAABfSGIgYOA&expiration=1697810466
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABiak7KQCYAABfSGIgYOA&expiration=1697810466
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Y3hEDTdB8%2BoqKRImF2WU1yX4KB%2FsAEpl7A604YibG%2BXsb%2FAae8PIZUx4%2BTCV2ISmYtLS3U1q8e1XIHLSSDEaRxseuWSr%2FedeBoYV3l5QAfowisl7WMZDA9pj4EdC%2F3X%2FGhikn16SVROvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f36da073c9f-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABiak7KQCYAABfSGIgYOA&expiration=1697810466
Date
Fri, 06 Oct 2023 14:01:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame F0D1
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559730160086655
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559730160086655
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ES4nP87GmZe6dZuantswbdnnSYCyhq7NVNqcRh4FoNmPtWIqTHmK8QTAHAKCWzYaFcmA1F8PuPaZySvrE1ai69%2BNBK6G%2B9Q0qD6B2UfkjdVBoswOQkQf2IGX0iWgYhabEjqF443ZM%2F6fSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f34ef5b3c9f-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559730160086655
Date
Fri, 06 Oct 2023 14:01:05 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame F0D1
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2B5tkq8fNPFL7%2B%2Bz3tRseR2w6mES5PLNkpk0gJwfekwwP0isbYqXGjGAgAKXBZrm4gDM9sYuCKuIVRzbr%2FjlZQvWggQNQDhxrg1U2%2BT0RYKpJs7mf%2BhEqHfqtGNDGpzKU4%2FKu4gF6RKEZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f34ef5c3c9f-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Fri, 06 Oct 2023 14:01:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
sync
sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/ Frame F0D1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=&gdpr_consent=&gdpr_pd=
0
0
crum
dsum-sec.casalemedia.com/ Frame F0D1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKK879B3im8SxAZuWu6GRdhZlAYO3fn3CFGs8x3ruZ0V%2BESLfKPfqR66M32Zy8JvR3b0AvzEBo7Szq15TXhk0a30Ou%2B2%2FHa78XcxEvMcFFecbEGO%2FHJ4IULOr3ceUfAb1Nh7wLiuPSRlfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f39de683c9f-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame F0D1 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZSATHrSpNka.Qd7w4Rb4KgAA%265156
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
57536
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
811e6f2e294e23df-ZRH
content-length
43
expires
Sat, 07 Oct 2023 14:01:04 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CA55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELgHyKBVVVOmViR5fkUjU6U&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELgHyKBVVVOmViR5fkUjU6U&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFFrzqCbkcAOFHqpxQiDNrUi%2B%2Fb%2FALhAzSyuqSIujamk2GdG9GXQlCL1ccdk6oyRQfNEp64vu7k2JJqB2e3o4EkPxqdIk2df2%2BUK6SvBe1Nije817PazsXSbPAvKd8xcyVQm1fcM%2FJ%2FBrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f2f988a3c9f-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELgHyKBVVVOmViR5fkUjU6U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame CA55 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame CA55 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
476WTT4KNV5BFM156EC8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CA55 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.234.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-234-224.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame CA55
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4e2ce651-1c2c-ae85-73fb9d73
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4e2ce651-1c2c-ae85-73fb9d73
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB5R%2BBxjoBQHmtlHzCk%2BGwNPamlQcRivWNWkfmAUpVu0vIQLPO%2Bj%2FuBnVGxEoECMrsAF9e6U%2B4%2BV5QqBC%2FG55mJw4x8482UHrGRpVBDDOKC7c34DxHP4dsQQDCla%2FueaE7P23qmy"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f370837f8c9-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 06 Oct 2023 14:01:06 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4e2ce651-1c2c-ae85-73fb9d73
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
qmap
sync.crwdcntrl.net/ Frame CA55
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
0
0
/
sync.taboola.com/sg/indexscod/1/cm/ Frame CA55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame CA55
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=iiQzJF1EvIX0la3Yorat&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156&tc=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=iiQzJF1EvIX0la3Yorat&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxitJ12g%2By694Jba%2BiyZ%2B%2BTCQWGK6ZVbEU3egp0hoRyKGJjnerdJhIP93D40f9eMQGrdQGRAdOqW%2B7C3AWGvyrGunbpfKSZ8x3nNj%2Fvz7Qih1YO05isCuYYIQkGVf58l%2FN2QEsgKJ3MJ0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811e6f3689b03c9f-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=iiQzJF1EvIX0la3Yorat&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156&tc=1
pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT, Fri, 06 Oct 2023 14:01:06 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.servenobid.com/ Frame CA55 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 9471 		0
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
811e6f2dea090e73-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 14:01:04 GMT
server
cloudflare
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 68A2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKuLTGLDQ8aq2ob9Z9b9vXHVjjTQwGrw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKuLTGLDQ8aq2ob9Z9b9vXHVjjTQwGrw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKuLTGLDQ8aq2ob9Z9b9vXHVjjTQwGrw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 68A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
img
sync.mathtag.com/sync/ Frame 68A2 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:04 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 06 Oct 2023 14:01:03 GMT
/
onetag-sys.com/match/ Frame 68A2
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LNEOCGWP-1F-LQJT&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LNEOCGWP-1F-LQJT&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LNEOCGWP-1F-LQJT&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
/
onetag-sys.com/match/ Frame 68A2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=629782633211601364
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=629782633211601364
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
an-x-request-uuid
d3d4d79f-5d77-42eb-87a8-2aefdd078373
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=629782633211601364
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 68A2
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:04 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696600864954007-544
Expires
Fri, 06 Oct 2023 14:01:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 68A2 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=7QL-VJhUPQb_0Zhx-CNgCJtdt6g-dLLfsjtRcCtnX0E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 68A2
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=8529021364860094909
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=8529021364860094909
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=8529021364860094909
date
Fri, 06 Oct 2023 14:01:04 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 68A2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=208o8KyB4nWH36gbQR7aeQeVqaey0TCed2AuQtpUy5k
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=208o8KyB4nWH36gbQR7aeQeVqaey0TCed2AuQtpUy5k
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0GCQT1MAFMGXDPNRYE73
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=208o8KyB4nWH36gbQR7aeQeVqaey0TCed2AuQtpUy5k
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Pug
image2.pubmatic.com/AdServer/ Frame 68A2
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjIzNDI3OEEtRkYyMy00OUM1LUFDNkEtNEEzRTE1QTVGMjZB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame 68A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 68A2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
date
Fri, 06 Oct 2023 14:01:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 68A2 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 68A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=Ri5WxUEoVsVdKFPBQi5Jx0F_XMZdKgWTFXpQYucE
  • https://onetag-sys.com/match/?int_id=30&uid=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=0&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=0&gdpr_consent=&us_privacy=
date
Fri, 06 Oct 2023 14:01:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame 68A2 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=7QL-VJhUPQb_0Zhx-CNgCJtdt6g-dLLfsjtRcCtnX0E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4678 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 22:01:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28749
Connection
keep-alive
Content-Length
10539
Expires
Fri, 06 Oct 2023 22:00:13 GMT
usersync
usersync.gumgum.com/ Frame 5D68
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=629782633211601364
0
0
usersync
usersync.gumgum.com/ Frame 5D68
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1942609373480858756&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 06 Oct 2023 14:01:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncUser
sync.outbrain.com/ Frame 5D68
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_HNFGOiz10fB9kEHsRw-bR3LHgNe-1y--u915Pql8NLjtm_3uCRWb9CzQwTH4YDc%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&obuid=ENC(_HNFGOiz10fB9kEHsRw-bR3LHgNe-1y--u915Pql8NLjtm_3uCRWb9CzQwTH4YDc...
0
0
usersync
usersync.gumgum.com/ Frame 5D68
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=309f76ed-75a0-0753-3903-808dfde192fe
0
0
usersync
usersync.gumgum.com/ Frame 5D68
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1f45cdca-2279-49e9-76ff-9b9455b22955$cell
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1f45cdca-2279-49e9-76ff-9b9455b22955$cell
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1f45cdca-2279-49e9-76ff-9b9455b22955$cell
Date
Fri, 06 Oct 2023 14:01:05 GMT
Connection
keep-alive
Content-Length
115
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 5D68
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-kDE3eJlE2pclaiO8_NAlqixNsXs3W1p3zR5u~A
0
0
usersync
usersync.gumgum.com/ Frame 5D68
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=abaa872d-7377-4316-b98c-33221f78225c
0
0
142
match.deepintent.com/usersync/ Frame 5D68 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 5D68
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=JssblVu3r9jDYEROWvc-&gdpr=0&us_privacy=1---
0
0
server_match
ad.360yield.com/ Frame 5D68 		0
0
usersync
usersync.gumgum.com/ Frame 5D68
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=IXMHrK8VNA1h&ev=1&pid=558355
0
0
usersync
usersync.gumgum.com/ Frame 5D68
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=634865736735787357
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=634865736735787357
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=634865736735787357
date
Fri, 06 Oct 2023 14:01:05 GMT
content-length
0
sync
ads.servenobid.com/ Frame 5D68 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
onetag-sys.com/usync/ Frame ABFE 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
411bba13c654162cfb7bdba5d9531751eaa784daa456b21ac1a35d6fdfc71a9b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1423
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je3a40&_p=1100245420&cid=1082112845.1696600858&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696600865&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&dt=%E6%A1%83%E6%A9%9F%E6%96%B0%E5%A1%94%E8%87%BA%E7%88%86%E3%80%8C%E6%9C%AA%E9%81%8E%E6%B6%88%E9%98%B2%E5%AE%89%E6%AA%A2%E3%80%8D%E6%8F%90%E6%97%A9%E5%81%B7%E8%B7%91%EF%BC%81%E6%B0%91%E8%88%AA%E5%B1%80%EF%BC%9A%E7%B3%BB%E7%B5%B1%E6%B8%AC%E8%A9%A6%E4%B8%AD%E6%9C%AA%E6%AD%A3%E5%BC%8F%E5%95%93%E7%94%A8%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cshow.php
www.awin1.com/ Frame 50CB 		0
0
ztpv.php
www.conrad.ch/ Frame 8B03
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=95442100072044304438466012469010&pv=1
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1696600869_cd03e591-6450-11ee-b98b-2233369fc7ee&insert=AW&gdpr=&gdpr_consent=
0
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.conrad.ch/ztpv.php?awc=11467_414915_1696600869_cd03e591-6450-11ee-b98b-2233369fc7ee&insert=AW&gdpr=&gdpr_consent=
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=97f363118d&subid=&uid=b3446b1440ed68e3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DConmnHRMgZc2pLMnQgAegpa_YCpHB0Jtpm-iDktwP8C4QASC6hMAzYPWFgIDUBMgBCakCCIfFM7W0sT6oAwHIA5sEqgSZAk_Qf-wo488gW71uJQ2M6nAtTGaqU4anEXW1qxLGyaTTAwX4SEgqPWECpQWxgKYnB7nV7D6aihcpRvEE-pYf8YUjbfjsvkhvkxsPBwmqSCt9T6yqNNTsNiyEphMCy-hOIctV33atpv8_gVtqk2XG9_2jG570ujmmQLYZhX4G-MgO4GkzgJX1LiHVzQH9sH6_rx2Ss8LyE7DUMcbUAIw0SaT4_MJ5qHu1TmuGzE5Ws1tks1y1wFx6w61KzQ9CWb-tFUwOYzT_NDXQvthIXKzC1STUVfbmCdTM2cyQsTSZ4u268pf5K55gPvt0CmWQykvfhScb2JBPT12nr9YeHoRPcig-RmEWcivtxPk26zE_zDKj8W7POHnUHKz8wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCLu6vt3K4YEDFUko4AodoNILq7ATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjazB3crhgQMVSSjgCh2g0gurEAEYASAAEgKncfD_BwE%26num%3D1%26cid%3DCAQSPADICaaN497VuSPRiP4jYTcbr53e81Z62-99CFuBq7-7OfviOWxcEgHdRX6HzCiqb44QQ3Awi7KVhcKbfhgB%26sig%3DAOD64_3hjNicwy5w07na8yHfLPT8dwGpeQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CFOFzZcB-Skt5KpdDDsXPOWATr1Go_DT8BxYRKs9fhoxY6njSf26grbg6OppUvIz4-s6a8wyQdCrnSFLhj7EBrxpo2WWJIWLt4OTPWKPV49ZNfNRMY7YrtlXcicL9o8uDJlzV5Z99NrneLRhZ_vzzvLzLLBimV0sMJpPbtnAqoe4p9Z2g%26cry%3D1%26dbm_d%3DAKAmf-CQeRbneBXVuDWCEOOMfYXUm40N2NaJX9IzPFySlCpz_DK7gHl5cI0Hx29LgpV3SWCZs2i5jtpYROYRcdTPBOOVGDbt-kYJJSzeVH-bxd2BWky86ZzBgs2mDa9FQ09kC2XFKeud6vJMtxsdg0hYbGxu0apz7gNQp0nieMs3wwnz8VAiaOgaWdstqEyBFPQVuKOl8p5zzAThqPaNihMwa7NOHC2YtvTkSrc-NGEeCqmuIta_6FD95rrzFnzYI-VRlsNbwNN5xeTWxV7JzWgfsZTgQXYZ1vEjNdKxI9Xd_nLkQjikGNnZ5yxEHO39UcbJFunyBuETZs2KWjhTgsaudIToklhQ99dO8VHWjGbPjSHJ9jA22Gco25t8cHEGFv9uQ18VfkEclyzNqy13wpPqz94JyesbWfSOgWCPXRVE2dkyBD7K0nBe8EqoNTJdOAV7WANHQsO5lSrAnEi_qNfb1lfU2iOQVEywRndAZISSrYBRXZJdXugh7M-4eb5EtVn2ii_DoEVyvRoK_ALCua53km1gIwAq0pawVbdvB7NImWnaEykIAT7Sa06igEwfqT3ILFPWfwxXeRhIHusVSLmXo11lYTizGFOEk0VJe_Hw_1VMb01QPQvTSIYw5QH7Xsg2slsaSDKfvybDPL5pFrCeKTFdS1NVWerbGAWmecdnaOoh0VgWN4v5QZRkWP9yx4g-5tnbmZ0m_0cxpu06UTH7wrw9uXTF3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=929797617870&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.187.224 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
cf-ccp-worker
HTLPHandler-v1
cf-ray
811e6f4dc9a3f19a-CDG
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 14:01:10 GMT
expires
-1
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Fri, 06 Oct 2023 14:01:09 GMT
Location
https://www.conrad.ch/ztpv.php?awc=11467_414915_1696600869_cd03e591-6450-11ee-b98b-2233369fc7ee&insert=AW&gdpr=&gdpr_consent=
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
request_content.php
hal900010.redintelligence.net/ Frame B1D6 		0
0
cshow.php
www.awin1.com/ Frame A6B6 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=95442100072044304438466012469010&pv=1
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:09 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
usersync
rtb.gumgum.com/ Frame D274
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=6637118400076903436&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=6637118400076903436&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.185.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 06 Oct 2023 14:01:06 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 06 Oct 2023 14:01:05 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=6637118400076903436&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 29DF 		0
0
pixel
cm.g.doubleclick.net/ Frame 4610 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xN2UwMDI5NS1kMmMxLTRiYmItYTdhNi0zNjU4YThjYjU2ZDg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 00A7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36877
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 06 Oct 2023 14:01:05 GMT
expires
Sat, 07 Oct 2023 00:15:42 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 0C7A 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 06 Oct 2023 14:01:05 GMT
server
Kestrel
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=12611&tvi50=10882&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
66
date
Fri, 06 Oct 2023 14:01:05 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64139
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230056-FRA
pragma
no-cache
server
nginx
x-timer
S1696600865.240422,VS0,VE66
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pixel
ap.lijit.com/ Frame 691D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 06 Oct 2023 14:01:05 GMT
X-Sovrn-Pod
ad_ap1ams1
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D392 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1LZGhJjVIyKcVYyN7BBDyiObkCx0qURMuto7vgxt-A46GsuLYQUwP5AzmxWk9BrikhtzP5NPc8oD3dcR27MFMEJFaWFETPzc8VfJpDsOWAEFyMsiZAUdvZiTUBt_21OeHkN8dYSOqr4m8OIQSfKIaN_nmAMh6qWsdgB0UAlI4DSTYSbw&cry=1&dbm_d=AKAmf-ByUgaPk35VGBmPkb1b3vj968VZmsAaz2U5OZZnvC2lNgZRl-RY2SvwHWPZ-Y_8B64Udqjk1lGPXN3TrU7P4J4fHTOr9cW2pIXTSSh-5ITAgo_S_zp4S6BxH90VuuQ60JoUna7vjJiy0MWmqwgj1n__d8BRppeV7yA5MgpuL7ZBppxNWmSg6P-SC-jcHtyO2n8DizVt6FKRD_qwn4zebWCca7cLjJv4F42pvs9uGQofmfP5-nCz9zYej0Z7bZhnKxnJIObO9uU0JLuXgdysqkfI3m_wU9ONmg9QKy0tBhUha2sd4kCbPgVb5xM9PnrDKPLNXsUKPe4M4rGhIi3GrnzyaGIq6vcd9L09fA1fYeYPTbdheuiDYLfZSgCzleKD2_ZBEcEhgzeUphGYGSXyJ5zrzp1FiqYFis1LcgaDUMef9wqb3GZGyiKX2-eX4pHS8dr4QR5Dbfnz3bXPA1hCf-SmRTHH0PWhwxHdupzcQFnnHqysFqKxmKG9xYhdhoz5nIDh8sox5YtoChVzeEVsLG1dGPHTohwXvTHlguk4wtVpT1oB0i6EmwgO9_4x896xbvMj_MVhjRUlCEpNNpcDkbk6_9jakxJg7ArOr4C1e85dsCfg92_tFs-0MIq26mHcBc_5uIxIqX7vS53luaGMLqwcfv4Jk7KdbcChwAEjioQC87jOquG7fv-F7ye_J8E26GOlPM2FrkHc8Lq8p5XCSI_uYtmc66NAQ-7IdiK9d0tjLEY53XYV1JPeR7wvporrxJECr32niRAQf0qkN8hFQDknd1jGdRGBBbI4me32S46_0AgCkGeiImGWZg7lM29jZijc_rJCNmksiHjy4h0PzlRBzyxgTx5kRuuP4DjM7xe-c-LRKt4SiKYz8_xvKywhtDY9rXgW0EVxJhj9KEYVYQ1PuXgBTNpQllUrRemAjsxqKtO7UXz1dLkZ9tpYQmOpqkul-Y0ZSmH3qM0iJe3hHf97C7B8KzxytMI1EyOKtcSpEyPKgZpMosVATNJP7KxWcVQP9qdLPp-QUAKufwwLZFiKcciO60LKiUZC8L7W_lDSAnBeyVaiouf8mafEEBWdyOij8gBkFfw_HBSLWooA4usOpBI4SDYaabTSi8KNO6N2wkUb5TJ4OZHSA_PfJYVrzydk40lkqZVdU_Ntw8LeEx2Rc7zOsDlcB27Ae2FMNI2m5UL5RaTh0CUya6drcYnkwlYg0Tesa_xW3cJsSNdSiKSDkd0YAZL5HT4lTNzyU5ITceC1HrCvQLEM9JaE7_suaxPFxAZwZZJI_qnLi-KR_dI70TK1-J243R9y8TvMJmt9-Q98EDCzWzj6NZmU9qHKJtuPOtiZ5OBUYBPf2Tvdk6z7dNxnl1nodZaMwGmdVD1Vme1RXrNgKD7OQwNlQYOicZGgQD6h3YN5JrnK-SQAz0ZSNpfOPuhaLeazpNKOqBDsTwr8KGXHpshqE26uQKzXJb-8RNhu2mLNDjYDwh_2bfk7h5qC7CDmsMujSkK2aBPln_p6xbYYoZYxsqr0d9t-0bcWGFxAciibIew4xiY1gHzlKvfk78-z755OVQfGFnmFIaz-kBcoxeSnWkFRrqdwQ4ncrnfoaFJfVIUAFAC9-hu_4swoWxJn-grRJdLiV__FsB5ovBesJEriBXINev-x0x_VpSLWIgYtIsFgpf8HMEh4gC8rQbt98UbOiv0dnDqP53Uiz8n74gOAtaR46cKlpajEyVo-nM--aba1DR3ZSYlzovTW09ufkLgLswGKglBchcE1yWNbQUJ2ry6saadaC0jyyPwJyJwsH-G0w6k7bmRblTZ1LvSlo4GUxGM8UUD21qhky1etoahUu2fzQ-CeJIqBMmHdEW_dNoAKrpyQaD5_3FtesxJra0QcyAzao7_LGwI0d0sK4L50NLUErbxdZNkJNkrb715O11qkoWKD7No0g4FJb5er4y9O2EVXpHp0x4BAZ8h7D5JcBco8mTQ6BOmZOD13juIA5ieikXpUkaM58yBBfePS965VreVfnhbzjthddOKs3Kj7wwLa63uiNRfD41ApKdhIBnZhLS1RVCVqMLT7KdW3-9ulYz28IwOFeSYIwUDsjSd8Q8yd0jG1aqIj6ZHPCyofWSylQ9VcIcszLLS20mQ2bVpK3eU0r1iwqyPnQcTURD3DAgvha20aGPwjzhe7MwJkBm9pUYUONY5l3MR9gRd8qutJyX0oQUZPRaG2ncBlA3v0Bz52fXjjkhZvQ3gaBmz19ms_qbrlw941NR24Mit5i_vOt-xfYs9Y8KINNfAJzW1A942W9AqaFTyEHITaoFOSp4GqWGcYszA6djY4Sn8L8WJbBCHlRieuCwAn2x4-EKSbZxQw-Rfq_AzcCh8esEUIYiU1blbA1of_XGCiUCer96R-W1io46XfNQNPWQ5of8_kUv2yPKpMNueoPR0mOvu3i0mZwIwzpkxFPybu-3A6UX9JcvkZTsGGgik_z6_ZrmrsPVsNLV6p8HUgybii0Emj7DZihz3zZ8sBCI-uBr0_qOs0SojN6J59wC4hwn6xrwXna0nIjZKR5u71UK16AOzt0EmjjVROMONhm3FStkX5eZEGIPFdzhizlGpoVP31aPd3vgSgDKfs2ZSj4_mszWxaXhaGLk888hrOYc5sL-fkxTWB1GUQWt0lU5s1ngPgRWEkNpiCYPj9slSso6BLFA3NZEAuvYmcWXrksmFiCgtWOUJYoN8MEINeAX2CxwfCs526hlv4mAbQe9tbUcpXIW8u45ab2OHackymjGbJxAbZQFZ3-c6Udu-2k4pjh2ljluo9sbfjcQXOcZnUfvgu7o19vhc-8tGjdBCpowwyxkmgQNoUqMRj95G8NKFpqKmqzFm8A5pGPmGLODVARSQeikL4Qk-96scmI7D0oG01dGu7roLNOEONhBeKHCgfHU5XuaoQpPWFxz7ZF-9bpEEuYR39pH_b3hUZU2zTrg--jMcqrPa-gxreoPNFe9GTuT_HfSm1J1lKxmB0st8EMkwOrlFSN96i1hJ-dTxlDkXUbkvZJsAxe5DlNzTVHqwpX5K0aqDUdKW6wL8_raYyKtp7cspBsxSf8fuH1qoB7n9__RkM1DYjvGLctyb5t49-9lwg4DshRvYmV_I4n4rgqCmYy7cNQoPluMiKFh30zpQcmfQTcGN6JITG1BjmLX_xqcaWQb_k4HoSCg2UCMDvmsiY2ccCXtlLGpWIQKNM4yofH7UlbQG8IRhHe3PUkNtjJjF6hYYaJbRILvYgWRJmCjnu16OaxVFJzs8LX6YBlwfdzzrRAuwiyb_5ikRq5WpTWlEZPjfzeQSutiOkS4m5H_d3EIH4YmyKvucvAc0huDvEFcBVI5rWjfmwSh-qwNZP4k279WOivdeMCH67wxEkCOg4HGtXvPtNW5tjwIPVGL7FdP5tnVO7XxXO2kkcGF3FF18U_pjAmZNOjg25vZFovlGvvvaHghQakiTRbCQU7iNfMwbDs8xE-ia638JTzPEZKb2XCepMToHEoIkpM3UDvZdzs4uEPRZXEpAI-kpt92N8S_cS0ywrOJJBSkYE59ON7Evuv6GQ0NQbrwNxQn_ccC846d9TTuqF5Z8LQQkzZpSEmTYPi4lVU6WdADgaRf62Rt2A-Tzo5OpZBzwHCkCWqP1TX7cy4hdK5YqA5_qm5J0vRcACfrXGT6sC0V2aycu2EEUP3yvtImleima4h3JU2X2sihNmfe6WkIiT8Ea18C4ctYlDOlES_aymjdPG02ikERkPT-BavU0QZ2nKVjZq-0O6nd0pQaPW_p6HnW17ED3mkWuz_DUHliH4quxt589wPLJb0rZICru5CClL6ETZ5tWVEOZnDAa1h16Eba5wcHtziL_ne9OF-CdBZqLxHvABJzqV6Np-3HopxdN7zHtP1DqK0_VIlkAaqJzOZcELwjEXY0u5faFJTTq2UCFZtPTKfWzjIFHjN3Z8iEL1VkwSGVx7k8Tj8kfZMwg9sKUym3a3DA&cid=CAQSPADICaaNKO-V_crRr0jZDiLMJxsb1IL7ZEKeTOi2uuhXjm83nxMDh6SoHgsWodVxxw-aXsHAQb_Wa3poHxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=11845278548570989000&adk=627576174&idt=353&cac=0&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
25361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
style.css
s0.2mdn.net/sadbundle/7405412422785187387/ Frame 34E2 		2 KB
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7405412422785187387/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
0bcbf5d66bfaeaf4932ee633197864d7bdbe2df96213dfa6d87e56e6eb15f2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 10:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530333
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
693
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:55:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 29 Sep 2024 10:42:12 GMT
visual.jpg
s0.2mdn.net/sadbundle/7405412422785187387/ Frame 34E2 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7405412422785187387/visual.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
71247dd61513f7a2ebb9945ad0400908965708460eb0fcfa25b36500ac4b8470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 18:30:30 GMT
x-content-type-options
nosniff
age
588635
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52833
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:55:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Sep 2024 18:30:30 GMT
assets0.png
s0.2mdn.net/sadbundle/7405412422785187387/ Frame 34E2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7405412422785187387/assets0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
5dfca1a46a0ae8d4b9dbc5bc8b46c8bc18e54fa62b58e5bdab8bb763488b336d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 08:56:49 GMT
x-content-type-options
nosniff
age
450256
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2882
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:55:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Sep 2024 08:56:49 GMT
assets1.png
s0.2mdn.net/sadbundle/7405412422785187387/ Frame 34E2 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7405412422785187387/assets1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
ff3c7b690dff6e25210fda61777b1ae4bee5c413de6d3d233eddccf7628f8992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 10:42:12 GMT
x-content-type-options
nosniff
age
530333
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3559
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:55:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 29 Sep 2024 10:42:12 GMT
assets2.png
s0.2mdn.net/sadbundle/7405412422785187387/ Frame 34E2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7405412422785187387/assets2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
665ad7b6420e921636e8379dc2dd8189b7bd588e4d4cfe0b3602fd188da535b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 10:42:12 GMT
x-content-type-options
nosniff
age
530333
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5521
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:55:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 29 Sep 2024 10:42:12 GMT
assets3.png
s0.2mdn.net/sadbundle/7405412422785187387/ Frame 34E2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7405412422785187387/assets3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
80ab7e8ed81668be43dfffc4440e174f845562c7b923111d497aac749feaeea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 08:56:49 GMT
x-content-type-options
nosniff
age
450256
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13394
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:55:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Sep 2024 08:56:49 GMT
logic.js
s0.2mdn.net/sadbundle/7405412422785187387/ Frame 34E2 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7405412422785187387/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
93e8b3e9ad494fe434b90d4f6052419b9adb5e8375910c070196756fc56ab135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7405412422785187387/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 13:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518548
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7281
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:55:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 29 Sep 2024 13:58:37 GMT
mntr.min.2.10.2.js
ajs.a47b.com/js/ Frame 94C2 		0
0
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame F869 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 603F 		1 KB
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
21940
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 07 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A6B6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ce022eddf151bbc500b007b54e9f6248ee854a40423446356e89c71326615e6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
idsync
tg.socdm.com/aux/ Frame 5F16 		0
0
gumgum
cs.admanmedia.com/sync/ Frame 5056 		0
0
usersync
usersync.gumgum.com/ Frame 80E1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=iiQzJF1EvIX0la3Yorat&pi=gumgum&tc=1
0
0
usync.html
eus.rubiconproject.com/ Frame 1F38
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Oct 2023 14:01:05 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 06 Oct 2023 14:01:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
cs
ad.turn.com/r/ Frame B11B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=8273015746
0
0
8w7qrx09r0fs
hal9000.redintelligence.net/zone/ Frame D392 		0
0
match
ads.betweendigital.com/ Frame 815F 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 94C2 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAUWTkSvY5uCDpOCX3nbjJIX69_nLp4gcqIeIK620L0YGAfCelFAPoC8Ka4NbxTEY9QixeCp6sIkClHXLrFXKSDzc_ETvvSaNRNmkA3rCMv8U&sig=Cg0ArKJSzOSLJ1KmXJ-KEAE&id=lidar2&mcvt=1028&p=0,0,250,300&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696600862525&rpt=1586&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4822 		0
0
smwt256.gif
us.ck-ie.com/ Frame 9570 		0
0
khaos.json
token.rubiconproject.com/ Frame 4678 		7 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LNEOCGWP-1F-LQJT
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
cookie
cm.adform.net/ Frame 9EDD 		0
0
29bc4c27cf57ba8353074e724bed8f
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 136F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/29bc4c27cf57ba8353074e724bed8f?gdpr_consent=&gdpr=0
0
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/29bc4c27cf57ba8353074e724bed8f?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
811e6f31ef280e73-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 14:01:05 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 06 Oct 2023 14:01:05 GMT
Expires
Fri, 06 Oct 2023 14:01:05 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/29bc4c27cf57ba8353074e724bed8f?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1696600865327062-410
v1
match.sharethrough.com/universal/ Frame 14F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
content-encoding
gzip
cdn-edgestorageid
864
cdn-storageserver
DE-679
cdn-cachedat
09/20/2023 03:54:27
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
301
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
9a7584be19e443e8fa16e55ea31c4b3f
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sync
ads.servenobid.com/ Frame 5DFE 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5544210422048229692&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5DFE
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTU0NDIxMDQyMjA0ODIyOTY5Mg==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTU0NDIxMDQyMjA0ODIyOTY5Mg==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTU0NDIxMDQyMjA0ODIyOTY5Mg==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 06 Oct 2023 14:01:04 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 5DFE
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=99feb903dc8cbd21a9cdc3267f2ac2b6&gdpr=0&gdpr_consent=0
43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=99feb903dc8cbd21a9cdc3267f2ac2b6&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=99feb903dc8cbd21a9cdc3267f2ac2b6&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
5
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 5DFE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=NIYqLDOAKiwvgC8oMIY1LjPXIC8vgnl6Z9Jd2OKs
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=NIYqLDOAKiwvgC8oMIY1LjPXIC8vgnl6Z9Jd2OKs
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=NIYqLDOAKiwvgC8oMIY1LjPXIC8vgnl6Z9Jd2OKs
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5DFE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
img
sync.mathtag.com/sync/ Frame ABFE 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master cdg cdg-pixel-x14 config_version:"1438" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:05 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x14 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 06 Oct 2023 14:01:04 GMT
pixel
cm.g.doubleclick.net/ Frame ABFE
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKupRe3o4pcdyBWC9vrCD0NS76mkbt_Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKupRe3o4pcdyBWC9vrCD0NS76mkbt_Q
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiwVKupRe3o4pcdyBWC9vrCD0NS76mkbt_Q
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame ABFE
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SpSItNdy-Fgy1vgy0tQWfLgV8obhKxpQ28KAt2er8Bw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SpSItNdy-Fgy1vgy0tQWfLgV8obhKxpQ28KAt2er8Bw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZWA9TRCDEHT7ZR21DXWT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SpSItNdy-Fgy1vgy0tQWfLgV8obhKxpQ28KAt2er8Bw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame ABFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGEWMlFzHJFd3G5NLDV2rT0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame ABFE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame ABFE 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.51.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-51-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame ABFE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame ABFE
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 14:01:05 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696600865519069-520
Expires
Fri, 06 Oct 2023 14:01:05 GMT
tap.php
pixel.rubiconproject.com/ Frame ABFE 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=208o8KyB4nWH36gbQR7aeQeVqaey0TCed2AuQtpUy5k
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame ABFE 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:04 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame ABFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame ABFE 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame ABFE 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
208o8KyB4nWH36gbQR7aeQeVqaey0TCed2AuQtpUy5k&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame ABFE 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/208o8KyB4nWH36gbQR7aeQeVqaey0TCed2AuQtpUy5k&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
811e6f310e2f0e73-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
smw888.gif
us.ck-ie.com/ Frame 7C68 		0
0
async_usersync
ib.adnxs.com/ Frame 9CA1 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
an-x-request-uuid
5a27db49-f680-4692-b62f-15c8cfbe1290
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 4678 		0
0
pixel
cm.g.doubleclick.net/ Frame 603F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOzZC_AGZtU7Ink330uUNOA&google_cver=1&google_push=AXcoOmTThrdS9Gtr-Y5iGTaD2L4JvS3d8rBwFhrvTHmo51aGGlneS3rQeL...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTThrdS9Gtr-Y5iGTaD2L4JvS3d8rBwFhrvTHmo51aGGlneS3rQeLcKUAmMOPfQ7JZRlEaTg70zakZnL-Aj2N6QRLubLsj_rQ&google_hm=rrXQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTThrdS9Gtr-Y5iGTaD2L4JvS3d8rBwFhrvTHmo51aGGlneS3rQeLcKUAmMOPfQ7JZRlEaTg70zakZnL-Aj2N6QRLubLsj_rQ&google_hm=rrXQKOuT9Dsw1n7whmrcGg
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTThrdS9Gtr-Y5iGTaD2L4JvS3d8rBwFhrvTHmo51aGGlneS3rQeLcKUAmMOPfQ7JZRlEaTg70zakZnL-Aj2N6QRLubLsj_rQ&google_hm=rrXQKOuT9Dsw1n7whmrcGg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 603F 		0
0
pixel
cm.g.doubleclick.net/ Frame 603F
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELUYJNKQm3x30EFWI5bmkmk&google_cver=1&google_push=AXcoOmQcutQk-wk8PcbO_TUS6Hr9DprBgnoVfNE4ebpyuxBHy7od9slA-m_vTpCh-JzFXmP-Zkf0h...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQcutQk-wk8PcbO_TUS6Hr9DprBgnoVfNE4ebpyuxBHy7od9slA-m_vTpCh-JzFXmP-Zkf0hv_iPgRJT-oVq7m2v8DGdpzR
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQcutQk-wk8PcbO_TUS6Hr9DprBgnoVfNE4ebpyuxBHy7od9slA-m_vTpCh-JzFXmP-Zkf0hv_iPgRJT-oVq7m2v8DGdpzR
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 06 Oct 2023 14:01:05 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6162C4858AB449FB96F2DB26FBC262E5 Ref B: ZRHEDGE1816 Ref C: 2023-10-06T14:01:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQcutQk-wk8PcbO_TUS6Hr9DprBgnoVfNE4ebpyuxBHy7od9slA-m_vTpCh-JzFXmP-Zkf0hv_iPgRJT-oVq7m2v8DGdpzR
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHDKvsDjYZjZcmfPVd3w==
google
match.adsrvr.org/track/cmf/ Frame 603F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH7Wzsb89ruebv4qW6D1_Ic&google_cver=1&google_push=AXcoOmRyxPdr-buZzixmQHuP5z8HNoC87GVTVX8O_OMyitTNp_axMj_VYLSsX7XAbAH3u6fmtkY12aqFRZ8vPW_gDsjF8_-CPwry3w
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 603F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAPpcKsgaDszt12DZsyzZoc&google_cver=1&google_push=AXcoOmQG6moySJvZHsRIEP_cYpUdrlq-cXlg3pQt36u4nKkHXwqgdAr8s456KkACV2xncOZBn7xZLf-a...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1MzYyMTE2NjMyNjI2OTA2Mg&google_push=AXcoOmQG6moySJvZHsRIEP_cYpUdrlq-cXlg3pQt36u4nKkHXwqgdAr8s456KkACV2xncOZBn7xZLf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1MzYyMTE2NjMyNjI2OTA2Mg&google_push=AXcoOmQG6moySJvZHsRIEP_cYpUdrlq-cXlg3pQt36u4nKkHXwqgdAr8s456KkACV2xncOZBn7xZLf-aHwht0mVQ0XPen_32YYue
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1MzYyMTE2NjMyNjI2OTA2Mg&google_push=AXcoOmQG6moySJvZHsRIEP_cYpUdrlq-cXlg3pQt36u4nKkHXwqgdAr8s456KkACV2xncOZBn7xZLf-aHwht0mVQ0XPen_32YYue
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 603F 		0
0
pixel
cm.g.doubleclick.net/ Frame 603F
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEHsJwd-t5GYYuCS-Tc4-5x4&google_cver=1&google_push=AXcoOmTPBqT8KzbYidpxYGpmCMsoPezwSZqBA4qKOH4p-zTkdGi1oLqEfUeUVqoJzYQO5IJaGD2XWu9vqFoKx7E0rQ1ZpSvgl...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTPBqT8KzbYidpxYGpmCMsoPezwSZqBA4qKOH4p-zTkdGi1oLqEfUeUVqoJzYQO5IJaGD2XWu9vqFoKx7E0rQ1ZpSvgl8SvO8Y&google_hm=f34e9699c4c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTPBqT8KzbYidpxYGpmCMsoPezwSZqBA4qKOH4p-zTkdGi1oLqEfUeUVqoJzYQO5IJaGD2XWu9vqFoKx7E0rQ1ZpSvgl8SvO8Y&google_hm=f34e9699c4cead1113nzu400lneocoqg
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTPBqT8KzbYidpxYGpmCMsoPezwSZqBA4qKOH4p-zTkdGi1oLqEfUeUVqoJzYQO5IJaGD2XWu9vqFoKx7E0rQ1ZpSvgl8SvO8Y&google_hm=f34e9699c4cead1113nzu400lneocoqg
date
Fri, 06 Oct 2023 14:01:08 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 603F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JbDr6PHenWsJ8wHsot2OWJx1FpcDi4b2jcGShSxW6rnTdgSqBku9Ys4kFqd9BbaY2TrLqGlA
Requested by
Host: 1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
URL: https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cs
cs-server-s2s.yellowblue.io/ Frame 684A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=629782633211601364&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=629782633211601364&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.178.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-178-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
an-x-request-uuid
8b17dab0-6770-43d9-8a38-5e6978a71cd5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=629782633211601364&gdpr=0&gdpr_consent=
x-proxy-origin
178.238.164.150; 178.238.164.150; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame 684A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=0
0
0
v1
match.sharethrough.com/universal/ Frame 684A 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 684A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F234278A-FF23-49C5-AC6A-4A3E15A5F26A
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F234278A-FF23-49C5-AC6A-4A3E15A5F26A
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.178.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-178-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=F234278A-FF23-49C5-AC6A-4A3E15A5F26A
date
Fri, 06 Oct 2023 14:01:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 684A 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=L8eLEfYzkp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1696600865556&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1558&pt=1754198848&tz=120&viewable=true&ddast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
content-encoding
gzip
server
nginx
machineid
1464
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
09/12/2023 20:49:35
cdn-pullzone
829957
content-length
345356
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
756342b9cb92269ac18585ee9d6f5ae8
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5B77 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
87094
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 83F8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F234278A-FF23-49C5-AC6A-4A3E15A5F26A
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F234278A-FF23-49C5-AC6A-4A3E15A5F26A
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
T4zQ51qON6ea_5fOZa7ImWmqXKWkNyQsCNLzHA0_Z8YBng-5jB0U8A==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F234278A-FF23-49C5-AC6A-4A3E15A5F26A
date
Fri, 06 Oct 2023 14:01:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 83F8
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
VaUYGfVzO9xYI9MT5x7lBnW5w_rOSWtL-NzvJ1EchWhI0Fzhyh1CrQ==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Fri, 06 Oct 2023 14:01:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 83F8
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=99feb903dc8cbd21a9cdc3267f2ac2b6
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=99feb903dc8cbd21a9cdc3267f2ac2b6
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
KvBedMqUXxvF3GWaNSgjx-BgNCEsET1NYT2EYM7kr8p9YuYQP8bJJQ==

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=99feb903dc8cbd21a9cdc3267f2ac2b6
x-kong-upstream-latency
18
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 83F8
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=5efb3099-2227-0051-26e0-899775b2195d
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=5efb3099-2227-0051-26e0-899775b2195d
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
MV81LlKHre5PIMXP1NuQ0HsmiqlEleGnbEwBc01i_D7zxXYTqeOxog==

Redirect headers

date
Fri, 06 Oct 2023 14:01:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=5efb3099-2227-0051-26e0-899775b2195d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 83F8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:07 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
6_raPrejmgZF-TbSsMFFMkxYUKjhVtXq3ggLvVAMS5DSJ63M9Yctqw==

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6wHYznGO73ml9PydSgb8NORA0oTTo%2BoJnUyeixh%2BpCDNcg71MktVPOn08RJjfAhNiwKtLbeI1QbWROT1DXlJsTZ8%2BLkpI8MWLNRRWO0jZ4xs%2FPLgSfW91%2Fmd5%2F5I9Nmx1yeaRbnbLvxSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156
cache-control
no-cache
cf-ray
811e6f344e9e3c9f-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 83F8
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=666586948737432634043
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=666586948737432634043
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
Wq9Bn1HYPOtSP_cJymYycUTWXFvjOq_2FzmG3V2_A30-qiomS80wWQ==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=666586948737432634043
date
Fri, 06 Oct 2023 14:01:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
ap.lijit.com/ Frame 83F8 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Oct 2023 14:01:06 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 83F8 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=GueREfDzkp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 94C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5FqA917w4h3qaPMST0yM6JPDjYg3LmGguTmK3eznXoCsx5K6k9R7O-5KDQLkh9k3DXT26a7JiysDMcFmYdX7C3e-x_XeGYtlW-J9KZPi0xXHRmtpZ66irFp7aD5OR-oCZ-YA1KOkPIEy99JXLIfs0tXeZXgD4Cqe5FVwbAw7-CoclH2-ci25wn-VHqmdqIQf8UZKbf8mSuy0&sai=AMfl-YRqLC9IuaS7rGVVtDDT85yy0WXReLOYXPV_sOu-9qp78eFUyU6FC99W6BF5lUFUv5QMiVUXspvFy7PSf8A5FHmcvix1GEjf_dP8owpqiS86NkAxPWeGwqFZsK49YoSYvTok964wKhTmFagZOl_tYpyFE1wCFJ8zpQ&sig=Cg0ArKJSzGYVxV-S_xOXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2753&vt=11&dtpt=1951&dett=3&cstd=796&cisv=r20231004.43286&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 1F38 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 14:01:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 22:01:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28747
Connection
keep-alive
Content-Length
10539
Expires
Fri, 06 Oct 2023 22:00:13 GMT
17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
pagead2.googlesyndication.com/bg/ Frame 5B77 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
105834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 08:37:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A6B6 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstV2eoWtGw6H-EwwGDAx6GVoWNE4PCVBzL4gkkGVWhk2HYIMykv55mAbgKEjzIXzGZJbgmlX3YGYuT2gXIXbSLE9me5XbZECpt6KyqzmxNECV0KtiAldvWKf3XeNff&sai=AMfl-YRRlpMR4DGx9iv0FL2NP6aoI8UyadVkCBR5AWOrIr4-J0Dqp0DDEU21v_5SssiIuZvELD8-Mh30eFqMluHKo6Qu8enLPy3sqbfs_A-yushEdV-YjtGWwp9DfaVv&sig=Cg0ArKJSzAnWGWlEHyjrEAE&cid=CAQSPADICaaN497VuSPRiP4jYTcbr53e81Z62-99CFuBq7-7OfviOWxcEgHdRX6HzCiqb44QQ3Awi7KVhcKbfhgB&id=lidar2&mcvt=1005&p=1110,315,1200,1285&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696600862544&rpt=2559&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 1F38 		7 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LNEOCGWP-1F-LQJT
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
usersync
usersync.gumgum.com/ Frame 1F38
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LNEOCGWP-1F-LQJT
  • https://usersync.gumgum.com/usersync?b=mag&i=LNEOCGWP-1F-LQJT
0
0
ads
pubads.g.doubleclick.net/gampad/ Frame D9E8 		156 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&vpa=auto&vpmute=0&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&sid=EE5FBF3B-9B7F-40A9-9A40-9BE3A859C6F3&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&dlt=1696600856886&idt=8070&dt=1696600866723&cookie=ID%3Da0f2fbb2ab820655-2265ba1e37df0082%3AT%3D1696600858%3ART%3D1696600863%3AS%3DALNI_Maz6z-5Y7iyJ-QTEkvOoyWc4wWXEQ&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=645013118988479&scor=2602484247521836&ged=ve4_td10_tt2_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B77 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbvMeIBMgZa3vLtm-9u8PyPqn2AEAAAAAOAHgBAI&bg=!KSqlKmXNAAYMG8UMLBs7ADQBe5WfOGPXBFBVfKX5LSL2c8-C5vdKu-JWUsf0yWWq2CupUovqoQmmSofH5MAkZZKwtEs1AgAAASNSAAAAJGgBB5kC9UwQdnpbvddDGrjQyTcB1zcSf_LJeM6CQmFiqnAXtnKUQKAnmxPwC4mkkKmzMIXsb6zGppj-zVDIe2H86O8SitYMJe6wtC27kPpIiN22rVF-Y_vCCANfq5r4MhNjvUdbq3UBByyohjfov-XfBqOE81lJzNHQfdG7k6gdqe-lAh8DIYfvAp9TodQzT9eYXmatcy-CqOgQwlVZgk8AcZJUI3X8zN7Ix1K8-h8goXEYHuueuVoVYdaGUxdrn79Lu48Xva4jn_2bQu12TOehUYLbDPMrr7rpIwx1M_eV1P5OxKekiCzBlRaAVeOIHzHP0CD9kZLKQ046PkscsD_8QveyRua8YNPiEdDAPnLTIk9cxSuW2ZgxuTCO-Bn3KcgwStLMLVNMd5iUaIQY3_-t8zGeoICUr5mbtmykngsLAlcybQXKXW5hTBhRjDorbONKdvHe4Xo-wcu3uZY5R7AVOY1QklzG37YzvMV-NjJaf6fbGINbwgNjl1ubAsGQPV4yXrJgFeY3r-DdCZPtywUr9KEX-0Sz823H6pTyXbKDJlon_noWA-3c52DiGSTFbMG2VDEdbRoJQMOlcRJtPPEyX-28pqvrz769TSArnyvHd_otJY0s0VEqugF_-cZy5VLEqoa-qqbhad_rmx4OjAg5Y5wcIpdJ1oxIRGQTPiryK2gApIOLUlPW3cjOFA337tMSQLL-JvxVTqgex5DKeHQ5HvFXX_cLNCNYtOJD6ihbemsUv9BGdoEfiNdSgkGBXWAf2KGKzMCpFQ3jzJFTmfMUve9wGUCyD4OkwFiuQKfajBunBXdPwvF8PulMHHBRrPG29loMsR5CM_YrLILFl1sDsAalN4g_UzN_hPQ2u3x2laLG6wQGJQpEmdZE18GfhxaloK2Hp5SCXSBftIWQ5py3E0LAIPJdO4s_wchy6f0EqkunrOyfI4YD7GpnTA5nudWvzjKJJyev8PfTWQeZwKigrBzPvx563yDiUc_2RQWDm5-MMWc42wlJxnw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		318 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:06 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-654
cdn-cachedat
07/19/2023 19:53:42
cdn-pullzone
829957
content-length
325240
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
649
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
373023465ce4633b088ffb5a501f42bc
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
csi
csi.gstatic.com/ Frame D9E8 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DDF4 		1 KB
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
21942
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Sat, 07 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D392 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4edeebae171b03b454326c6a19b190999232f691728b2ec572088653355e00d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3a40&_p=1100245420&cid=1082112845.1696600858&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696600862&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&dt=%E6%A1%83%E6%A9%9F%E6%96%B0%E5%A1%94%E8%87%BA%E7%88%86%E3%80%8C%E6%9C%AA%E9%81%8E%E6%B6%88%E9%98%B2%E5%AE%89%E6%AA%A2%E3%80%8D%E6%8F%90%E6%97%A9%E5%81%B7%E8%B7%91%EF%BC%81%E6%B0%91%E8%88%AA%E5%B1%80%EF%BC%9A%E7%B3%BB%E7%B5%B1%E6%B8%AC%E8%A9%A6%E4%B8%AD%E6%9C%AA%E6%AD%A3%E5%BC%8F%E5%95%93%E7%94%A8%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=10
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		391 KB
392 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:07 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
08/02/2023 03:56:22
cdn-pullzone
829957
content-length
400064
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
86
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
6ac37789cbe0cc1c0d0d04d5ae5be8ed
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
i.match
s.tribalfusion.com/z/ Frame DDF4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAMZBiU3tOP3K3AkNHAJQP4&google_cver=1&google_push=AXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5zS&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAMZBiU3tOP3K3AkNHAJQP4&google_cver=1&google_push=AXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5z...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAMZBiU3tOP3K3AkNHAJQP4&google_cver=1&google_push=AXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5zS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5zS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Server
104.18.24.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:09 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
811e6f4a2cdef144-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:09 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
366
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAMZBiU3tOP3K3AkNHAJQP4&google_cver=1&google_push=AXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5zS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAc2mlnsEwW1uxqDuVyU_G1lDS5687IR41_Bf1cSk-aUfuXJbLuVZeWm3rYUAms5dwRWsnhiUIi3-VlStzFwbTOYEXP5zS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
811e6f487a64f144-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
a.sportradarserving.com/ Frame DDF4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELIKGIobdN8RVn2YkpRZPaw&google_cver=1&google_push=AXcoOmQ6uxHkvyYlby04DFNYrTt1ef95_yBbxOE6NgFaFujsEtIN41feAjUgW4i558q905kgsmksfxPiiN-cPYONgVVK...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
0
0
pixel
cm.g.doubleclick.net/ Frame DDF4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAPpcKsgaDszt12DZsyzZoc&google_cver=1&google_push=AXcoOmRq5cbBczCJFlxoITKEG0iZtS9U54M4K4GJ_yUfpV-6ALzTz61nTCjLrX_Qq1aGjPkHSJ-LChSP...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0MjYwOTM3MzQ4MDg1ODc1Ng&google_push=AXcoOmRq5cbBczCJFlxoITKEG0iZtS9U54M4K4GJ_yUfpV-6ALzTz61nTCjLrX_Qq1aGjPkHSJ-LCh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0MjYwOTM3MzQ4MDg1ODc1Ng&google_push=AXcoOmRq5cbBczCJFlxoITKEG0iZtS9U54M4K4GJ_yUfpV-6ALzTz61nTCjLrX_Qq1aGjPkHSJ-LChSPONi2bZrgYd5eJihl6v4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0MjYwOTM3MzQ4MDg1ODc1Ng&google_push=AXcoOmRq5cbBczCJFlxoITKEG0iZtS9U54M4K4GJ_yUfpV-6ALzTz61nTCjLrX_Qq1aGjPkHSJ-LChSPONi2bZrgYd5eJihl6v4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame DDF4
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMLnqB-gOTorkxe3HHFqsm4&google_cver=1&google_push=AXcoOmQG7miP53nyXt8wdpL7W25vkYzcuBkbcBgJz4IWWUFoZssFo1nX3bEbavOEA7hfDuMQZTH55GZROViyd0EK61EgRVxV_dkd
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQG7miP53nyXt8wdpL7W25vkYzcuBkbcBgJz4IWWUFoZssFo1nX3bEbavOEA7hfDuMQZTH55GZROViyd0EK61EgRVxV_dkd&google_hm=GPRYofQzhiu4DNzX5qipAg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQG7miP53nyXt8wdpL7W25vkYzcuBkbcBgJz4IWWUFoZssFo1nX3bEbavOEA7hfDuMQZTH55GZROViyd0EK61EgRVxV_dkd&google_hm=GPRYofQzhiu4DNzX5qipAg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:07 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQG7miP53nyXt8wdpL7W25vkYzcuBkbcBgJz4IWWUFoZssFo1nX3bEbavOEA7hfDuMQZTH55GZROViyd0EK61EgRVxV_dkd&google_hm=GPRYofQzhiu4DNzX5qipAg==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
pixel
cm.g.doubleclick.net/ Frame DDF4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPkYtC9R2kMTlvYuGHOJJ-w&google_cver=1&google_push=AXcoOmQv-hJUXreY5M_HNDHBo2l9iEEk_USKQ7qAz__r_tUVFE1tzvNWzRHRiYht920WE4tfY9zX6ActTdhEVDQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=H0XNyiJ5Sel2_5uUVbIpVQ&google_push=AXcoOmQv-hJUXreY5M_HNDHBo2l9iEEk_USKQ7qAz__r_tUVFE1tzvNWzRHRiYht920WE4tfY9zX6ActTdhEVDQ8Gd1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=H0XNyiJ5Sel2_5uUVbIpVQ&google_push=AXcoOmQv-hJUXreY5M_HNDHBo2l9iEEk_USKQ7qAz__r_tUVFE1tzvNWzRHRiYht920WE4tfY9zX6ActTdhEVDQ8Gd1HYSW9VWA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=H0XNyiJ5Sel2_5uUVbIpVQ&google_push=AXcoOmQv-hJUXreY5M_HNDHBo2l9iEEk_USKQ7qAz__r_tUVFE1tzvNWzRHRiYht920WE4tfY9zX6ActTdhEVDQ8Gd1HYSW9VWA
Date
Fri, 06 Oct 2023 14:01:07 GMT
Connection
keep-alive
Content-Length
236
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame DDF4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEPIHEUO2B5mVijzMHrHtAY&google_cver=1&google_push=AXcoOmQjOJkmYJIbNVwKcbRNiOIkuYe5wOceHnFB-VFTob5F3syK0P2Fnwm00gUK0mfjYpXpBWP...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FT0NHV1AtMUYtTFFKVA==&google_push=AXcoOmQjOJkmYJIbNVwKcbRNiOIkuYe5wOceHnFB-VFTob5F3syK0P2Fnwm00gUK0mfjYpXpBWPBSccKUbWmmHr-83fukZngiewZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FT0NHV1AtMUYtTFFKVA==&google_push=AXcoOmQjOJkmYJIbNVwKcbRNiOIkuYe5wOceHnFB-VFTob5F3syK0P2Fnwm00gUK0mfjYpXpBWPBSccKUbWmmHr-83fukZngiewZ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5FT0NHV1AtMUYtTFFKVA==&google_push=AXcoOmQjOJkmYJIbNVwKcbRNiOIkuYe5wOceHnFB-VFTob5F3syK0P2Fnwm00gUK0mfjYpXpBWPBSccKUbWmmHr-83fukZngiewZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
pixel
cm.g.doubleclick.net/ Frame DDF4
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQlMcppMuyWFt8_pyNyvIETUNVcy2lfaO4XvPZD91Yq4oJsTCk9a687hLy86VL_A-2Kgo4pRSY3Tv...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQlMcppMuyWFt8_pyNyvIETUNVcy2lfaO4XvPZD91Yq4oJsTCk9a687hLy86VL_A-2Kgo4pRSY3TveNl4nolP_aAqXyrK4&google_hm=2564f93d-da97-4abe-819...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQlMcppMuyWFt8_pyNyvIETUNVcy2lfaO4XvPZD91Yq4oJsTCk9a687hLy86VL_A-2Kgo4pRSY3TveNl4nolP_aAqXyrK4&google_hm=2564f93d-da97-4abe-8193-99694cc30720
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:09 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-68
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQlMcppMuyWFt8_pyNyvIETUNVcy2lfaO4XvPZD91Yq4oJsTCk9a687hLy86VL_A-2Kgo4pRSY3TveNl4nolP_aAqXyrK4&google_hm=2564f93d-da97-4abe-8193-99694cc30720
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DDF4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lc4UVc0jkIHwTyGwVKKQgB1LtE1CbJ7b4t0n2za9e8ZO3rMp9YI81JVjk-zZC1ao81_Cey
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696593663&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696600862463&bpp=326&bdt=3974&idt=638&shv=r20231004&mjsv=m202309291101&ptt=5&saldr=sd&cookie=ID%3Da0f2fbb2ab820655%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MZo_GLxF54Kl61jsdz4DNvrlavHSA&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=3531891766882&frm=23&ife=1&pv=2&ga_vid=1082112845.1696600858&ga_sid=1696600863&ga_hid=1157069507&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2689&biw=1600&bih=1200&isw=336&ish=280&ifk=4079096643&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532403%2C44804782%2C31078301%2C31078601%2C31078488&oid=2&pvsid=1634359720919906&tmod=1176625809&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1koza9xcmov0&btvi=1&fsb=1&dtd=656
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 345B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
61d50bb391ece85cc220ad7f16d9dee01a610244ddf4edfaf03dea306c64816f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12133
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame D9E8 		1 KB
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F11440465%2FThird_Party%2FTP_VAST_8&description_url=https%3A%2F%2Fzeenews.india.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1936272601893587&vpa=auto&vpmute=0&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&sid=EE5FBF3B-9B7F-40A9-9A40-9BE3A859C6F3&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&dlt=1696600856886&idt=8070&dt=1696600868052&cookie=ID%3Da0f2fbb2ab820655-2265ba1e37df0082%3AT%3D1696600858%3ART%3D1696600863%3AS%3DALNI_Maz6z-5Y7iyJ-QTEkvOoyWc4wWXEQ&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&scor=537167806208091&ged=ve4_td11_tt3_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
fbd297e0068446878dff43e1e65fb8ef219e22be9150bb9b3e4a70c89188819c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
879
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 345B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 14:01:08 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4822 		0
0
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		320 KB
320 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:08 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-576
cdn-cachedat
07/16/2023 19:53:18
cdn-pullzone
829957
content-length
327308
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
276
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
617afd6776b522cf0fc70810ec69f1fa
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 043E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1874
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 13:29:54 GMT
expires
Sat, 05 Oct 2024 13:29:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0AD8 		829 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
b6be254a2379c9f0afb55e6ae500a2436dda78a424b665847abe43df58d710a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ulVSMzydxI1BIWZCTbh-sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ulVSMzydxI1BIWZCTbh-sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 14:01:08 GMT
expires
Fri, 06 Oct 2023 14:01:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1696600868563&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1558&pt=1754198848&tz=120&viewable=true&ddast=V8m60CLAaUKjkKtD66zhAoVXIUaH10nSkAAABgYID-AImsXIPBymNzK3az1Vq0Ws3cCs_Msta4fKvBbORcGRaLISC5lcO4WQ1ma43NsVyLBhvLWrkb7NYyi2-02ixmG49tMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBj2g6HT7XvV73-90lPs9c4_cr_KKH3y11uoVPu1v0cIseTrfE4XfrXk63zvV3C58Ov1vmsPvcCrtb6nTY3aKnW_rwu0V_11vw8LvVTrtb6LD73FLXW_h0i_52n1vjcmuOTrf06Lf73LqX0y09uuw-t-bodCuebuXf7rMLTW-zHQAAAAA8AEiLfYTwAwgAEAEAAABAAgAAAACFgAr_FgQuAAAAAGAAWLhd1QDwzMEgPB-_3eEPAAAPBSAAAAQwSAAgoB-WAIgx3jsBAAAAAAAAAMDi____P8YAfmWfDIKB9ZoeAA8-AB6IFBgWYQQAAABA1p3U8sgknaBiUQUAgCDdCsAVAICAxQIlzqwwAAAAAmMW6GHx-80Ou8bvdhkAAAAAAAAAADP_Z_7RCOFkaqYJYohiV_MLCACw5hcQAICNuimYezMAJ-gQtGIwWJ2AmB0AAACAO_____96QHI5GMxWo9nMsJoMN7bdyGKZuZwT03Czm80mjpH3pPgAroREpcT32RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNofAVwO0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoGNxeEaLlZrhWkwW4sWm9laOBl53LLFxDVxuBYWm2uxFr0-po9juRwul1skGFC5F8FFOhE8zG6H6eWW-Dwbv0Us0Zws0onssm8uB4PZajSbGVaT4ca2G1ksM5dzYhpudrPZxDHyFzYWh2u4WK0VpsFsLVpsZmvhZORxyxYT18ThWlhsrsVa9PqYPo7lcrhc7huz5Ww2GAxXu31jtpzNBoPharfv0Bm-q8_ZqCyrJB-hMlg8Hr83p0HhMli8L_XpPCwYC-Zp5-g0OR3Pos7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbDIpYIjhdpBPRy3i6iCWSp0U6Ec2Mu-HMuBhNnKPNcjea2GYm03C4ci2Xs9lq5rGIJUrTRTrRK_yih98tdbqFT7tb9HCLHk63xOF3615Ot871dwufDr9b5rD73Aq7W-p02N2ip1v68LtFf9db8PC71U67W-iw-9xS11v4dIv-dp9b43Jrjk639Oi3-9y6l9MtPbrsPrfm6HQrnm7l3-6zC01vs0X9Rw-xG84lm-FcMRvNFavBKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrJYL4CIoSxewCQAAAAAAQLHGHmuAh9ntML3cEp9n47cyAAnmPGabeUYQa7Va1gAAAASwAQAABHDTjTcBapKcfUBZAAAAAAAA_ApiMBxO9g9AhVir1fL5Yq1WS-D___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rv2r_vB!t45!t45!tbt_lit_unit!testmsn_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
8974c7de3825a8cd4f7a46cb779898056bf499a52259aeacd574995bb508a311

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:08 GMT
content-encoding
gzip
server
nginx
machineid
1405
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 00A7 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0AD8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=1634359720919906&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 043E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 12:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
4399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Oct 2024 12:47:49 GMT
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		333 KB
334 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:08 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-197
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
341032
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
9b85dca794902f87d54279142fb65b7c
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame D392 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4751376878631&version=m202309260101&ct=77&x=1&cor=11845278548570989000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		349 KB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:09 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-169
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
357576
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
0bfd0ae9768680fbdfdf23ee2f9798d7
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame D9E8 		156 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&vpa=auto&vpmute=0&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&sid=EE5FBF3B-9B7F-40A9-9A40-9BE3A859C6F3&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&dlt=1696600856886&idt=8070&dt=1696600869215&cookie=ID%3Da0f2fbb2ab820655-2265ba1e37df0082%3AT%3D1696600858%3ART%3D1696600863%3AS%3DALNI_Maz6z-5Y7iyJ-QTEkvOoyWc4wWXEQ&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=1029420934033020&scor=3713598971874959&ged=ve4_td12_tt4_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C2 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6922416022793&version=m202309260101&ct=76&x=38&cor=5067503468709120000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 043E 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?703fMQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame D9E8 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lneocnid&c=3531891766882&slotId=1765945883441&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 14:01:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:09 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-659
cdn-cachedat
07/19/2023 19:53:43
cdn-pullzone
829957
content-length
374496
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
633
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
0f5d0e0758628280a75c3aa5e1fd248a
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:09 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-680
cdn-cachedat
08/15/2023 14:35:15
cdn-pullzone
829957
content-length
382956
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
5c88f00d10751072439f547032c7d7c5
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ Frame 345B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=1634359720919906&bg=!8fKl8r3NAAbjlzx0w5c7ADQBe5WfOIi6HSMHjan3zXNqeBN5xhsCZ3c7atlr6V3WhUANQx1VPUjmSHG_-oHoMY-xrM9hAgAAAnZSAAAADGgBBwoALkRT7KRCYR3425h0H4JP6xDlJPQNDSCQuG2l-4YJgalaWa8jFc050OuLUtUHt1WZArv2E5ZPrWLM17XjnaUtXeBcKtzq1XYPshPmG9Tz9jBLI5VL6rzj7cQAWcUl8yZhg9d_hQvoxLFgGnFC_HQsHCPuP0p-M48f5IzBvPzMmy-8f3NopfSk_M6EmkrcekApf4ddmuG0lvP2D-CVSkthj8W7xm4P0vZhBfGfhgsFYCwtFF47BrCYTOY0tXVgCIq3PsfdEzPvTDeZWIUpqFrPNKfFlsmQhlLxvBuIbC5ysCEw2ikVGn6toDR5KTP7f42INaU1IS4s6AIylfHdCOr-tn3r2k2cBFg9KooxAxjAT0nGP-fmGGKM-aOWrT-q8k0lX_aewZyaudU8dEM3iX2ypt386bIayQU_zSQhjrTtKT2W7XiLU2iFJ8jG71T5ldLH7q8xDpGwsaHkK6ME5bTCFm_xSOe83N7QTrjTp6Q6f9w6xuVcBnqonjLRs7qvcssUs88LMOvalWYbK17-9Rhr1xJxdsvo72DPWuyVT5JlJ6eBvT4kOJfJXhE1a9ZPs13i-5qWxotdoPJR4QJ5wh1IsPmHtEv98fyUtqKV8CdkaPrep80tous_nWXHQWTMg9AnVNq6gAw7HdHpAvXOahizdl-EO3_rDgjY8JcKp5GGnxZABcnAzHKff5LYkRNOhLoP1U0KjQPPS0X2Kxq_v8QyN6ILYkYIdwfZEjpF-LFtUevbHiM-fdaMZfGmmhyeBLYwi-sucNFnSKjXvJZoF0_F2TkOtVvXKI35ZSqnPiGYwvJIkfnKBsIX9sEiagDRqbhMF4fnYJlCFGwQDJBgDJDMEQKbqmXj6eKgjkYiSu0BpvKlVAG4Fy_j3sJJtUxuJ-ua0Db5hDn-LcyemKmz80NqDSTc2S1Ps5kYSjCMIlKjNSmfRO3hpWv7f2QDeQb7eYKQpvdczTiT9dvOj_UuSEoKXPmsqFWWzrMgW4n48G0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
video8.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		330 KB
331 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:10 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-662
cdn-cachedat
09/09/2023 02:40:34
cdn-pullzone
829957
content-length
338212
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
494
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
9af8c7c2a7072997654a1ddc78824399
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame D9E8 		156 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&vpa=auto&vpmute=0&sdkv=h.3.594.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&sid=EE5FBF3B-9B7F-40A9-9A40-9BE3A859C6F3&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftao-ji-xin-ta-tai-bao-wei-guo-xiao-fang-an-jian-ti-zao-tou-pao-min-hang-ju-xi-tong-ce-shi-zhong-wei-zheng-shi-qi-yong.html&dlt=1696600856886&idt=8070&dt=1696600870365&cookie=ID%3Da0f2fbb2ab820655-2265ba1e37df0082%3AT%3D1696600858%3ART%3D1696600863%3AS%3DALNI_Maz6z-5Y7iyJ-QTEkvOoyWc4wWXEQ&gpic=UID%3D00000c8f9d41015e%3AT%3D1696600858%3ART%3D1696600858%3AS%3DALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ&correlator=1721680277143942&scor=699427269169484&ged=ve4_td13_tt5_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video9.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		30 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:01:10 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-199
cdn-cachedat
01/30/2023 07:35:59
cdn-pullzone
829957
content-length
347236
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
275
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
27a8b0d48c52056819d56e5ccf144487
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/f98a830e2cb7e43224f5daaac2ea0eaa.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202201/f61ea702ceddc2abf9709cc06a77d2ed.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/2cb4a15e46259d6c3d4cb9c01c705225.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/e84db7fbf3db322b45029eb08881a8ba.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/36cc00e1eb582ab06db3d496c03ad641.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8e498ff9a6c2615211d80eb788eced22.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/55d43892c955347626338b004b8e7251.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/6aac83551d9b18791dd863eac5e1ae97.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/306585db6c09d1830b86833d78a3742f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/9fb376a86240ec8874db29a52e946525.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/93ce77cd3e10398361f5975cea967e04.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/bc560a7088ec3370d33527f3d136c569.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ed0757f427d79d5b6db961a35c3ea38c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/eddf977944a278dc85541a1bcce62b79.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ae7c89fae0f9f5b86da829936fe2dd41.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/66612f19c83ed5ed012132a01e1568e7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/5eebb0a991b92915e87898867abda99d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/d500691a335d9524f6ff7018530b999b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e7bfe6296021c6b9252ccfc3bc719c76.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2808758f5734c6151993f55d23c0210a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/86a6dcdc11f433f36226a36b4749475c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202201/d9c429601ca35c11888240f657c9852f.jpg?w=150&h=100&q=100
Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/turn/3538602912032252274?dspret=1&gdpr=&gdpr_consent=&us_privacy=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-d994d507-0770-398c-b555-49564c04f179&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkyAiAYOAI=&gdpr=&gdpr_consent=
Domain
sonata-notifications.taptapnetworks.com
URL
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=&gdpr_consent=&gdpr_pd=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348%2526gdpr%253D0%2526gdpr_consent%253D
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=629782633211601364
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&obuid=ENC(_HNFGOiz10fB9kEHsRw-bR3LHgNe-1y--u915Pql8NLjtm_3uCRWb9CzQwTH4YDc)&gdpr=0
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=309f76ed-75a0-0753-3903-808dfde192fe
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=oth&i=y-kDE3eJlE2pclaiO8_NAlqixNsXs3W1p3zR5u~A
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=vnt&i=abaa872d-7377-4316-b98c-33221f78225c
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=zem&i=JssblVu3r9jDYEROWvc-&gdpr=0&us_privacy=1---
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=pln&i=IXMHrK8VNA1h&ev=1&pid=558355
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=95442100072044304438466012469010&pv=1
Domain
hal900010.redintelligence.net
URL
https://hal900010.redintelligence.net/request_content.php?s=95442100072044304438466012469010&a=389efa41
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
ajs.a47b.com
URL
https://ajs.a47b.com/js/mntr.min.2.10.2.js
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rth&i=iiQzJF1EvIX0la3Yorat&pi=gumgum&tc=1
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=45&rndcb=8273015746
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZV20HxMgZb7aD8KXkgOdm5iwB5HB0Jtp-_CDktwP8C4QASDSzIEaYPWFgIDUBMgBCakCCIfFM7W0sT6oAwHIA5sEqgSMAk_QatA-4UB-sKmmN0WaMuE9zAPwDA-edVvWeRyBdG4bOUKzPjMYkUK22kTiKfruHWEw-PqPZ9oxc5ypBet4_XgXaiqM0Ti_5GXd_W5lLGsrP-ZejnXtRKJ_IxfY8VNtHB0YC_r6UTdIRWke52GTkIZQJFAMCQqf-HPJMzOjs9UaFPHtmoQJCMs4ppLF3pHHN5g5Q6ISYE8GWal2FD2P73YrCHFLj0fzebgp_06oMuQgnNdbs3f7qt75jglTR6gvzGmuhtiMY58RhBMYtF-zBLCF48hnUJVMXSXASHrTTTxv_m8HSXN1eRKwscl-CLYqGTr_pbO27Soi11ZOm14UAf1ith1yAijQpa56U3LABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI_uWe3srhgQMVwotkCh2dDQZ2EAEYASAAEgKgGPD_BwE%26num%3D1%26cid%3DCAQSPADICaaNKO-V_crRr0jZDiLMJxsb1IL7ZEKeTOi2uuhXjm83nxMDh6SoHgsWodVxxw-aXsHAQb_Wa3poHxgB%26sig%3DAOD64_265_MIo9UVepdAfNOiOOvC2g-Ohw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A7tZzESAm7AxfY2_E-QMDgkbw675mvvkdfNctSsZxbCcHhlYMm5VyPb7azGaW1e_v429d_Q8HrwbyNqxyIc2n_HWJ1dYHPfkpLtzbmIuuioz-6Gamh3xjATtFSTt_sJ6sbT1iIA6GKVRk3Zmz6WG1I0pb3cd2ptcGXnOd4316T38JjEjo%26cry%3D1%26dbm_d%3DAKAmf-AASLRz_vVsoPrYPIJMef0cP4hOo7dzJacwcSjAy3qOlzH7EYyrjH3QqLlcgV3jCigWI3z07CyiFtwg4ai9-f-5zCqB28xIWtTrsPgEEd3pkI1MEmjfOJTdHLWG2ML5IhUxjWvte_JSBGRgmM8wlW5TppwXbTAAnOP9w0m39zLFwFCCz-5f4QaUwgoUUbuT1qzaXUb7ocjKvevF97VCmjXPl3OhZlybUd3zty1ScM6IJ2CNVySIAW2095nJ8wk3RY5gzYv74j9xNy3vxgmOUO6QmUWe4dFrvg64lS1E_llrG2QX2KXBuGYLqyHWpeHX_QEjBaV4Dous5TK41Uwi5S-OrCOwGzfL8xHPXH5psvL4stihqqZHcnLbv__Y-w6gLQyLdQ_10kgND0qofrzeSRy8eiik1-5EaE-2doCwsVCc_SUl_6e462Ueox0RJJUFoGtDsb64yzr-HhK2K2MprCNI22LXsu7Ekfg8FgMgkdYkUmfyCm8DIqYYbJggrJtd3w3J90mXEanuFvangoY-gaDyDuh0X0aQQA7Q3zMCqPK8Uv9ZdBe5uxusqGQUI9xvaDIp7P4Okcs2DRAEahieJ635vEHZVZoAiijXKvILtas0Zw4VtgX5LD6RoBsdZJ4wHEEQsuMoYgVv5qAKeNJ0hBA9ghiHKnLB81X_shzWo-1KHifsCGydjTmhhNy_Rb784E9lIrSpKUyxUDiJXWyBPmvi02qB9A%26adurl%3D
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21765001&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LNEOCGWP-1F-LQJT
Domain
dclk-match.dotomi.com
URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM01zQACqIeam1eRFW7WtPA&google_cver=1&google_push=AXcoOmRH4E1J3OSC5CuHWZ-TDJIwo-AM-xgQiyDwuZtXh3bPjgR2fPQ5u0436WcX2pvnQnCWH0HMqBRZlWsHS4XKGxJbSA091PAKxQ
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIukwsJcuB1p0JgcGCA1vXo&google_cver=1&google_push=AXcoOmQl09NMxZ8D6df51ky7aVKuxfKuM9So0yoVyZy8DO1d9fprzg1jmn9Jsavs83YBEg78_8PjEF-nHLKrYJSRzwD4i_CogdgIfQ
Domain
cs.yellowblue.io
URL
https://cs.yellowblue.io/cs?aid=11601&id=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=0
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mag&i=LNEOCGWP-1F-LQJT
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lneocllw&c=3531891766882&slotId=1765945883441&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
a.sportradarserving.com
URL
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5751012&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65261080&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| unibots function| _typeof object| TRC object| _tblConsole undefined| msg function| _statcounter object| adRecover function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| AMP object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| googletag object| ggeac object| google_js_reporting_queue string| nam object| placementData object| regeneratorRuntime object| totm object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs undefined| $ undefined| jQuery function| jqAlias string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags undefined| google_measure_js_timing function| runAnimCheck object| google_reactive_ads_global_state number| google_unique_id object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo function| checkFrameandInitStartFun function| processData object| ucf object| request string| paramsString object| cmTag object| _cm_wfCounters string| lastWfUrl function| quantserve function| __qc object| ezt object| _qoptions object| ubp_pbjsChunk object| ubp_pbjs object| _ubp_pbjsGlobals boolean| noPreviewPage function| io function| startCMTagMain string| category function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer function| clientJsFunction object| googDdmPs object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| google_ad_modifications object| google_prev_clients object| vttjs function| WebVTT function| videojs function| videojsContribAds object| $jscomp object| canAutoplay function| videojsPlaylist function| videojsIma function| isValidVideo string| myPlayerGabywa object| oldScript object| attr object| closure_lm_893175 object| closure_lm_408757 function| prepareAdRequest

121 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1696600857.3E23205C0A994F9AC2EAB760FB6663AF.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1696600857.0
.statcounter.com/ Name: is_visitor_unique
Value: 1696600857166348704
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1696600857.1.0.1696600857.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1082112845.1696600858
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D0cba5815-a406-4136-82dc-61b5ba5abf51-tuctc199899
www.bg3.co/ Name: __AP_SESSION__
Value: 9909bf7a-4b08-41d8-ad8a-427f596ad2df
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: f17b0198-a1f7-41aa-b80f-6d79aa2e297f
.prebid.a-mo.net/ Name: __amc
Value: 1_1696600858_1696600858
.omnitagjs.com/ Name: ayl_visitor
Value: 99feb903dc8cbd21a9cdc3267f2ac2b6
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwmqaAqQY4AUABSAEQmqaAqQYYAA..
.adnxs.com/ Name: uuid2
Value: 629782633211601364
.bg3.co/ Name: __gpi
Value: UID=00000c8f9d41015e:T=1696600858:RT=1696600858:S=ALNI_MYfejIVIJfUm3y6Gx3kptVEqSd2AQ
.rubiconproject.com/ Name: khaos
Value: LNEOCGWP-1F-LQJT
.aralego.com/ Name: sspid
Value: 88e990de-1373-33a7-984b-18818bea2e0d
.aralego.com/ Name: euconsent-v2
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUl1rhz92b8DcC0RISUmGXTS0gPJ4V24MWOiBIT6aw3PtdB_RaAzT9-Zu_gmoBk
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1696600862.1.0.1696600862.0.0.0
.yahoo.com/ Name: A3
Value: d=AQABBB4TIGUCEPX5oB4hmq3XJEjz09McxroFEgEBAQFkIWUpZQAAAAAA_eMAAA&S=AQAAAhAIPE3cGMp7FqJ0FW9_Esg
.bidswitch.net/ Name: tuuid
Value: b7692853-1c14-4883-b2dc-a1e6d4d6c864
.bidswitch.net/ Name: c
Value: 1696600862
.bidswitch.net/ Name: tuuid_lu
Value: 1696600862
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMID
Value: ZSATHrSpNka.Qd7w4Rb4KgAA
.casalemedia.com/ Name: CMPS
Value: 5156
.casalemedia.com/ Name: CMPRO
Value: 5156
ads.smartstream.tv/ Name: DID
Value: 98802a5f35ede768afcaa6e746f2d2a8
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.bg3.co/ Name: __gads
Value: ID=a0f2fbb2ab820655-2265ba1e37df0082:T=1696600858:RT=1696600863:S=ALNI_Maz6z-5Y7iyJ-QTEkvOoyWc4wWXEQ
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-06T14%3A01%3A03%22%7D
cm.adsafety.net/ Name: UID
Value: CM120231006145882da22d64acadeff0
.adsafety.net/ Name: cm_uid
Value: CM120231006145882da22d64acadeff0
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvczZVZWNHcVA4RnJxOWxUb1VDK3J5cmhwOXNZbUhFTEFxbkFqVktUcTVDMDJBN3R1ZE1SY0owQXZBZ3dTeGxya1V3SGtFQzNVSTZUblhUeFNOMFV2TW93cWJvV1JZcE5DNWNlY3lJVGFDUUZtMElpSTMzcVhoZzBxdzJ1L2owUHEzUmtJZ2d3cU5TSzVxNUwwa2t4cWlSbFRNdGZtRTdHTnpjQWJaTVlHYU4yUytqWkQvMU5CejgrOGZPemVCSTMzcFYyS1JFdHorSFRjdnZjNFFBZ1VpU0YvMzdEVVJ5OUhBSUNmeXU2SmNwYlVOWEF0ZXZTLy84Q20rcDV5bGNCdDZ2N3duYkc4dk0xRmc4SS9tTWpFWnBkM2lGTjZISEw4bDVzZG44MDF1ZUJqaWpNSW1Cc01rY1UrWEZrQmwwT1pRPT0%3D
.ipredictive.com/ Name: cu
Value: abaa872d-7377-4316-b98c-33221f78225c|1696600863919
.tapad.com/ Name: TapAd_TS
Value: 1696600864095
.tapad.com/ Name: TapAd_DID
Value: f79351c7-1f2c-403b-ad25-d2f54ce9cbf9
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 27ac7a2520db96ff
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxORU9DR1dQLTFGLUxRSlQiLCJleHBpcmVzIjoiMjAyNC0wMS0wNFQxNDowMTowNFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMC0wNlQxNDowMTowNFoifQ==
.openx.net/ Name: i
Value: 140eedc4-f432-00f2-04ae-58885196a045|1696600864
.quantserve.com/ Name: mc
Value: 65201320-37425-21d83-1afea
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A28JykDvDUyJvv3XvhIRliQ
.linkedin.com/ Name: bcookie
Value: "v=2&2ac6c939-d183-4b51-867d-f0b67e7cbfd0"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTY2MDA4NjQ7MjswMjEorRughZ7bKpLNf3cg5sG5HvLhxPM0DDf5d3jYXV347w==
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2681:u=1:x=1:i=1696600864:t=1696687264:v=2:sig=AQFZY6L7DlWLLBS-_pMJhobBD-JznViJ"
.bg3.co/ Name: __qca
Value: P0-93179357-1696600858989
.openx.net/ Name: pd
Value: v2|1696600864|gen0vNvQiygu
.ads.stickyadstv.com/ Name: UID
Value: 29bc4c27cf57ba8353074e724bed8f
.primis.tech/ Name: csuuid
Value: 65201320a518c
.criteo.com/ Name: uid
Value: af0bba0e-0554-4653-aa34-88576835f9b8
.gumgum.com/ Name: vst
Value: e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2E?]=_(1y!@wnfH8K6pQK`!5=E<*L5?%Lt7NY04.OMAG]Ot*)Y-*b#kM(awA*(pQP9_Uk%nugO%v^M_q=aFV!c?*=wr)wo!T7$)any`S.^^hF%q)3R[f9fr
.servenobid.com/ Name: pid_339
Value: y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
.servenobid.com/ Name: pid_312
Value: 629782633211601364
.servenobid.com/ Name: pid_337
Value: y-2dEsxmNE2uHRh9M2itjjP_IBHPo1WLyhXVofnlE-~A
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1696600865.1.0.1696600865.0.0.0
.servenobid.com/ Name: pid_318
Value: 7QL-VJhUPQb_0Zhx-CNgCJtdt6g-dLLfsjtRcCtnX0E
.servenobid.com/ Name: pid_333
Value: ZSATHrSpNka-Qd7w4Rb4KgAAFCQAAAIB
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~2ebq:19e0~2ebq:175w~2ebq"
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.lijit.com/ Name: ljt_reader
Value: HcOJsRZHohI4WGdZQTq0Yn_d
.servenobid.com/ Name: pid_309
Value: e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d491ae05-6278-47d3-aa83-17c26ae9a3a6-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1697760000%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F234278A-FF23-49C5-AC6A-4A3E15A5F26A
.go.sonobi.com/ Name: __uis
Value: 2564f93d-da97-4abe-8193-99694cc30720
.smartadserver.com/ Name: pid
Value: 634865736735787357
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_317
Value: 5544210422048229692
.yellowblue.io/ Name: wrvUserID
Value: L8eLEfYzkp_s
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-d994d507-0770-398c-b555-49564c04f179
.onetag-sys.com/ Name: OTP
Value: SpSItNdy-Fgy1vgy0tQWfLgV8obhKxpQ28KAt2er8Bw
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.minutemedia-prebid.com/ Name: wrvUserID
Value: GueREfDzkp_mm
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1f45cdca-2279-49e9-76ff-9b9455b22955.LDjnrqcRxjth%2FzCLKIxfzNkrGKFBYTKU6wPE1yVfmCE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1f45cdca-2279-49e9-76ff-9b9455b22955.LDjnrqcRxjth%2FzCLKIxfzNkrGKFBYTKU6wPE1yVfmCE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AH0XNyiJ5Sel2_5uUVbIpVQ.WT2CLUl%2BPBRxG652tfvVl57ow70iKo0Zu8U2CUBMIe4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AH0XNyiJ5Sel2_5uUVbIpVQ.WT2CLUl%2BPBRxG652tfvVl57ow70iKo0Zu8U2CUBMIe4
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIB9BuhmA66B-61wQp5SXhcuZ8OZRszcjgqWfUfEog7KfEHwYAiChpoCpBjoE8Iu9MEIEtDR6jQ.ltLXzB1DS%2BnQLt5wYvFPwEqJ8oNEosDaTBIZDuVD7T4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIB9BuhmA66B-61wQp5SXhcuZ8OZRszcjgqWfUfEog7KfEHwYAiChpoCpBjoE8Iu9MEIEtDR6jQ.ltLXzB1DS%2BnQLt5wYvFPwEqJ8oNEosDaTBIZDuVD7T4
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmlmZmBgYWZqamYJAIuVIgcQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjA0MzCwMDMzNRXiM9QtMQ4MLguKKjLOtnAGAHhayg8lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjA0MzCwMDMzNRXiM9QtMQ4MLguKKjLOtnAGAHhayg8lAAAA
.quantserve.com/ Name: d
Value: EFoBFgGPKoEK_fsQz7sQ
.adform.net/ Name: uid
Value: 1942609373480858756
.creativecdn.com/ Name: ts
Value: 1696600865
.creativecdn.com/ Name: u
Value: iiQzJF1EvIX0la3Yorat
.smartadserver.com/ Name: csync
Value: 117:99feb903dc8cbd21a9cdc3267f2ac2b6|134:OB_OK
.servenobid.com/ Name: pid_332
Value: 2564f93d-da97-4abe-8193-99694cc30720
.servenobid.com/ Name: pid_324
Value: 5140084927578361049
.servenobid.com/ Name: pid_310
Value: HcOJsRZHohI4WGdZQTq0Yn_d
.servenobid.com/ Name: pid_352
Value: L8eLEfYzkp_s
.servenobid.com/ Name: pid_348
Value: GueREfDzkp_mm
.smilewanted.com/ Name: sw_user_params_infos
Value: 9YvZNIiGwiZi9K%2FtFCBh%2Bv2irkt0QSYoYOHt3%2BHjVIA6Ugg0KJ4ITFvTvsdeHNzx3GUflfSGA6%2FxSPVwshE5vMLFpkWfKXiOl%2F8HoqTtXo%2FHLh29LcUvvXfR%2FwLY46A3lMrc6xlya3%2Bl%2FMiL7jRc%2FZAVEzYsEyHVDoGj7IMr3%2BHcejC2jmVQ7GoziIRbVUGa0gh2cgWhV8OAXoCPeuE6Hw%3D%3D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.3lift.com/ Name: tluid
Value: 666586948737432634043
.sitescout.com/ Name: ssi
Value: 9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb#1696600866084
.bidr.io/ Name: bitoIsSecure
Value: ok
.brand-display.com/ Name: _knxq_
Value: 4e2ce651-1c2c-ae85-73fb9d73.1696600866.0.1696600866.1696600866
.bidr.io/ Name: bito
Value: AADmK07KQCYAABeXLZj-Hw
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY5NjYwMDg2NjIyMCwiMzkiOjE2OTY2MDA4NjYyMjAsIjciOjE2OTY2MDA4NjYyMjB9
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp8bvsWPhAmlP6rFa1SqNBrlhQubB7Dp+jEQ/A3gVG7yCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ek7+8UWvn5lu
.zemanta.com/ Name: zuid
Value: JssblVu3r9jDYEROWvc-
.contextweb.com/ Name: V
Value: IXMHrK8VNA1h
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1n9l|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a14be03522fd4573
.bidswitch.net/ Name: google_push
Value: AXcoOmQ6uxHkvyYlby04DFNYrTt1ef95_yBbxOE6NgFaFujsEtIN41feAjUgW4i558q905kgsmksfxPiiN-cPYONgVVK7hclWSmt
.ads.pubmatic.com/ Name: KCCH
Value: YES
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 9a0070c6-1fba-5217-bd01-8896d8219bb2
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZSATJAAMHZCIj8xD5EgPr98tIOAn2iO2WwdM6w==
.turn.com/ Name: uid
Value: 3538602912032252274
.hb.yahoo.net/ Name: data-mag
Value: LNEOCGWP-1F-LQJT~~63
.mediago.io/ Name: __mguid_
Value: f34e9699c4cead1113nzu400lneocoqg
.go.sonobi.com/ Name: HAPLB8G
Value: s8668|ZSATK
.tribalfusion.com/ Name: ANON_ID
Value: aSnoeUN3IdqSIdwDTj1oCCMaboTVrGJcG3ZbIGqCr

54 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/36cc00e1eb582ab06db3d496c03ad641.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/55d43892c955347626338b004b8e7251.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8e498ff9a6c2615211d80eb788eced22.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/e84db7fbf3db322b45029eb08881a8ba.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/2cb4a15e46259d6c3d4cb9c01c705225.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202201/f61ea702ceddc2abf9709cc06a77d2ed.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/f98a830e2cb7e43224f5daaac2ea0eaa.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/66612f19c83ed5ed012132a01e1568e7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/93ce77cd3e10398361f5975cea967e04.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ed0757f427d79d5b6db961a35c3ea38c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/eddf977944a278dc85541a1bcce62b79.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/306585db6c09d1830b86833d78a3742f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/d500691a335d9524f6ff7018530b999b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ae7c89fae0f9f5b86da829936fe2dd41.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/bc560a7088ec3370d33527f3d136c569.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202201/d9c429601ca35c11888240f657c9852f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/5eebb0a991b92915e87898867abda99d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2808758f5734c6151993f55d23c0210a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/9fb376a86240ec8874db29a52e946525.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/6aac83551d9b18791dd863eac5e1ae97.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/86a6dcdc11f433f36226a36b4749475c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e7bfe6296021c6b9252ccfc3bc719c76.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvdGFvLWppLXhpbi10YS10YWktYmFvLXdlaS1ndW8teGlhby1mYW5nLWFuLWppYW4tdGktemFvLXRvdS1wYW8tbWluLWhhbmctanUteGktdG9uZy1jZS1zaGktemhvbmctd2VpLXpoZW5nLXNoaS1xaS15b25nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZSATHrSpNka.Qd7w4Rb4KgAA%265156&gpp=&gpp_sid=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZV20HxMgZb7aD8KXkgOdm5iwB5HB0Jtp-_CDktwP8C4QASDSzIEaYPWFgIDUBMgBCakCCIfFM7W0sT6oAwHIA5sEqgSMAk_QatA-4UB-sKmmN0WaMuE9zAPwDA-edVvWeRyBdG4bOUKzPjMYkUK22kTiKfruHWEw-PqPZ9oxc5ypBet4_XgXaiqM0Ti_5GXd_W5lLGsrP-ZejnXtRKJ_IxfY8VNtHB0YC_r6UTdIRWke52GTkIZQJFAMCQqf-HPJMzOjs9UaFPHtmoQJCMs4ppLF3pHHN5g5Q6ISYE8GWal2FD2P73YrCHFLj0fzebgp_06oMuQgnNdbs3f7qt75jglTR6gvzGmuhtiMY58RhBMYtF-zBLCF48hnUJVMXSXASHrTTTxv_m8HSXN1eRKwscl-CLYqGTr_pbO27Soi11ZOm14UAf1ith1yAijQpa56U3LABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI_uWe3srhgQMVwotkCh2dDQZ2EAEYASAAEgKgGPD_BwE%26num%3D1%26cid%3DCAQSPADICaaNKO-V_crRr0jZDiLMJxsb1IL7ZEKeTOi2uuhXjm83nxMDh6SoHgsWodVxxw-aXsHAQb_Wa3poHxgB%26sig%3DAOD64_265_MIo9UVepdAfNOiOOvC2g-Ohw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A7tZzESAm7AxfY2_E-QMDgkbw675mvvkdfNctSsZxbCcHhlYMm5VyPb7azGaW1e_v429d_Q8HrwbyNqxyIc2n_HWJ1dYHPfkpLtzbmIuuioz-6Gamh3xjATtFSTt_sJ6sbT1iIA6GKVRk3Zmz6WG1I0pb3cd2ptcGXnOd4316T38JjEjo%26cry%3D1%26dbm_d%3DAKAmf-AASLRz_vVsoPrYPIJMef0cP4hOo7dzJacwcSjAy3qOlzH7EYyrjH3QqLlcgV3jCigWI3z07CyiFtwg4ai9-f-5zCqB28xIWtTrsPgEEd3pkI1MEmjfOJTdHLWG2ML5IhUxjWvte_JSBGRgmM8wlW5TppwXbTAAnOP9w0m39zLFwFCCz-5f4QaUwgoUUbuT1qzaXUb7ocjKvevF97VCmjXPl3OhZlybUd3zty1ScM6IJ2CNVySIAW2095nJ8wk3RY5gzYv74j9xNy3vxgmOUO6QmUWe4dFrvg64lS1E_llrG2QX2KXBuGYLqyHWpeHX_QEjBaV4Dous5TK41Uwi5S-OrCOwGzfL8xHPXH5psvL4stihqqZHcnLbv__Y-w6gLQyLdQ_10kgND0qofrzeSRy8eiik1-5EaE-2doCwsVCc_SUl_6e462Ueox0RJJUFoGtDsb64yzr-HhK2K2MprCNI22LXsu7Ekfg8FgMgkdYkUmfyCm8DIqYYbJggrJtd3w3J90mXEanuFvangoY-gaDyDuh0X0aQQA7Q3zMCqPK8Uv9ZdBe5uxusqGQUI9xvaDIp7P4Okcs2DRAEahieJ635vEHZVZoAiijXKvILtas0Zw4VtgX5LD6RoBsdZJ4wHEEQsuMoYgVv5qAKeNJ0hBA9ghiHKnLB81X_shzWo-1KHifsCGydjTmhhNy_Rb784E9lIrSpKUyxUDiJXWyBPmvi02qB9A%26adurl%3D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=b7692853-1c14-4883-b2dc-a1e6d4d6c864&gdpr=&gdpr_consent=&gdpr_pd=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=apn&i=629782633211601364
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21765001&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ajs.a47b.com/js/mntr.min.2.10.2.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LNEOCGWP-1F-LQJT
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=oth&i=y-kDE3eJlE2pclaiO8_NAlqixNsXs3W1p3zR5u~A
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=vnt&i=abaa872d-7377-4316-b98c-33221f78225c
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.yellowblue.io/cs?aid=11601&id=29bc4c27cf57ba8353074e724bed8f&gdpr_consent=&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D9a0b00fd-5abb-4a40-92d5-dc77ddc5f3fb-65201322-4348%2526gdpr%253D0%2526gdpr_consent%253D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM01zQACqIeam1eRFW7WtPA&google_cver=1&google_push=AXcoOmRH4E1J3OSC5CuHWZ-TDJIwo-AM-xgQiyDwuZtXh3bPjgR2fPQ5u0436WcX2pvnQnCWH0HMqBRZlWsHS4XKGxJbSA091PAKxQ
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=opx&i=309f76ed-75a0-0753-3903-808dfde192fe
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lneocllw&c=3531891766882&slotId=1765945883441&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=mag&i=LNEOCGWP-1F-LQJT
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=pln&i=IXMHrK8VNA1h&ev=1&pid=558355
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=zem&i=JssblVu3r9jDYEROWvc-&gdpr=0&us_privacy=1---
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIukwsJcuB1p0JgcGCA1vXo&google_cver=1&google_push=AXcoOmQl09NMxZ8D6df51ky7aVKuxfKuM9So0yoVyZy8DO1d9fprzg1jmn9Jsavs83YBEg78_8PjEF-nHLKrYJSRzwD4i_CogdgIfQ
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5751012&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.1rx.io/usersync/turn/3538602912032252274?dspret=1&gdpr=&gdpr_consent=&us_privacy=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-d994d507-0770-398c-b555-49564c04f179&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kOTk0ZDUwNy0wNzcwLTM5OGMtYjU1NS00OTU2NGMwNGYxNzkyAiAYOAI=&gdpr=&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_17e00295-d2c1-4bbb-a7a6-3658a8cb56d8&obuid=ENC(_HNFGOiz10fB9kEHsRw-bR3LHgNe-1y--u915Pql8NLjtm_3uCRWb9CzQwTH4YDc)&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
1983f99bc27df63d11c02b58adb47bb6.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aam.a47b.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.smartstream.tv
ads.stickyadstv.com
ajs.a47b.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
aws-fr-sync.bidswitch.net
b1sync.zemanta.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.socket.io
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csi.gstatic.com
csync.smilewanted.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
f35c994a8e911d8cd26d8d961078aa39.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid-mercury.criteo.com
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
media.grid.bidswitch.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pro.ip-api.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
socket.unibots.in
sonata-notifications.taptapnetworks.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.openx.net
unibots.b-cdn.net
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
vjs.zencdn.net
wf.taboola.com
www.awin1.com
www.bg3.co
www.conrad.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
a.sportradarserving.com
a.teads.tv
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ajs.a47b.com
cm.adform.net
cs.admanmedia.com
cs.yellowblue.io
csi.gstatic.com
dclk-match.dotomi.com
hal9000.redintelligence.net
hal900010.redintelligence.net
image2.pubmatic.com
image6.pubmatic.com
pixel-us-east.rubiconproject.com
sonata-notifications.taptapnetworks.com
static.bg3.co
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.outbrain.com
sync.richaudience.com
tg.socdm.com
us.ck-ie.com
usersync.gumgum.com
www.awin1.com
103.231.174.251
104.102.45.165
104.16.89.20
104.18.187.224
104.18.24.173
104.18.25.18
104.18.26.193
104.18.27.193
104.20.219.77
104.22.69.131
104.26.5.103
13.107.42.14
13.32.99.61
138.199.36.11
138.201.63.145
138.201.84.244
141.226.224.32
141.226.228.48
142.250.184.228
142.250.185.161
142.250.185.162
142.250.185.194
142.250.185.226
142.250.185.66
142.250.186.138
142.250.186.170
142.250.186.35
142.250.186.40
142.250.186.70
142.250.74.194
143.204.98.80
147.75.84.158
151.101.129.44
151.101.193.44
151.101.66.137
151.101.66.217
152.199.21.70
169.150.247.34
169.197.150.8
172.104.206.52
172.217.16.194
172.217.18.1
178.250.1.8
178.250.7.11
178.250.7.13
178.250.7.2
178.250.7.62
18.192.135.64
18.193.181.140
18.65.39.39
18.66.97.30
184.30.16.195
184.30.22.30
185.106.33.48
185.184.8.90
185.29.134.248
185.64.190.79
185.86.138.151
185.86.139.101
185.89.211.84
192.96.203.13
193.0.160.131
2.21.20.202
213.19.162.51
216.239.32.3
216.239.34.36
216.52.2.86
216.52.2.91
23.201.255.110
23.212.88.20
23.32.184.180
23.48.23.44
23.97.225.52
3.125.241.158
3.233.145.141
3.33.220.150
3.65.51.143
3.71.149.231
3.77.133.205
34.111.113.62
34.120.63.153
34.160.19.107
34.194.178.11
34.242.185.58
34.242.212.86
34.247.205.196
34.95.81.168
34.98.64.218
35.186.253.211
35.208.249.213
35.244.174.68
37.157.5.133
51.77.64.70
51.89.9.254
52.20.77.122
52.210.70.148
52.211.253.239
52.46.130.91
52.48.234.224
52.86.135.73
54.239.33.158
54.77.251.23
64.74.236.159
69.166.1.35
69.173.144.137
69.173.144.138
69.173.144.139
76.223.111.18
77.245.57.72
89.163.240.122
89.187.169.39
91.210.226.74
91.228.74.159
95.101.148.20
99.86.4.129
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
0375020bc89c561662048d612e0a9d095c569bfd55ade90c607b0870f64396fd
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06dbd194f8dd1ea2dada8e73f5c7ad05157e3821ca00ce6a4cd65845014763c3
07484cc5c4459104a809bfb7d227ac3beaaf0424da333e640669339201943e66
0764cbc4ae21601aaf7702bf0439228522077d0f51bc0c13fa8eb782bccb030a
0ad40dc852b7a7c900b5dbf89e044ff0dbb5da5198f669af698a5f7dadb75b99
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcbf5d66bfaeaf4932ee633197864d7bdbe2df96213dfa6d87e56e6eb15f2fa
0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72
0fd89413af5fff2bb182707a17c39d6ffaec67b567f0b4af756a1d432f83faa6
10403ab1f09ffd4d81b297f3aa5bca87d4f79b9ee23d9e7e5c1d65a13405056e
122bbb82786de45f899024e30ba46be0ffe396c5db6d68060671ffd83ab6c76f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16c1a8284ac22bac6889f84dcbc193f8ffd78f080d9e4378406b3a67b6b555b3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
193851be4b21cb5abd35752d000f4e44ed8c09e2ea3880458e69c780d935398e
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c63b9c824b71c2dcf01d4e630880397ed4cf2fc534d64648507a1663b9844da
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20bf03675e0bcde5da263544cb280a9107b98d516e2fff20225abba9aa603ce9
2260074041e8fd0d66221a864f90c5e6946fd01f8043bdd96fed3587ccebce86
2354f741a326d70b34d378a8a5e0fef00124d74ac84034264ef39eb8b25a6899
2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2944cb90199155797753e32e674ec4180513251c71b5d74a9f3baa9d62194aad
29dc6f6bfbb1c653c4d903d3a78b0fd4b5652e91fac04e6cde2f4d5f822d57f2
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2cd717e3d8c177eb4a61fea6e17eb9d93b1807ae008c26bdcd317391d895ac72
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
30cd473c2780a6d88c7e62f98a4d9892e7f31e31562657cc84283de7967a70e6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34edcdd3917a6ee4fdc252e5c1896228bdea17b40644c2b96c8dffdfcc0829e2
3518aec29d9d15101a5c9a36164c0d18bf4cc9a38f870a5174ad9e3292201867
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
386f23c8be6bee4cf3eb5e843d9756bbaa18094e55c60785fba86078a74981be
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a78467f4364ae0a2660569092ad62bbd89a877c462c520644234c57a133619a
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ba37a7d6ab8d140e53539d80441045580bc626b86ee781f07201d5f392db8e5
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25
3ced8ef62a879690b14ea0fa6c73d48a906cca1cc03ac25e71b1ffc9ff80136a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d8dbf4d0f5a1ca947aecf5f60bf11aef8644894b76b733bc9c5988b084853f8
3da1d0f5ab67b7c78dc07fd90c7151d40102cb0656f64cc76ae2f99c53cf94f4
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410b0005ff54f5770ee1cd314fffbf4e5f4ee6343c60709e8dd715ab25360894
411bba13c654162cfb7bdba5d9531751eaa784daa456b21ac1a35d6fdfc71a9b
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d72006f7bea225e08ce410eacd1f9694890eaae23076e5a6577309e0fa3c02a
4d7b8e1a2a8b9d9d62465dd38ed6068ec3e69505e59c196387332b0d778e6037
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
4edeebae171b03b454326c6a19b190999232f691728b2ec572088653355e00d6
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56bb634245b7b25ecb78ab1639e9d916c097684096acffb4b8d02e3fcd99557d
5763fe32747d20e48e22c49feaaa4edc823fb1b8bc2363a021158f080febf915
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce022eddf151bbc500b007b54e9f6248ee854a40423446356e89c71326615e6
5dfca1a46a0ae8d4b9dbc5bc8b46c8bc18e54fa62b58e5bdab8bb763488b336d
6090302c974abaf082b19cafc3af71e27c761ec5b07c98f4f19ba4b59af9d0f2
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d50bb391ece85cc220ad7f16d9dee01a610244ddf4edfaf03dea306c64816f
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3
65f4cae6ab4f069d782ef10599d8a3cbcfdc3bb906abb0b0424f3b5e4c3c00c0
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
665ad7b6420e921636e8379dc2dd8189b7bd588e4d4cfe0b3602fd188da535b1
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
6a1bf9a8388b141ddcc6014b2a701c05d32d33d313b04de1530c343e6ce0c90e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cd9b5fa32ce00b95eeb055134d3ee1866ee5dafbeff80b19558280d3c702e69
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6f97ac06bd8b7faef4fbe9e0ca1452fbca79ca50da84c3cf6b51daf6385a5ca0
6fc93bdd7464b39572e18da5366a14c3e9697ea06f0f19e8b71d7e4b5748b9bb
71247dd61513f7a2ebb9945ad0400908965708460eb0fcfa25b36500ac4b8470
71c87286b7656c279d8c6276b6602373709af8c8d4405cf94dc74e71ac9fd3b4
75895e2593ec9355793eb5bab3b2d81d5ffcc1852ebfc161c76ed63c49b09ee9
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6
782c942b06bffc2d4601b284b77627d35394c044b55aab733bf714bb27303cee
798697bd2e21414cb4890b2a64818022b32553c819be183ee165b72df3d5fe3d
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
80ab7e8ed81668be43dfffc4440e174f845562c7b923111d497aac749feaeea5
81d346cd690e79e7a6c9c5150088ba24600d44f1cf682e4d0974c6c45b3c97d5
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
8256a3552d7b5718e1893c202df5514114c7f824a817a566bd90341e1329585d
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8756d3367261f5dfcbef03be86fb4b956f889917fbdd3b72c300d8e1dcdc5f47
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8974c7de3825a8cd4f7a46cb779898056bf499a52259aeacd574995bb508a311
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
93e8b3e9ad494fe434b90d4f6052419b9adb5e8375910c070196756fc56ab135
93e9590dbdc8f5833f437da27778a68429194a6578e116d1ed21cd30dcf65235
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94243e72d46b0386bf3284cbb5e330bb6ad3a8943f26e99df0c62b17aaa656f8
95b69205ecd37bfee85b36b56f4af39d6831b2d31be7270e17dd63a2d795dd3c
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e94107a608d453f2db54e1908b56e54db0b02c1404e708ee4e231ecf7127398
a05309f62b59c824b832a89a8f42ffec837961f77eb20e81344b2ac3668ba44e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab49d2c42e6a33be518e0fe8813edde3811059123d3f7eb99e84573e972550d1
accb009d6e09e82e0671e08a604ac345b866976d92303e011cfbd55d090db9b9
acd59d2794884b1800060b8fbdf753e5b40203ead7cba8964ecc6f42effa60ba
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b044754da3561e96b9a2ab55c3cad5db568bad1377ca0dcee183fd8258d4cc42
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6be254a2379c9f0afb55e6ae500a2436dda78a424b665847abe43df58d710a0
b9ca88ff32a453c0d8a5bd64d52474826dd9225343b12bca882251daf5448682
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6def9dd44c74e41ef002023e3ce149585927fb9b6db7316c4aa05cbf856466
bfbf1436bf452e5623d63496ca8ec4fecd68b518f2b8f461f4a62d3c8f1cd55c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c34dd689c3d2e5e3369e0d0df84b5d852225767b5c8fbb642d4472d14a09cdb9
c352ba04042adcb3e96ac28a557b0dd1d24d1747994447fe4ced46bef39ad006
c4e3ae4cd618335e965051dbb7d2ba8a1d6db85dc91911c16c4bf3af1e631808
c550961c64fcfc26e556c028ef9747b25f32e5eb0fc45a20a2ef0d87ee52e8e9
c930218a7329f9a602afceefc667804448908afb5048d9db9bbb31ea85486562
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
ca4ac0e6739de3f74265d0d315e01c79304d7c806d3b4e60b348e8d0d6b0f255
caab777adb978a349550c310cc8236c122b9bda260fc10113cb053a3a4001066
ce0249dfac0bd00a7ee8b19df4ce1855cdb40a3c302b547f3d52506918568a8d
cea1dc5f16dedd188ea378fdd5cece5e469c9bb5dd04c1dd7f02c6d494765532
cf60c06060903c9d2dacfd0383985421f99a470a0e4703c87feb4833d8fd3e27
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d4de6c8a24d8959593744ade6de22ed29b5404dcdd0243d43e52209b56383f66
d4de9d6e28d209be346b11ecae6fd408f203b541de18d85394a3309e03328865
d664f539ddbb7708ac2bbb5f3765315c574f697b29c172c6e2e075639d571708
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
db4ca408171c572363cd1e6a48565cac33fd0a55943ca9dc1df0ae8611461409
dc8fd0b6545074728bdbbdab57992681a9f5569a07fe21d0ee3ebfce59a53601
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
dd7f1e4b0fca1a03ff565597b64bab622fd1db5135dc45a951dce1018b2620d7
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e1b433c0ef873bfdac5483fba7997d5b86082b24e4896ad267d8bc7cf5846f23
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6
e4c827a216d3b126750b0202c5793003f24d6002f21ff2300200c6019829929e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7a8c5b89164a108da44f51f27d4fdabf677c00aeea719f396900b16b15950bb
e7e6da2db355f479ede2876da910d74b6c30ea49dc0237eea075526e574b0a2a
e81762698c7bbd69398b2d96f233c32b78b71bdda62829c985ba9b4324c586ec
e9bb5290a970d50005fc48f1324eccd13600b4e93cf08d435051e4e296e64cf0
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ed0b0ec7db78d71f3a334c7107ddc3188053be12f33f374a28bccba7348e4e58
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
ef1dcaf299e01d8c9274e7640eaba287bbb24be138d81d59a4377883f9c1512c
f17ac025db29c0b8c3106da2f84f60e428aee923e9b2d610d602246f13d0b9e8
f64ccfc496220652ae255da6af6ccdf88c2c7b36f8b5516b45f0185baef42ec6
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
f95c14cfa2139ba13b3608f9f7640f49e540e15760c50e252c44bbb8f33b2803
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbd297e0068446878dff43e1e65fb8ef219e22be9150bb9b3e4a70c89188819c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3c7b690dff6e25210fda61777b1ae4bee5c413de6d3d233eddccf7628f8992
ff4b20ee645caebd0d768c181d959616a76d475d446439f3d7164da14a36c19f