urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-...
Submission: On September 20 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 10 countries across 91 domains to perform 453 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
17 142.250.186.161 15169 (GOOGLE)
14 142.250.185.130 15169 (GOOGLE)
2 142.250.186.136 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
1 2 162.210.196.208 30633 (LEASEWEB-...)
3 104.26.5.103 13335 (CLOUDFLAR...)
2 152.199.21.70 15133 (EDGECAST)
5 2.21.20.220 20940 (AKAMAI-ASN1)
2 151.101.130.137 54113 (FASTLY)
3 216.239.34.36 15169 (GOOGLE)
7 23.97.225.52 8075 (MICROSOFT...)
23 185.180.223.67 49981 (WORLDSTREAM)
11 33 142.250.186.34 15169 (GOOGLE)
1 192.96.203.13 30633 (LEASEWEB-...)
2 4 91.228.74.251 16509 (AMAZON-02)
1 104.16.86.20 13335 (CLOUDFLAR...)
16 52.214.251.135 16509 (AMAZON-02)
1 178.250.1.8 44788 (ASN-CRITE...)
1 3.127.138.223 16509 (AMAZON-02)
1 184.30.21.51 16625 (AKAMAI-AS)
1 69.173.144.137 26667 (RUBICONPR...)
1 213.19.162.45 26667 (RUBICONPR...)
10 104.22.68.131 13335 (CLOUDFLAR...)
6 24 51.89.9.254 16276 (OVH)
1 185.255.84.150 200271 (IGUANE-)
2 4 145.40.97.67 54825 (PACKET)
3 35.186.253.211 15169 (GOOGLE)
1 3.72.148.229 16509 (AMAZON-02)
5 8 37.252.171.21 29990 (ASN-APPNEX)
1 34.107.148.139 396982 (GOOGLE-CL...)
3 18 104.18.26.193 13335 (CLOUDFLAR...)
4 142.250.185.170 15169 (GOOGLE)
1 1 51.83.220.94 16276 (OVH)
11 12 18.157.194.184 16509 (AMAZON-02)
3 3 96.46.183.20 7979 (SERVERS-COM)
1 175.110.113.208 49981 (WORLDSTREAM)
1 4 185.29.134.248 30419 (MEDIAMATH...)
4 10 69.173.144.139 26667 (RUBICONPR...)
2 3 2.19.126.84 20940 (AKAMAI-ASN1)
1 1 185.86.138.151 201081 (SMARTADSE...)
4 35.244.174.68 15169 (GOOGLE)
2 6 52.46.130.91 16509 (AMAZON-02)
5 7 198.47.127.18 62713 (AS-PUBMATIC)
1 1 198.47.127.205 62713 (AS-PUBMATIC)
5 5 3.71.149.231 16509 (AMAZON-02)
12 15.197.193.217 16509 (AMAZON-02)
3 3 37.157.2.229 198622 (ADFORM)
1 2 175.110.113.213 49981 (WORLDSTREAM)
5 142.250.186.138 15169 (GOOGLE)
26 216.58.212.129 15169 (GOOGLE)
2 7 172.217.18.100 15169 (GOOGLE)
3 172.217.16.195 15169 (GOOGLE)
31 172.217.18.2 15169 (GOOGLE)
1 18.66.97.31 16509 (AMAZON-02)
3 3 23.201.255.110 16625 (AKAMAI-AS)
8 184.30.22.30 16625 (AKAMAI-AS)
7 172.217.23.98 15169 (GOOGLE)
1 216.58.206.38 15169 (GOOGLE)
6 212.8.243.37 49981 (WORLDSTREAM)
2 2 184.72.108.234 14618 (AMAZON-AES)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
3 3 213.155.156.183 1299 (TWELVE99 ...)
2 2 23.212.88.20 16625 (AKAMAI-AS)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 141.95.98.64 16276 (OVH)
1 1 35.208.249.213 19527 (GOOGLE-2)
4 7 69.173.144.138 26667 (RUBICONPR...)
5 142.250.185.99 15169 (GOOGLE)
6 216.58.208.99 15169 (GOOGLE)
7 216.58.206.34 15169 (GOOGLE)
1 185.84.60.29 198622 (ADFORM)
1 3 34.255.44.222 16509 (AMAZON-02)
2 4 67.220.228.203 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
2 178.250.1.3 44788 (ASN-CRITE...)
4 178.250.7.13 44788 (ASN-CRITE...)
1 18.66.147.106 16509 (AMAZON-02)
1 151.101.65.108 54113 (FASTLY)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 72.246.168.23 16625 (AKAMAI-AS)
2 6 35.244.159.8 15169 (GOOGLE)
2 3 13.248.245.213 16509 (AMAZON-02)
2 2 54.164.186.38 14618 (AMAZON-AES)
1 1 13.32.27.67 16509 (AMAZON-02)
1 69.20.43.192 27357 (RACKSPACE)
2 2 193.0.160.130 54312 (ROCKETFUEL)
1 50.16.128.129 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2 63.35.23.211 16509 (AMAZON-02)
1 2.18.160.23 16625 (AKAMAI-AS)
3 216.52.2.48 32475 (SINGLEHOP...)
1 34.242.185.58 16509 (AMAZON-02)
1 185.86.138.150 201081 (SMARTADSE...)
2 184.30.16.195 16625 (AKAMAI-AS)
6 18.66.112.58 16509 (AMAZON-02)
2 52.204.164.185 14618 (AMAZON-AES)
2 3 216.52.2.86 32475 (SINGLEHOP...)
4 4 46.228.174.117 56396 (AMOBEE)
1 1 46.228.164.11 56396 (AMOBEE)
1 1 69.166.1.35 27630 (AS-XFERNET)
1 1 3.216.96.7 14618 (AMAZON-AES)
3 52.57.130.135 16509 (AMAZON-02)
2 2 52.31.253.130 16509 (AMAZON-02)
3 4 151.101.66.49 54113 (FASTLY)
1 1 8.2.108.194 46636 (NATCOWEB)
1 1 37.157.5.132 198622 (ADFORM)
1 34.247.205.196 16509 (AMAZON-02)
1 198.47.127.19 ()
453 85
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
17    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
cdn.ampproject.org
631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
e0413bc25a06952e4f87cbbe16be312e.safeframe.googlesyndication.com
14    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
2    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
5    2.21.20.220 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-220.deploy.static.akamaitechnologies.com
cdn.adpushup.com
2    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
23    185.180.223.67 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-67.hosted-by-worldstream.net
ad.vidverto.io
33    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googletagservices.com
cm.g.doubleclick.net
1    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
4    91.228.74.251 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
16    52.214.251.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    3.127.138.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-138-223.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    213.19.162.45 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
24    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
4    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    3.72.148.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-148-229.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
8    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
18    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
4    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
imasdk.googleapis.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
12    18.157.194.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-194-184.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    175.110.113.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-208.hosted-by-worldstream.net
ad.vidver.to
4    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
3    2.19.126.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-84.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
6    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
5    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
12    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    175.110.113.213 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-213.hosted-by-worldstream.net
ad.mox.tv
5    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
26    216.58.212.129 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f1.1e100.net
tpc.googlesyndication.com
7    172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f100.1e100.net
www.google.com
3    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
www.gstatic.com
31    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
pagead2.googlesyndication.com
partner.googleadservices.com
1    18.66.97.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-31.fra56.r.cloudfront.net
rules.quantcount.com
3    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
googleads.g.doubleclick.net
1    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net
s0.2mdn.net
6    212.8.243.37 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-243-37.hosted-by-worldstream.net
cdn.vidverto.io
2    184.72.108.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-108-234.compute-1.amazonaws.com
fksnk.com
1    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
6    216.58.208.99 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s08-in-f3.1e100.net
csi.gstatic.com
7    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
pubads.g.doubleclick.net
1    185.84.60.29 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
3    34.255.44.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-44-222.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
4    67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    18.66.147.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-106.fra60.r.cloudfront.net
public.servenobid.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    72.246.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    54.164.186.38 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-186-38.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    13.32.27.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-67.fra56.r.cloudfront.net
s.ad.smaato.net
1    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
p.rfihub.com
1    50.16.128.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-128-129.compute-1.amazonaws.com
rtb.adentifi.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    63.35.23.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-23-211.eu-west-1.compute.amazonaws.com
r.scoota.co
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
c21lg-d.media.net
3    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    34.242.185.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    18.66.112.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-58.fra56.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
2    52.204.164.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-164-185.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
3    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    3.216.96.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-96-7.compute-1.amazonaws.com
ssp.disqus.com
3    52.57.130.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    52.31.253.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-253-130.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
59 googlesyndication.com
631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
e0413bc25a06952e4f87cbbe16be312e.safeframe.googlesyndication.com
518 KB
58 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
pubads.g.doubleclick.net — Cisco Umbrella Rank: 359
456 KB
30 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3048
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel-us-east.rubiconproject.com Failed
62 KB
29 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30729
cdn.vidverto.io — Cisco Umbrella Rank: 40830
496 KB
24 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
13 KB
18 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
dsum.casalemedia.com — Cisco Umbrella Rank: 2664
37 KB
17 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3520
public.servenobid.com — Cisco Umbrella Rank: 7575
10 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
101 KB
14 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
307 KB
13 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1511
x.bidswitch.net — Cisco Umbrella Rank: 614
31 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
2 KB
12 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18087
e3.adpushup.com — Cisco Umbrella Rank: 19655
284 KB
11 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 1061
image2.pubmatic.com — Cisco Umbrella Rank: 1547
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com Failed
14 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
7 KB
10 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7516
csync.smilewanted.com — Cisco Umbrella Rank: 3971
static.smilewanted.com — Cisco Umbrella Rank: 15268
17 KB
9 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 657
fonts.googleapis.com — Cisco Umbrella Rank: 113
821 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
acdn.adnxs.com — Cisco Umbrella Rank: 960
secure.adnxs.com — Cisco Umbrella Rank: 806
29 KB
9 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
adpushup-d.openx.net — Cisco Umbrella Rank: 32309
us-u.openx.net — Cisco Umbrella Rank: 863
eu-u.openx.net — Cisco Umbrella Rank: 3562
u.openx.net — Cisco Umbrella Rank: 1024
3 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
3 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 11
3 KB
6 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 7534
4 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
ce.lijit.com — Cisco Umbrella Rank: 1486
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
adx3.adform.net — Cisco Umbrella Rank: 65543
cm.adform.net — Cisco Umbrella Rank: 1654
3 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
cs.media.net — Cisco Umbrella Rank: 2422
contextual.media.net — Cisco Umbrella Rank: 1062
c21lg-d.media.net — Cisco Umbrella Rank: 3883
hbx.media.net — Cisco Umbrella Rank: 1959
11 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 949
gum.criteo.com — Cisco Umbrella Rank: 640
dis.criteo.com Failed
7 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
1 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1301
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2250
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
436 B
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
cms.quantserve.com — Cisco Umbrella Rank: 1260
10 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876
69 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
2 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
919 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
2 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2330
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
171 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
359 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16071
41 KB
3 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 35724
sync.aralego.com — Cisco Umbrella Rank: 4312
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
1 KB
2 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3579
cs.yellowblue.io Failed
1 KB
2 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2247
usersync.gumgum.com — Cisco Umbrella Rank: 2735 Failed
rtb.gumgum.com Failed
2 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 30407
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 821
868 B
2 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 4633
p.rfihub.com — Cisco Umbrella Rank: 1417
2 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
3 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
60 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 687
2 KB
2 fksnk.com
fksnk.com — Cisco Umbrella Rank: 8734
1 KB
2 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42500
304 B
2 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2389
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
sync.smartadserver.com Failed
rtb-csync.smartadserver.com Failed
1 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 33779
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 19210
c.statcounter.com — Cisco Umbrella Rank: 12701
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
179 KB
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4144
496 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2272
523 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1592
623 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
465 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
434 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1944
285 B
1 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 3391
522 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1092
450 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
649 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
273 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1569
450 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2496
709 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
671 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
584 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
632 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 52748
154 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 12994
259 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
visitor.omnitagjs.com Failed
455 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1774
493 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
16 KB
0 socdm.com Failed
tg.socdm.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 admanmedia.com Failed
sync.admanmedia.com Failed
cs.admanmedia.com Failed
0 adkernel.com Failed
sync.adkernel.com Failed
0 redintelligence.net Failed
hal9000.redintelligence.net Failed
453 91
Domain Requested by
30 pagead2.googlesyndication.com ads.aralego.com
631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
www.google.com
30 cm.g.doubleclick.net 11 redirects onetag-sys.com
www.bg3.co
631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
adpushup-d.openx.net
g2.gumgum.com
26 tpc.googlesyndication.com www.bg3.co
631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
cdn.ampproject.org
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
24 onetag-sys.com 6 redirects cdn.adpushup.com
ad.vidverto.io
onetag-sys.com
www.bg3.co
csync.smilewanted.com
public.servenobid.com
23 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
16 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
onetag-sys.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
14 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
14 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
12 match.adsrvr.org onetag-sys.com
www.bg3.co
cdn.adpushup.com
googleads.g.doubleclick.net
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
12 x.bidswitch.net 11 redirects onetag-sys.com
9 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 pixel.rubiconproject.com 3 redirects onetag-sys.com
www.bg3.co
8 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
7 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 token.rubiconproject.com 4 redirects eus.rubiconproject.com
7 googleads.g.doubleclick.net 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
7 www.google.com 2 redirects www.bg3.co
tpc.googlesyndication.com
7 image8.pubmatic.com 5 redirects onetag-sys.com
7 ib.adnxs.com 4 redirects cdn.adpushup.com
acdn.adnxs.com
7 e3.adpushup.com www.bg3.co
6 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
6 csi.gstatic.com imasdk.googleapis.com
6 cdn.vidverto.io www.bg3.co
6 s.amazon-adsystem.com 2 redirects onetag-sys.com
www.bg3.co
ssum-sec.casalemedia.com
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
5 fonts.gstatic.com ad.vidverto.io
fonts.googleapis.com
5 fonts.googleapis.com 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
www.bg3.co
securepubads.g.doubleclick.net
5 ups.analytics.yahoo.com 5 redirects
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync-tm.everesttech.net 3 redirects g2.gumgum.com
4 gum.criteo.com cdn.adpushup.com
static.criteo.net
gum.criteo.com
4 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
4 id.rlcdn.com onetag-sys.com
4 sync.mathtag.com 1 redirects onetag-sys.com
4 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
4 prebid.a-mo.net 2 redirects cdn.adpushup.com
3 match.sharethrough.com public.servenobid.com
csync.smilewanted.com
cs-server-s2s.yellowblue.io
3 sync.1rx.io 3 redirects
3 ce.lijit.com 2 redirects public.servenobid.com
3 ap.lijit.com csync.smilewanted.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 d5p.de17a.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 www.gstatic.com www.bg3.co
631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
3 c1.adform.net 3 redirects
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 ads.betweendigital.com 3 redirects
3 htlb.casalemedia.com cdn.adpushup.com
3 rtb.openx.net cdn.adpushup.com
3 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
googleads.g.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 match.prod.bidr.io 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
2 r.scoota.co 2 redirects
2 creativecdn.com 2 redirects
2 us-u.openx.net adpushup-d.openx.net
2 cms.quantserve.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects g2.gumgum.com
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 id5-sync.com www.bg3.co
ssbsync.smartadserver.com
2 fksnk.com 2 redirects
2 ad.mox.tv 1 redirects onetag-sys.com
2 prebid.smilewanted.com cdn.adpushup.com
2 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
2 ads.aralego.com 1 redirects ads.aralego.com
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 u.openx.net 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 usersync.gumgum.com g2.gumgum.com
1 cm.adform.net 1 redirects
1 us.ck-ie.com 1 redirects
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects csync.smilewanted.com
1 ad.turn.com 1 redirects
1 ssbsync.smartadserver.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c21lg-d.media.net contextual.media.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects
1 eu-u.openx.net adpushup-d.openx.net
1 a.rfihub.com 1 redirects
1 cs.lkqd.net www.bg3.co
1 s.ad.smaato.net 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 contextual.media.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 px.ads.linkedin.com www.bg3.co
1 partner.googleadservices.com pagead2.googlesyndication.com
1 adx3.adform.net imasdk.googleapis.com
1 trace.mediago.io 1 redirects
1 sync.inmobi.com 1 redirects
1 t.adx.opera.com 1 redirects
1 cs.media.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 pixel.quantserve.com www.bg3.co
1 s0.2mdn.net imasdk.googleapis.com
1 e0413bc25a06952e4f87cbbe16be312e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 image2.pubmatic.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 sync.aralego.com ads.aralego.com
www.bg3.co
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cs.yellowblue.io Failed cs-server-s2s.yellowblue.io
0 visitor.omnitagjs.com Failed cs-rtb.minutemedia-prebid.com
0 pixel-us-east.rubiconproject.com Failed public.servenobid.com
0 cs.admanmedia.com Failed g2.gumgum.com
0 tg.socdm.com Failed g2.gumgum.com
0 rtb.gumgum.com Failed g2.gumgum.com
0 bh.contextweb.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 b1sync.zemanta.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 dis.criteo.com Failed csync.smilewanted.com
0 sync.crwdcntrl.net Failed ssum-sec.casalemedia.com
0 um.simpli.fi Failed onetag-sys.com
0 sync.smartadserver.com Failed csync.smilewanted.com
0 sync.admanmedia.com Failed public.servenobid.com
0 sync.adkernel.com Failed public.servenobid.com
0 hal9000.redintelligence.net Failed googleads.g.doubleclick.net
0 static.bg3.co Failed www.bg3.co
453 152

This site contains links to these domains. Also see Links.

Domain
vidverto.io
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
cdn.adpushup.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
ad.vidverto.io
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
teads.tv
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
cdn.vidverto.io
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh

This page contains 73 frames:

Primary Page: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Frame ID: BA1D377ECB5E8F4C870A765B8DC60FE0
Requests: 136 HTTP requests in this frame

Frame: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6C88ECA4CC2651A44167FB8B245E7144
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5_GGZpEsNMh5ih3CAO9zXnjA4DiBig5yYyt1Q6NW84MwthxXndjodwEAP2yD5O54LYxMi6BuWEezBxU9ZHKNwjzlM1q_HWw6TWiGySXfB8A7EZ60nms82LwoFHkM3bg4C8Zmn6Y-4TlVu6e_t7H9eyVmlLKylSdzMxuvwHdsPy1tq8Y0duidiSNrI3NLhGt0UAR4fvJ9xYGYUgu-xMElc330SiZunz2BdmhRMRU7QL9kqmvI57iUNITY_TFUGBJ2G4S6R7qly4t6J85Yt9Wd3F3wrljtT8qwjlRGo-H5UcGX_fckHfjxOHNjBZZVQFITzmA&sai=AMfl-YSeCv4vT38VSdZCkLraJ6ZmlHi6JnHKxJt1eihiNY2AH_gm58xXpGiTYq_sg7k0i5A_YzdLEiTWt68cwW7YvKYuhaejqreeGcYBMMAAco5nbzoFIeu_Id-ob4bkakGbQUoMt6_lFzwTvBNOHBqq&sig=Cg0ArKJSzOCjyxBzk1X4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C0BD3995E4E466091248B28D1C103F75
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 92E43DB7B5C5D3935E9FB6A927E28E68
Requests: 16 HTTP requests in this frame

Frame: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9ED9F5B4CED2AAA120B25E4A99531387
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Frame ID: 5312CA55F602984C36EEB691EBFD8670
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5DA413ADA371E39950F25CC7E3946491
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1AC5637AD79B8C2AB7B7CD71D3208F35
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 77943638E0799FCDF62B586FEBE3F22A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8A7B1AD339967C2E840A053E4AAED442
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A39CC8F2424DB38743AC2FB2DC7103AE
Requests: 9 HTTP requests in this frame

Frame: https://e0413bc25a06952e4f87cbbe16be312e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C4DA52ABDCE50C256BD4F9793B64E44D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Frame ID: 23CD085E0F6B96134ABA0707AC86692F
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/canary/omweb-v1.js
Frame ID: 1C5E29CD4A037DD0C0F94CF917ED8509
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Frame ID: 60CF55A72DF43DC105F98B87334B4EF2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7A62A73AA002FE0FD715B360484CA06A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Frame ID: FF87C7F78D132E98CDBA5DFF8834C93F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Frame ID: D68E8DFEC3DD51C15E527EEF422AAE39
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Frame ID: 889BC209266ABB98BD09B937B006CCBE
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Frame ID: 4E24099F5ED4FE03C33F5F4F52CFB333
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Frame ID: E9AE2F3EA216C795AD4D137DC20CC532
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C8BB7E89E0DE5719A1F9D796056176E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 487896A88BA8A1B0F1C693C9E8D4FAF3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNW-DOfI_kH5o2b8-_rXh_NOMYeSniIY6I0uKILl1BK6mnXwgJM8TrU05C0pFnK_HU0G-FMD9hDrYk1EWJ--AE93lVhYlw
Frame ID: 0B015FC76B1B67CBC4254047861C2EFA
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3160F98484D86FDC064D6E3A4EECF61E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Frame ID: 529AD6EAD01BE46EEC6E9591DD85BF44
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5D0BF3B222B35DD82DBA875B17269F91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AF16346E441EC239F0338B8F8C8EA6FC
Requests: 9 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 72F14966851F0A80E7D9E76AE931343B
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EC484C81D557E4F666CDBC1456065BFA
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1695183177728
Frame ID: DE0B4FCBD3BEC6424273DD5551F3C651
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D2B264C0B283A5120E89FDC5423E2008
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 13C8B95EED71BD4F0CB37E74D52C7CE5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: CC4F1F59EC8BEEDE794C37B53D368C86
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 5BD5BAE9958378BA730CBB321D5E13B1
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: F45169D0016693F350E0B6ADA85C09D7
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 28C947D9BB3019AF5F7E82ACCD084C39
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: EEA10313D1255246325105BE1A01633A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B3310BECFEFF8B9EE4D86BC8F258526E
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 6DCF7D5A1EF0C82FD90511311BB11FDA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 5A3FBA86D4B5729D6BB2654BBA6B6610
Requests: 7 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: C156EA1B3C00D841268CFCE85D91849D
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: CFA4CF192E7BD9D7C49965CBCF8716F9
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: BFC82F843622FCB8E54009E171003CD5
Requests: 7 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 23E88FC0DA51F50844F849ABDCEE3DBB
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: DB82CB8AA4B086FC52FE5CF113851CD6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: B5D12514D8A9DCE2435EAFBAC45D8ED0
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 85FB3814C6394B66790FAB8240DEC19E
Requests: 3 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 21A6245EB99AA3DAE8BED076A846E9D6
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: C2EC1CB67500368656ECD1D32A9E5010
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 22A11AFA84B506B1A7969BD85AE01815
Requests: 5 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
Frame ID: B83A3E304C6F706D87D0DDED40F07DC3
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
Frame ID: D299D21B77DABE51EC7EE553DBC88ED8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/ece55359-3428-5307-808b-9933e581e879
Frame ID: D2CF32CF93F52283BF9128F86415AB5E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/2f6411bbd0a695e8bccff6fe37d6237fab37d2618e167798d080393f5c56c4ab
Frame ID: 9A1B9E57DE9DBE3F878C6DF9F7F444AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B19976DC91727F9D6175956A97E46827
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58DE0E1DBB4A2E58E3BF606A1F7D014F
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6354298408334049921
Frame ID: 1A9AB8972F8A183B54450EFC1AC8DC51
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp=
Frame ID: 16788B839AF92E119B96C3015ACDAB32
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/9b6d9a51f4d79e89b9766142f701daa?gdpr_consent=&gdpr=0
Frame ID: 2E7DBEBDF9F3EC451540471D0079A871
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 7D0C194336414CB8C4A1D5A1FF758A54
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=6354298408334049921&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Frame ID: 95E859B079E331E9E24B714DB0250F93
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZQpxTwAAAcXn_AA_
Frame ID: D9555E8380965A07AA2A174DFA2B2DBD
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wMmY2MDJkOS05ZDFjLTQwNGItODAwZi0wOGE0OTM0MDA5ZmY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: A4A493FF346023F99179EF9EA35F24F7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7D3542DAC36FF8B84AE1003BD482A0C8
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 87440D9BFFAE84B093B0245B7D76E26A
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 55A7BD0A63F23FBA4942C41FA0618FEB
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_02f602d9-9d1c-404b-800f-08a4934009ff&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 6A05896BC6FDD77821CF949C261BCDE0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=nvU7prbdnmzMRv9SSl2T&pi=gumgum
Frame ID: EF5BB98C79A2C4804F67ABCA138B553C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: A257650F712032F40CFE32575207B009
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 413316B5DA10171726A0D1E6ADEE968E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4490A31F36CB63ADE6D88660A72D6A6F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21BA201F0DBF99AB3F9310E8EF434421
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

星.級.餐.廳.新.菜.單-吃貨不知道的舌上驚奇 文華東方雅閣 新菜上桌 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

453
Requests

69 %
HTTPS

0 %
IPv6

91
Domains

152
Subdomains

85
IPs

10
Countries

3809 kB
Transfer

14666 kB
Size

133
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 99
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D43d68535-3416-4ea7-a6f6-7eb3c972fec8%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=43d68535-3416-4ea7-a6f6-7eb3c972fec8&p_id=23
Request Chain 100
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=43d68535-3416-4ea7-a6f6-7eb3c972fec8&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=43d68535-3416-4ea7-a6f6-7eb3c972fec8&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=7858011515663102621 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=ece55359-3428-5307-808b-9933e581e879&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=9b6aa8bd-f40a-4509-8980-2a278c8f1560&p_id=15
Request Chain 104
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LMR8ANEX-1H-CMO5&gdpr=0
Request Chain 105
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6902073697500061440
Request Chain 106
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=49c77e572e2f481c29a1d674a39ccbf0&gdpr_consent=&gdpr=0
Request Chain 108
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKiE03yXUU5mHgHJDtkXMh5vJ8jsqtNQ
Request Chain 109
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=7953013701535579324
Request Chain 111
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=u1m9afAQ32UEEhbwnTO4i__hPcOgn30uZG4Yc-9KBcY
Request Chain 112
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDlCNjBEOUMtQ0M1Mi00N0RGLThDNjYtRjkzMUE3NzI3RkY1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=09B60D9C-CC52-47DF-8C66-F931A7727FF5
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFIGvmdf4Nnbq0WWZoLIYHk&google_cver=1
Request Chain 114
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
Request Chain 116
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6354298408334049921&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=&gdpr_consent=&us_privacy=
Request Chain 117
  • https://ad.mox.tv/delivery/sync?userid=JoqNrxFaXwifyBKLLwCWB4L23rjIBUu-_2cKWQs8BXk&p_id=5 HTTP 301
  • https://ad.mox.tv/delivery/v2/sync?userid=JoqNrxFaXwifyBKLLwCWB4L23rjIBUu-_2cKWQs8BXk&p_id=5
Request Chain 134
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 135
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/583bdf8b-f6f8-3221-a525-1c4ee8843632?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0lowRyxE2oU3V8iB_2_AVIz6CKnnT6vrxuCro3I-~A&redirect=
Request Chain 159
  • https://fksnk.com/cs/google?google_gid=CAESEINSxpn_C04eFO8WMQZFUPs&google_cver=1&google_push=AXcoOmS0mHGmxTwaNi1Mge1_UccqVglDO54485_cHLAzp_saTz5ceLU9_0TChICpc5NPSUJp8R8diT0GGDi9lkz604t2lW28ZvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg3RUNFOTkxNjBERjlFQQ==
Request Chain 160
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFeytTYC993xMS9OGt7whwo&google_cver=1&google_push=AXcoOmTSdKKQTEf68A50DTbchcQTxrXe0HsOcy8jM0eeLoTBX65nAD2PERj8rDZqvqylAaIlox5dzjvHB58O60OlLZWZqO8UIyK0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDc1NjMxMDI1MjcxNDEyNA%3D%3D&google_push=AXcoOmTSdKKQTEf68A50DTbchcQTxrXe0HsOcy8jM0eeLoTBX65nAD2PERj8rDZqvqylAaIlox5dzjvHB58O60OlLZWZqO8UIyK0
Request Chain 161
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFoHrOl9zXBBEghWdrkxns0&google_cver=1&google_push=AXcoOmTeJ_zg_jmwepswpNG2TdlP99O3KK8j6qh12yYtI54GYOxNk94EajpNDOoLHR8Mf4q4i_XjWMsM1zMOcD8txTzecbQIb4x0 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFoHrOl9zXBBEghWdrkxns0&google_cver=1&google_push=AXcoOmTeJ_zg_jmwepswpNG2TdlP99O3KK8j6qh12yYtI54GYOxNk94EajpNDOoLHR8Mf4q4i_XjWMsM1zMOcD8txTzecbQIb4x0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTeJ_zg_jmwepswpNG2TdlP99O3KK8j6qh12yYtI54GYOxNk94EajpNDOoLHR8Mf4q4i_XjWMsM1zMOcD8txTzecbQIb4x0
Request Chain 162
  • https://cs.media.net/cksync?type=g&google_gid=CAESEOwprAY98Kh15BL0qWR4HjM&google_cver=1&google_push=AXcoOmTKYx0A-yFMeyKe2CjkHYcSG9VpVUdV3nsSlgpt__RaYSB5gus-8LOTq2OL9doAtEBF01BFz5mS2rRyb4Z0-uG4WZTWVMbl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM4MTg0Nzc4OTMxMjk2NDAwMFYxMA%3d%3d&mn_hm=MzM4MTg0Nzc4OTMxMjk2NDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTKYx0A-yFMeyKe2CjkHYcSG9VpVUdV3nsSlgpt__RaYSB5gus-8LOTq2OL9doAtEBF01BFz5mS2rRyb4Z0-uG4WZTWVMbl&gdpr=&gdpr_consent=
Request Chain 163
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTJPmlDC8xIwFru2VPtejL9-ywykZ8sj6Kjef_QsNlllgxvFDAzO1Ghmhwz7U8XOcgEcDovqe-0yWKigdy4_E2qefhMsDcSww&google_gid=CAESEO6SE2WuGJ6VSj1Q1L6uHZw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO6SE2WuGJ6VSj1Q1L6uHZw&google_hm=T1BVNWY0NWY1OGEwNzQyNDE4MDk2MDExMjBmYmRmNjFhNjg&google_nid=opera_norway_as&google_push=AXcoOmTJPmlDC8xIwFru2VPtejL9-ywykZ8sj6Kjef_QsNlllgxvFDAzO1Ghmhwz7U8XOcgEcDovqe-0yWKigdy4_E2qefhMsDcSww
Request Chain 164
  • https://sync.inmobi.com/gob?google_gid=CAESEJJgymKXdw08TRuvwUFTACY&google_cver=1&google_push=AXcoOmRxksHghQutst8D1i5TJM-LLu3He10EkKqieTqSzH9Y-oW74TVKGg84MViZz2msFBOj4UmdNKoVaL97RlHEvGtU2-h5WAovOA HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRxksHghQutst8D1i5TJM-LLu3He10EkKqieTqSzH9Y-oW74TVKGg84MViZz2msFBOj4UmdNKoVaL97RlHEvGtU2-h5WAovOA
Request Chain 165
  • https://trace.mediago.io/cs/google?google_gid=CAESEMTjSxrJO40fVhgOfo0XrrM&google_cver=1&google_push=AXcoOmRBk9izCjXRmsuccbsqEYUxwpODMMY4s4-94vW3DGElOhxefh3MxdJxXzaFLcwaeWaWx5HFu3iPZdH55hsMFCQXd3duUJBXsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRBk9izCjXRmsuccbsqEYUxwpODMMY4s4-94vW3DGElOhxefh3MxdJxXzaFLcwaeWaWx5HFu3iPZdH55hsMFCQXd3duUJBXsA&google_hm=c42c57ff2cac5e3e88b82877e9ecb8bc
Request Chain 190
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMR8ANM5-13-2P8A HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMR8ANM5-13-2P8A
Request Chain 206
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 208
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=c6eU_xd1Rxe7BeTsmkpRfw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=c6eU_xd1Rxe7BeTsmkpRfw
Request Chain 209
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ruq3lVrx5ifAo4FadgyQs8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zxjGZrJE2oLViyI29JwhyrU4t04ZIySebdVMIQ--~A
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHgQ8tUjS5fXFzYFsDJvlaA&google_cver=1
Request Chain 212
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDRjODYwNmUwY2QyN2ViOWJlYzg5NjMyN2Y1MzY4MTFjMjI0ZjQwZA
Request Chain 213
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1SOEFOTTUtMTMtMlA4QQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI7JRHPVogkWS2v1uuOtpvE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1SOEFOTTUtMTMtMlA4QQ==&google_push=
Request Chain 214
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pDhp0g4VSnOitR8D73_TQw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=pDhp0g4VSnOitR8D73_TQw
Request Chain 215
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMR8ANM5-13-2P8A
Request Chain 216
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFLsZRj0A7ggUdqpDGMi00&google_cver=1
Request Chain 247
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQpxS.EmnVdhzRHNN3Ou-gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFLsZRj0A7ggUdqpDGMi00&google_cver=1&google_hm=2
Request Chain 286
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 290
  • https://onetag-sys.com/usync/?tag=img HTTP 302
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=&gdpr_consent=
Request Chain 293
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6902073697500061440
Request Chain 295
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKl0j-xnW4Qv7Cb_ofzAY7vfTyg9Ao8A
Request Chain 297
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFIGvmdf4Nnbq0WWZoLIYHk&google_cver=1
Request Chain 304
  • https://fksnk.com/cs/google?google_gid=CAESEINSxpn_C04eFO8WMQZFUPs&google_cver=1&google_push=AXcoOmQX9qCXh7kqwyVq7SIkooZs8_3UnC3B638VtiRkxymqQ5XGPJ8i35j9_tt6m9vmPbxrSH_oJXG7cR1gSRvJhNuh5sx_jU4h HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg3RUNFOTkxNjBERjlFQQ==
Request Chain 305
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFoHrOl9zXBBEghWdrkxns0&google_cver=1&google_push=AXcoOmRGDT9HQlLqbSyfgO6T4iLRMuf3U6wmk0Yrk7AfFpK53mKg7buGjs7_-WcofJwnF_QBA1nRVcJU9eBn-P1ODst5VRo_W-XFfA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRGDT9HQlLqbSyfgO6T4iLRMuf3U6wmk0Yrk7AfFpK53mKg7buGjs7_-WcofJwnF_QBA1nRVcJU9eBn-P1ODst5VRo_W-XFfA
Request Chain 306
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOD-TExXMffdfdhNptYgTLo&google_cver=1&google_push=AXcoOmRyVclSjeBe2NngQcEA-Tgz6vloeRa8HyDcXMLPcb4k6IkZ4BNvc7LblN9L1QR_KCNJVaWb2H1hVq-80Z_tbt9K_Dln8bZYMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FZXqowfsWHJZkIul9TEdNh8KrCk&google_push=AXcoOmRyVclSjeBe2NngQcEA-Tgz6vloeRa8HyDcXMLPcb4k6IkZ4BNvc7LblN9L1QR_KCNJVaWb2H1hVq-80Z_tbt9K_Dln8bZYMw
Request Chain 307
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECPTyGd2i8WSRJqPtvbPLNs&google_cver=1&google_push=AXcoOmT9X3jpn2KgpfaOkzrllwQsDLqmYExB0r0sGsxyzEEoYeBKyUCU4dQQOTxEqh412Gs5JVtGRZqLg6MNCZdl9cvpvhxB8cZX HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b241b3bb4f&gdpr=0&gdpr_consent=
Request Chain 308
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESENTL6s9XCv4dzttk-FWA7kU&google_cver=1&google_push=AXcoOmRomCDtV9kXAH39tKPF4L5oyghAJaGBi89QBd5WFqYkW1fPfqrCsZioP6xhrDe3fSy1j7yaoo-F8mngI77V4PBVM2H8roL3i2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRomCDtV9kXAH39tKPF4L5oyghAJaGBi89QBd5WFqYkW1fPfqrCsZioP6xhrDe3fSy1j7yaoo-F8mngI77V4PBVM2H8roL3i2A&google_hm=MTg2ODQyNjE5MDM2NTY3MjY0Ng==
Request Chain 309
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOLNlGEsdmJA4BdIuUOFWew&google_cver=1&google_push=AXcoOmSGmBS1tvpNvabO4M3QP-GRDkocwgI2cyckydtnPH3dryN-RyQ1Cz6Sm8DjpC7nhEz7cYfKD3-n3vzjK2PH9TipivUdeQTRVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKmRpU1AambuZOTFVd_xmvJz_CPZiQ1A&google_push=AXcoOmSGmBS1tvpNvabO4M3QP-GRDkocwgI2cyckydtnPH3dryN-RyQ1Cz6Sm8DjpC7nhEz7cYfKD3-n3vzjK2PH9TipivUdeQTRVg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 313
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=6j_ZKus73SrxM9145DnEcr08jXLxadl4vzsC4wBa
Request Chain 314
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6354298408334049921
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECGB0QWG5VkgJHelVcFLgl0&google_cver=1
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJsbzTOaL4rkZOSL7EoQjBc&google_cver=1
Request Chain 322
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6902073697500061440
Request Chain 324
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=nvU7prbdnmzMRv9SSl2T&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164&tc=1
Request Chain 325
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FZXqowfsWHJZkIul9TEdNh8KrCk
Request Chain 326
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a2c23137-6be9-494c-987d-eb4238193d83&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=&gdpr_consent=&us_privacy=
Request Chain 338
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 343
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6902073697500061440
Request Chain 344
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HWc9sRZHz8dAoh9jRfaaSxBd
Request Chain 346
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1695183183093 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5982492553 HTTP 302
  • https://sync.1rx.io/usersync/turn/2774169714449223286?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
Request Chain 347
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210827143705281
Request Chain 348
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=758b3827-7fcb-400d-a091-7a61d93f0eb3
Request Chain 349
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 350
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
Request Chain 351
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-0012af5a-3a2c-3712-bd2f-87d3939198cb&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0wMDEyYWY1YS0zYTJjLTM3MTItYmQyZi04N2QzOTM5MTk4Y2IQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wMDEyYWY1YS0zYTJjLTM3MTItYmQyZi04N2QzOTM5MTk4Y2IyAgwgOAE=
Request Chain 352
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
Request Chain 354
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 357
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
Request Chain 358
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1695183183094 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1734614377 HTTP 302
  • https://sync.1rx.io/usersync/turn/2702112120411295350?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
Request Chain 360
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/ece55359-3428-5307-808b-9933e581e879
Request Chain 363
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACoGU7KFOMAABi22wyVXw&expiration=1696392785
Request Chain 364
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJsbzTOaL4rkZOSL7EoQjBc&google_cver=1
Request Chain 367
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZQpxTwARn09dTAAN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQpxTwARn09dTAAN&_test=ZQpxTwARn09dTAAN
Request Chain 368
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=bb51650a-714e-4600-81c8-1ddcfc99a325&gdpr=1&gdpr_consent=
Request Chain 374
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/2f6411bbd0a695e8bccff6fe37d6237fab37d2618e167798d080393f5c56c4ab
Request Chain 378
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJGVAPCa1hATxBLlARwF2dg&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 383
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348%2526gdpr%253D0%2526gdpr_consent%253D
Request Chain 385
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6354298408334049921
Request Chain 386
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp=
Request Chain 388
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/9b6d9a51f4d79e89b9766142f701daa?gdpr_consent=&gdpr=0
Request Chain 401
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6902073697500061440&gdpr=0&gdpr_consent=
Request Chain 402
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6902073697500061440
Request Chain 403
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_02f602d9-9d1c-404b-800f-08a4934009ff&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=_2wdvf5oGb3kYBnv8WoA5ahvSeXkOh3vqmiLzFxR HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 405
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=f05fa3ab-e852-0741-3dd2-385b7b6a13f2
Request Chain 407
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-fgKSfXZE2perXFWIqRy2ewYJVPGY4C5EI6vO~A
Request Chain 413
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7953013701535579324
Request Chain 415
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT] HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=6354298408334049921&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Request Chain 416
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZQpxTwAAAcXn_AA_
Request Chain 422
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=nvU7prbdnmzMRv9SSl2T&pi=gumgum
Request Chain 423
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 433
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2382515013304278464328
Request Chain 434
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=09B60D9C-CC52-47DF-8C66-F931A7727FF5
Request Chain 436
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 437
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=9e3be5df-bfd5-0043-2231-3141f3399851
Request Chain 438
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164
Request Chain 441
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMR8ANM5-13-2P8A HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LMR8ANM5-13-2P8A
Request Chain 442
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=718aef75712626221be5347fe8286&gdpr_consent=&gdpr=0
Request Chain 444
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=09B60D9C-CC52-47DF-8C66-F931A7727FF5

453 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
www.bg3.co/a/ 		59 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
284af4aaafdbb86887a8f1f45feb84b6d633f300791efde1eb19c076772ef638

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 20 Sep 2023 04:12:55 GMT
etag
"eb30-90rI2iIh6QYvj2Z5+HZsRQZdUvg"
expires
Wed, 20 Sep 2023 04:13:55 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 04:12:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73017
x-xss-protection
0
server
sffe
etag
"1fbcd51b50b3cf51"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 04:12:56 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
30bdf82816190e65c8c6c0fd833cc4f21dd641eb6311a467d2ba48c84882d400
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 04:12:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9641
x-xss-protection
0
server
sffe
etag
"c9c47f39b31037df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 04:12:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9bb6eb34f7f63470279f6c85a38a0407adfe53b4187264f4ab71553b78d7928e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29377
x-xss-protection
0
server
cafe
etag
408 / 19620 / 31077994 / config-hash: 7190792443359072308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 04:12:56 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
26dadea2a6154a0c2c1eaedd61eea4d61e4134433897ee9d620ca93f7b984952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91064
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Sep 2023 04:12:56 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Sep 2023 11:07:28 GMT
server
cloudflare
age
6978
etag
W/"650980f0-a067"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80973ba18b852a1f-CDG
expires
Wed, 20 Sep 2023 14:16:37 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9165
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHOO55GbVNMhvHdBqc0Y58VpRFjAuTkAEoRLm4cjOhMPrHae4tg8ceqogKvDt6%2F%2FFxMRBmmLfMLCqXZs9eSopPCXX4OeyPZog5OsIyPABzrUHe9IumAL6H4skMYqU0l5Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
80973ba83c5e2a44-CDG

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF4) /
Resource Hash
e5418455c8aeb00641fe667756925987132c1054275a3d2065399105691fb277

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Wed, 20 Sep 2023 04:12:56 GMT
content-encoding
br
age
43792
x-cache
HIT
x-client-device
desktop
content-length
10032
x-ap-device
DESKTOP
last-modified
Tue, 19 Sep 2023 07:00:49 GMT
server
ECAcc (frc/4CF4)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Wed, 20 Sep 2023 05:12:56 GMT
adpushup.js
cdn.adpushup.com/42753/ 		678 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
05d72e8d2f2fb1f3e8e3cc5996e980da6f04cceec2f6c1fda6164f692a323146

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 20 Sep 2023 04:12:56 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Mon, 18 Sep 2023 00:00:15 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=10, origin; dur=0, ak_p; desc="1695183176147_399431004_563235756_974_1309_56_79_146";dur=1
content-length
144733
expires
Wed, 20 Sep 2023 05:12:56 GMT
t.php
c.statcounter.com/ 		192 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=B5F62416B7A04FB10FF991794E99AD25&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&t=%E6%98%9F%EF%BC%8E%E7%B4%9A%EF%BC%8E%E9%A4%90%EF%BC%8E%E5%BB%B3%EF%BC%8E%E6%96%B0%EF%BC%8E%E8%8F%9C%EF%BC%8E%E5%96%AE%EF%BC%8D%E5%90%83%E8%B2%A8%E4%B8%8D%E7%9F%A5%E9%81%93%E7%9A%84%E8%88%8C%E4%B8%8A%E9%A9%9A%E5%A5%87%20%E6%96%87%E8%8F%AF%E6%9D%B1%E6%96%B9%E9%9B%85%E9%96%A3%20%E6%96%B0%E8%8F%9C%E4%B8%8A%E6%A1%8C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2095&sc_rum_e_e=2100&sc_rum_f_s=0&sc_rum_f_e=2092&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
80973ba28c1f2a1f-CDG
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
382546
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230126-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1695183177.658624,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 7111
c1664850ab90683c7b5f65bdd3129942.jpg
static.bg3.co/imgs/202309/ 		0
0
98169da0cb97f941385b0851c349a51f.jpg
static.bg3.co/imgs/202105/ 		0
0
27349548c3801581c95f5f612d4bdaef.jpg
static.bg3.co/imgs/202309/ 		0
0
472bf7b12c624421fe2a063fd56dbf04.jpg
static.bg3.co/imgs/202309/ 		0
0
c5f49ce7de04ac7fc3fd373bf4bd62e2.jpg
static.bg3.co/imgs/202105/ 		0
0
3a41a991d611add62bf534cf5d4af6eb.jpg
static.bg3.co/imgs/202309/ 		0
0
0247a2373cacefd1b929dfc985830394.jpg
static.bg3.co/imgs/202309/ 		0
0
6d9c3cbedd7f5242ee146aec16a9cb2b.jpg
static.bg3.co/imgs/202105/ 		0
0
f60843e3c98493ed70a27583b12f9b9e.jpg
static.bg3.co/imgs/202309/ 		0
0
48446f0ca6db61d7ad7df33310ec3d17.jpg
static.bg3.co/imgs/202105/ 		0
0
65690686bd6e7d2b0bf8c866caf5b21a.jpg
static.bg3.co/imgs/202105/ 		0
0
bbe46b29be6944d029a61cc8438197ca.jpg
static.bg3.co/imgs/202309/ 		0
0
48888a57beb1338aa5d50108de28271b.jpg
static.bg3.co/imgs/202309/ 		0
0
9bbc727e93bca57cdcc6983a2af591d4.jpg
static.bg3.co/imgs/202105/ 		0
0
7ed6f5240e5ef3a47a26341e2887af7b.jpg
static.bg3.co/imgs/202309/ 		0
0
d236bc47e32d95bb9ecd83c443c1d5f9.jpg
static.bg3.co/imgs/202309/ 		0
0
839bacee28b10bcff0ada4ff29db28bd.jpg
static.bg3.co/imgs/202309/ 		0
0
b7d405bdfe2b89d374c3dfbca0faf9f4.jpg
static.bg3.co/imgs/202309/ 		0
0
8e54a58bfd3dd7a9ba64e68b5f28f7aa.jpg
static.bg3.co/imgs/202309/ 		0
0
0856292fb9c4de31c60f84fdbd184491.jpg
static.bg3.co/imgs/202309/ 		0
0
9b4590b9692e5b2626b8451d260c1598.jpg
static.bg3.co/imgs/202105/ 		0
0
521ac69c1cb13c96498e04c614d51fe5.jpg
static.bg3.co/imgs/202309/ 		0
0
2244fa67cbe08129a99c3c3d6dda1304.jpg
static.bg3.co/imgs/202105/ 		0
0
d3be49ec01cc01ed7f71421d74b943a9.jpg
static.bg3.co/imgs/202309/ 		0
0
13470bba5736188f07157e36b97dca75.jpg
static.bg3.co/imgs/202309/ 		0
0
e785f059fd171e53b520924f35495690.jpg
static.bg3.co/imgs/202106/ 		0
0
0ff1fe5aec30ed437d033a15bcdd7f7d.jpg
static.bg3.co/imgs/202105/ 		0
0
cad7436db958738698367d74db18157a.jpg
static.bg3.co/imgs/202309/ 		0
0
e75b7875206ed1ea94197d0297400c23.jpg
static.bg3.co/imgs/202106/ 		0
0
40ab61596e41dbb6df04096f6d2921fb.jpg
static.bg3.co/imgs/202309/ 		0
0
74bd8e18b8ce2e4569d920f7032d17d2.jpg
static.bg3.co/imgs/202309/ 		0
0
10f85c5c8f67706480a6d94d6098d137.jpg
static.bg3.co/imgs/202309/ 		0
0
2f560803a0ecf5eda28346d6d9cef38d.jpg
static.bg3.co/imgs/202309/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012309082229000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309082229000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
620ffdaa666bbf15e58038ef061ba78acbf5729c714fa3e991c025089009c23c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 19:01:43 GMT
age
33073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"a25d3dc3efab77a0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 19:01:43 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012309082229000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309082229000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
94d24d38cbc44ff8e2821d5172b11409ce6c6c0485fd3a3c2ea56c679a6aaa61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 19:01:43 GMT
age
33073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3934
x-xss-protection
0
server
sffe
etag
"178fe5d904a50e55"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 19:01:43 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
63390
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131891
x-xss-protection
0
server
cafe
etag
12284941131365068139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 18 Sep 2024 10:36:26 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je39i0&_p=1085918321&cid=781698518.1695183176&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695183176&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=%E6%98%9F%EF%BC%8E%E7%B4%9A%EF%BC%8E%E9%A4%90%EF%BC%8E%E5%BB%B3%EF%BC%8E%E6%96%B0%EF%BC%8E%E8%8F%9C%EF%BC%8E%E5%96%AE%EF%BC%8D%E5%90%83%E8%B2%A8%E4%B8%8D%E7%9F%A5%E9%81%93%E7%9A%84%E8%88%8C%E4%B8%8A%E9%A9%9A%E5%A5%87%20%E6%96%87%E8%8F%AF%E6%9D%B1%E6%96%B9%E9%9B%85%E9%96%A3%20%E6%96%B0%E8%8F%9C%E4%B8%8A%E6%A1%8C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
279380
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230126-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1695183177.658599,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1, 244050
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3050780015833613&correlator=287744588553026&eid=31077942%2C31077994%2C31077694&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695183176613&lmt=1695175976&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=781698518.1695183176&ga_sid=1695183177&ga_hid=1085918321&ga_fc=true&dlt=1695183175318&idt=1259&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5edc0991cd47a3871cf46e2b201b41d8795790d8bad3d0b21f502d19b88953b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12520
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6C88 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:12:57 GMT
expires
Thu, 19 Sep 2024 04:12:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1695183177163_399431004_563236156_541_1146_55_84_146";dur=1
content-length
122286
expires
Thu, 19 Sep 2024 04:12:57 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1695183177247_399431004_563236158_36_1119_55_0_146";dur=1
content-length
211
expires
Thu, 19 Sep 2024 04:12:57 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1695183177247_399431004_563236157_474_1129_55_0_146";dur=1
content-length
18371
expires
Wed, 20 Sep 2023 05:12:57 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTUxODMxNzY4MDEsInBhY2tldElkIjoiMDAwMEE3MDEtODgzMWM0NjEtMWJkYy00M2I2LWFhOTAtZTRkN2YzODYyNGNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbmctamktY2FuLXRpbmcteGluLWNhaS1kYW4tY2hpLWh1by1idS16aGktZGFvLWRlLXNoZS1zaGFuZy1saWFuZy1xaS13ZW4taHVhLWRvbmctZmFuZy15YS1nZS14aW4tY2FpLXNoYW5nLXpodW8uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2887.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame C0BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5_GGZpEsNMh5ih3CAO9zXnjA4DiBig5yYyt1Q6NW84MwthxXndjodwEAP2yD5O54LYxMi6BuWEezBxU9ZHKNwjzlM1q_HWw6TWiGySXfB8A7EZ60nms82LwoFHkM3bg4C8Zmn6Y-4TlVu6e_t7H9eyVmlLKylSdzMxuvwHdsPy1tq8Y0duidiSNrI3NLhGt0UAR4fvJ9xYGYUgu-xMElc330SiZunz2BdmhRMRU7QL9kqmvI57iUNITY_TFUGBJ2G4S6R7qly4t6J85Yt9Wd3F3wrljtT8qwjlRGo-H5UcGX_fckHfjxOHNjBZZVQFITzmA&sai=AMfl-YSeCv4vT38VSdZCkLraJ6ZmlHi6JnHKxJt1eihiNY2AH_gm58xXpGiTYq_sg7k0i5A_YzdLEiTWt68cwW7YvKYuhaejqreeGcYBMMAAco5nbzoFIeu_Id-ob4bkakGbQUoMt6_lFzwTvBNOHBqq&sig=Cg0ArKJSzOCjyxBzk1X4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Sep 2023 04:12:57 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 20 Sep 2023 05:12:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C0BD 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 04:12:57 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTUxODMxNzcwMzUsInBhY2tldElkIjoiMDAwMEE3MDEtODgzMWM0NjEtMWJkYy00M2I2LWFhOTAtZTRkN2YzODYyNGNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbmctamktY2FuLXRpbmcteGluLWNhaS1kYW4tY2hpLWh1by1idS16aGktZGFvLWRlLXNoZS1zaGFuZy1saWFuZy1xaS13ZW4taHVhLWRvbmctZmFuZy15YS1nZS14aW4tY2FpLXNoYW5nLXpodW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3120.800003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTUxODMxNzcwNDIsInBhY2tldElkIjoiMDAwMEE3MDEtODgzMWM0NjEtMWJkYy00M2I2LWFhOTAtZTRkN2YzODYyNGNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbmctamktY2FuLXRpbmcteGluLWNhaS1kYW4tY2hpLWh1by1idS16aGktZGFvLWRlLXNoZS1zaGFuZy1saWFuZy1xaS13ZW4taHVhLWRvbmctZmFuZy15YS1nZS14aW4tY2FpLXNoYW5nLXpodW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3127.7000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTUxODMxNzcwNDcsInBhY2tldElkIjoiMDAwMEE3MDEtODgzMWM0NjEtMWJkYy00M2I2LWFhOTAtZTRkN2YzODYyNGNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbmctamktY2FuLXRpbmcteGluLWNhaS1kYW4tY2hpLWh1by1idS16aGktZGFvLWRlLXNoZS1zaGFuZy1saWFuZy1xaS13ZW4taHVhLWRvbmctZmFuZy15YS1nZS14aW4tY2FpLXNoYW5nLXpodW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3131.6000022888184
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		176 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3050780015833613&correlator=563306343870319&eid=31077942%2C31077994%2C31077694&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&arp=1&abxe=1&dt=1695183177075&lmt=1695175977&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=781698518.1695183176&ga_sid=1695183177&ga_hid=1085918321&ga_fc=true&dlt=1695183175318&idt=1259&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_21_0_pv%26cluster_reporting%3Dchrome_DESKTOP_21_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2a94f14cf27cc9e52ced463877173dc1025bba2179e94e635ef4862392076d79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52285
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl_page_level_ads.js?cb=31077994
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4a3f733fef7fef6fa38e1fbdebc344c91949dae96eeed5cc5d10c4e024b5339f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 10:42:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
63040
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13596
x-xss-protection
0
server
cafe
etag
6741345839911793024
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 18 Sep 2024 10:42:17 GMT
block.jpg
delivery.adrecover.com/ 		631 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1695183177088
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 19 Sep 2024 04:12:57 GMT
date
Wed, 20 Sep 2023 04:12:57 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (frc/4CC2)
age
2913453
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTUxODMxNzcwMzUsInBhY2tldElkIjoiMDAwMEE3MDEtODgzMWM0NjEtMWJkYy00M2I2LWFhOTAtZTRkN2YzODYyNGNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbmctamktY2FuLXRpbmcteGluLWNhaS1kYW4tY2hpLWh1by1idS16aGktZGFvLWRlLXNoZS1zaGFuZy1saWFuZy1xaS13ZW4taHVhLWRvbmctZmFuZy15YS1nZS14aW4tY2FpLXNoYW5nLXpodW8uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3173.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5656
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jzi9kRlU4hv4Md6RE4GjBB%2F04wluEe2i7Lp3lGqYxUV4szWzDJaIbJhUANl7%2FVlW5EO6M%2BjRzdCA0F46RRKbGk3KWdgqSOM6Wp7XZUddRO2NnLpdXDso09t5fks3Nx%2F1gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
80973ba92ce52a44-CDG
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
abf71c669264b2ea4ce52ba6773bed91327c7fae09bcd730f043948a18b00b28

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 04:12:57 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3928156845932731&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 27 Sep 2023 04:12:57 GMT
impress
ad.vidverto.io/delivery/ 		51 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&referrer=&async=1&uid=8721107062&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f1f999e84cb28c6d16dc1274bd3ba0af473c922e6c9b8231b884e661eff3970f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230920
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4dc19ff4252e47630d51b345780b1b96b9c6a21ff358266e9d60bf8c715ac2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
725
x-jsd-version
1.0.1818
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-bma1654-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-g7L8eUzQQd1oX2hmZmocfYLYIy8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZAqIEcebPvjrQ%2FJ7P0Mt3gtxtLIBSe2U76aFNGXz0h5g6c4Z7ODOQAxp1zaNOQXcdija7Nd3sQA0FDLMjxJnVIs1bUvQSKBYWXBNh%2BZapmoSnErKxmnF%2Fpybc2P9sEoqJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80973badac430221-ZRH
adreq
ads.servenobid.com/ 		981 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3094
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=73817363265&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 20 Sep 2023 04:12:57 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.138.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-138-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 20 Sep 2023 04:12:57 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
2c22f8537d2baacdf4aca6e0e5f8959be5d89785fe67a23d5239a5da697ab4c7

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.129.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=b0c273f1-1027-4439-9d62-134cbd5736c1%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%98%9F%EF%BC%8E%E7%B4%9A%EF%BC%8E%E9%A4%90%EF%BC%8E%E5%BB%B3%EF%BC%8E%E6%96%B0%EF%BC%8E%E8%8F%9C%EF%BC%8E%E5%96%AE%EF%BC%8D%E5%90%83%E8%B2%A8%E4%B8%8D%E7%9F%A5%E9%81%93%E7%9A%84%E8%88%8C%E4%B8%8A%E9%A9%9A%E5%A5%87%E6%96%87%E8%8F%AF%E6%9D%B1%E6%96%B9%E9%9B%85%E9%96%A3%E6%96%B0%E8%8F%9C%E4%B8%8A%E6%A1%8C&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=0edb9c58-8141-4447-843e-c7580f1c69a7%3B7a4a4cec-678b-4610-9e0d-ddd518f19762&l_pb_bid_id=32d72c89eb1766e%3B33adc0013b3cefd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=0edb9c58-8141-4447-843e-c7580f1c69a7%3B7a4a4cec-678b-4610-9e0d-ddd518f19762&rp_maxbids=1&slots=2&rand=0.5410277240348302
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.45 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e53c5eee221fd5d08b77632cc1fa32ea1a561a312db5064dcb7fdb9ea8e158da

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80973bacf9312a7c-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80973bacf9322a7c-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid-request
onetag-sys.com/ 		15 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
13
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 20 Sep 2023 04:12:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebidjs
rtb.openx.net/openrtbb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
79ccf8a90f2ef3125f3dccf4b46c2395c7418e2a681398396febeac40cbb61f2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1433
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 20 Sep 2023 04:12:57 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 20 Sep 2023 04:12:57 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
hbjson
grid.bidswitch.net/ 		35 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.148.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-148-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1bce2b8645bae6675164e4bb4210fd68ebfb6aacc8a49a008c50cbacda268bbd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Sep 2023 04:12:57 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
27485
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5130a665876baa408752889a5a7f498cff3d14b4ce42b0a0aaa9c76bd5bdd682
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
an-x-request-uuid
ab859085-f921-45fa-987b-bdf3c3117343
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.10.172.41; 31.10.172.41; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6eb9a1320488ed44177d468f5ab5b2f3086582b225a743ed3be8b5b930cb2b52

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 20 Sep 2023 04:12:57 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		53 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e199eb95ef80a94d4b0cf9380988a76b71daa735b0db058d5f1e301c8778324a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2izGlj1lRCHTaAYhB7qi6nQQrhBfCS8joDj5nrdx3DdIuKHBmvJmRZbI8%2FD3eMG7UpMZ3vN%2BMdVpQsqiULaPj%2FKV5Lgp0q%2FWo%2BDf0wAHe%2BGgm9m0vKPUcU21MUbtfm9UBE5VG4Y"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80973bac6b0023f7-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
132429f275b7375948a384f277f6a7266d3cf8ae6034466b64a4a6ae4b5e0b1d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7h%2F%2FTSD0BRwk61Yoe5xCKQGMGczzc3dSgEKgr%2Fw%2BNytoK3uCsGJhQgjXLLq5BWAyFKdVyNxjsGwP8a7oWXj%2BtubiQ82%2FqdLdvcNEgrKj2hgR8QVqYlAwHeYjyiQKbyJzfhwYQSZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80973bac6b0123f7-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5719693f4791356738d5fec2cf83ef9583e6b62aa9ee802cf1c7f84f23be3288

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdXFKiwXCHX3FR6TRZBbqux9mAFsjWNvq4V8TKNjRmPCgUlsmxJ8%2F1Z8Jl5lBycWljrptWSpXqnXg%2F%2FS%2FhJ%2B3S7zZaEFGKrCkjl0yItIK%2B0bxS7AWjCJ18KVocTQ%2FxU9REO2iJ6P"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80973bac6b0223f7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
/
onetag-sys.com/usync/ Frame 92E4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
d42e900c4f328ef096deeba2f8ba33a23ecd80d8e1b5ce06e7c48c65cacfc02e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1439
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		359 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
8be5f11b40d73f6965e5d69189d533173aca057616a3b573316868678c132bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125909
x-xss-protection
0
expires
Wed, 20 Sep 2023 04:12:58 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 20 Sep 2023 05:12:57 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 17:10:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6442c381-edf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 20 Sep 2023 05:12:57 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=8a6ba3d3ebe29c4e894807ea956e9bd6
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d4ffa36c3282ba25a2b7c2058b40b7d87ba192fe76a70cede2b1f3435b37ef1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 11:04:56 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65019758-15fed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 20 Sep 2023 05:12:57 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 20 Sep 2023 05:12:57 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		284 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 11:42:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fefd1c-47038"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 20 Sep 2023 05:12:57 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D43d68535-3416-4ea7-a6f6-7eb3c972fec8%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=43d68535-3416-4ea7-a6f6-7eb3c972fec8&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=43d68535-3416-4ea7-a6f6-7eb3c972fec8&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=43d68535-3416-4ea7-a6f6-7eb3c972fec8&p_id=23
date
Wed, 20 Sep 2023 04:12:57 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=43d68535-3416-4ea7-a6f6-7eb3c972fec8&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=43d68535-3416-4ea7-a6f6-7eb3c972fec8&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=ece55359-3428-5307-808b-9933e581e879&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=9b6aa8bd-f40a-4509-8980-2a278c8f1560&p_id=15
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=9b6aa8bd-f40a-4509-8980-2a278c8f1560&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=9b6aa8bd-f40a-4509-8980-2a278c8f1560&p_id=15
date
Wed, 20 Sep 2023 04:12:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Wed, 27 Sep 2023 04:12:57 GMT
container.html
631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9ED9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:12:57 GMT
expires
Thu, 19 Sep 2024 04:12:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
img
sync.mathtag.com/sync/ Frame 92E4 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 04:12:57 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 20 Sep 2023 04:12:56 GMT
/
onetag-sys.com/match/ Frame 92E4
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LMR8ANEX-1H-CMO5&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LMR8ANEX-1H-CMO5&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LMR8ANEX-1H-CMO5&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
/
onetag-sys.com/match/ Frame 92E4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6902073697500061440
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6902073697500061440
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
an-x-request-uuid
cdde8ead-cf8c-4c95-88c3-f693b0f8bc15
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6902073697500061440
x-proxy-origin
31.10.172.41; 31.10.172.41; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 92E4
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=49c77e572e2f481c29a1d674a39ccbf0&gdpr_consent=&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=49c77e572e2f481c29a1d674a39ccbf0&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:12:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=49c77e572e2f481c29a1d674a39ccbf0&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695183177922049-333
Expires
Wed, 20 Sep 2023 04:12:58 GMT
tap.php
pixel.rubiconproject.com/ Frame 92E4 		42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=JoqNrxFaXwifyBKLLwCWB4L23rjIBUu-_2cKWQs8BXk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 92E4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKiE03yXUU5mHgHJDtkXMh5vJ8jsqtNQ
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKiE03yXUU5mHgHJDtkXMh5vJ8jsqtNQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKiE03yXUU5mHgHJDtkXMh5vJ8jsqtNQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 92E4
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=7953013701535579324
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=7953013701535579324
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=7953013701535579324
date
Wed, 20 Sep 2023 04:12:57 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 92E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 92E4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=u1m9afAQ32UEEhbwnTO4i__hPcOgn30uZG4Yc-9KBcY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=u1m9afAQ32UEEhbwnTO4i__hPcOgn30uZG4Yc-9KBcY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:12:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XRZBS30E8DV5MP8WM460
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=u1m9afAQ32UEEhbwnTO4i__hPcOgn30uZG4Yc-9KBcY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 92E4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDlCNjBEOUMtQ0M1Mi00N0RGLThDNjYtRjkzMUE3NzI3RkY1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=09B60D9C-CC52-47DF-8C66-F931A7727FF5
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=09B60D9C-CC52-47DF-8C66-F931A7727FF5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=09B60D9C-CC52-47DF-8C66-F931A7727FF5
date
Wed, 20 Sep 2023 04:12:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 92E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFIGvmdf4Nnbq0WWZoLIYHk&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFIGvmdf4Nnbq0WWZoLIYHk&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFIGvmdf4Nnbq0WWZoLIYHk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 92E4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
date
Wed, 20 Sep 2023 04:12:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 92E4 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 92E4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6354298408334049921&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 20 Sep 2023 04:12:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ad.mox.tv/delivery/v2/ Frame 92E4
Redirect Chain
  • https://ad.mox.tv/delivery/sync?userid=JoqNrxFaXwifyBKLLwCWB4L23rjIBUu-_2cKWQs8BXk&p_id=5
  • https://ad.mox.tv/delivery/v2/sync?userid=JoqNrxFaXwifyBKLLwCWB4L23rjIBUu-_2cKWQs8BXk&p_id=5
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/v2/sync?userid=JoqNrxFaXwifyBKLLwCWB4L23rjIBUu-_2cKWQs8BXk&p_id=5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.mox.tv/delivery/v2/sync?userid=JoqNrxFaXwifyBKLLwCWB4L23rjIBUu-_2cKWQs8BXk&p_id=5
date
Wed, 20 Sep 2023 04:12:58 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
194
content-type
text/html
truncated
/ Frame C0BD 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
811f9d79c598a546abace0ae233a4ec675ec39ac4155a37e1df6a6f50a7849cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C0BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucd2HA-y69gomtzo2q_2HNlBjtN3n-Z0-RLaDl1JAcKmSHgk2KisbQlqh0_uPuTZ781yzIG3Jg9hg5uGaS-MRdYLesZ2oo8AsMCE0LMTf-bH_Z60pXx1qKxhAf4-VJeWx0FWKtgrPSkS5RPYAB_SsxSyJf98HZduYU3pjevSBapaStBzCYCUwVLs5qLklU3imS1NSkbQJu05OQvUwNgA0WjAqWlVvsqvx5olpH6hFabIyy3Uy_qlxESt4jU__WSFL01TMrCBi13rNo8hg2rB_z625tIpfwqdGgxJuqtk3rPvrWHPoqE88IXySTsB_7qdHGMS2K&sai=AMfl-YQFBEIN90_sZpeV6iww_fxAvxKpnuHLLUMjt5CBoPw8uuJ0RGqOz7KaRHFYcmRp4gmuIqtgg8LGaWGvA2wuxO4ngaRfeJL_CUHxOZ_3YmQ71ImejbdQDX9gL9qqe5hTSlbv5uaYriClvA6TrOKl&sig=Cg0ArKJSzK-WlUfG02NkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Sep 2023 04:12:58 GMT
css2
fonts.googleapis.com/ Frame 9ED9 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 04:10:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 04:12:58 GMT
css
fonts.googleapis.com/ Frame 5312 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 03:56:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 04:12:58 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 5312 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
29763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:56:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 5312 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
18946
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 22:57:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 5312 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29764
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:56:54 GMT
l
www.google.com/ads/measurement/ Frame 5312 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqMJ9oXB9yyq1XyXKxYQeSimoSr9w9sn6yhAc5ZtfOO1lyfkao1_mobrQFy940BUh7PuLlCzsTJqsCm2Sq1grfz1X5_w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5312 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 04:12:57 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 5312 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 09:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 09:37:14 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame 9ED9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 20:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
29525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 20:00:53 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9ED9 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 09:19:40 GMT
x-content-type-options
nosniff
age
240798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 16 Sep 2024 09:19:40 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9ED9 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:07:34 GMT
x-content-type-options
nosniff
age
327924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 15 Sep 2024 09:07:34 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5DA4 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
a2453f57b84b20e70c39ff36f3c5d5c8e77656e9decc211a6efec5a1bb183908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7882
x-xss-protection
0
server
cafe
etag
1338877479505861448
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 04:12:58 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:42:24 GMT
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1835
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
7bZYKep_AQ1bVXyjAo2NGVm1mldyecrr_vk4n3a8DXcC80rsr07Fpw==
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1AC5 		714 B
595 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
13635
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
80973bae38252a44-CDG
content-encoding
br
content-type
text/html
date
Wed, 20 Sep 2023 04:12:57 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbasaBDzD05yZb%2B9VCrNGf28VrMyIUclV2sXFiT122iap7G%2FA7q0ftjfESuKsJRNiE8dVDn5OI0Wdu%2Bz7mPNkepywqf1K%2F6HKOOqO%2B4lhH5wxFIumSm2k7Zha1hg%2B3%2B6dA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7794
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Sep 2023 04:12:58 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Sep 2023 04:12:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/583bdf8b-f6f8-3221-a525-1c4ee8843632?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0lowRyxE2oU3V8iB_2_AVIz6CKnnT6vrxuCro3I-~A&redirect=
0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1AC5 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef7012e9773f9fe3e6453e6431888caa3caf960dcf5faa0a32d3b21b60a6b802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29329
x-xss-protection
0
server
cafe
etag
555 / 19620 / m202309140101 / config-hash: 7190792443359072308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 04:12:58 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/ Frame 1AC5 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 23:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
18742
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131810
x-xss-protection
0
server
cafe
etag
9411153894055172020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 18 Sep 2024 23:00:36 GMT
prebid-request
onetag-sys.com/ 		15 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
L2EveGluZy1qaS1jYW4tdGluZy14aW4tY2FpLWRhbi1jaGktaHVvLWJ1LXpoaS1kYW8tZGUtc2hlLXNoYW5nLWxpYW5nLXFpLXdlbi1odWEtZG9uZy1mYW5nLXlhLWdlLXhpbi1jYWktc2hhbmctemh1by5odG1s.json
cdn.adpushup.com/42753/ 		555 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveGluZy1qaS1jYW4tdGluZy14aW4tY2FpLWRhbi1jaGktaHVvLWJ1LXpoaS1kYW8tZGUtc2hlLXNoYW5nLWxpYW5nLXFpLXdlbi1odWEtZG9uZy1mYW5nLXlhLWdlLXhpbi1jYWktc2hhbmctemh1by5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-220.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 20 Sep 2023 04:12:58 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=361, ak_p; desc="1695183178437_399431004_563236723_37588_1067_25_0_219";dur=1
content-length
555
expires
Wed, 20 Sep 2023 05:12:58 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8A7B 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2955
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 03:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A39C 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
30369
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 19:46:49 GMT
etag
48472445140208031
expires
Wed, 20 Sep 2023 19:46:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1AC5 		492 B
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1411801122575046&correlator=4060043372485796&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1695183178406&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=j0rfubl1a7c7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qNeoVX3CLIpLgGBl-FytFbrzZlMc1YrWzoxTi7l37yLDq2UH8uKdUqSI50ZOUmHphpD3pkY_wcPWyLNoSWhXOMwJFJvz5ojJZXcRYgcIBk-dz0kPc1ycRbDp5zkJN1rwfQ30A47aINOvDUXXpI7VDrqmIKE8lsz5D43ld1cX-E9Gb88RnheFoW3-NfstI6xSE2vH8sO-35P4WoXmLDR9WT2uaIlDCXhFkv0lQ&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1634516709.1695183178&ga_sid=1695183178&ga_hid=1206235737&ga_fc=false&dlt=1695183178012&idt=357&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
bf0d89f6cf945fd7ed047ad6a1f84ff45691eaa0df367e0d808dc1db9beea0b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1AC5 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309140101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
fa5d1a9443bad567a0c0789bd579227ce1eccc1c97f2acf7904edb651b7455b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12198
x-xss-protection
0
container.html
e0413bc25a06952e4f87cbbe16be312e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C4DA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e0413bc25a06952e4f87cbbe16be312e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:12:58 GMT
expires
Thu, 19 Sep 2024 04:12:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aW5nLWppLWNhbi10aW5nLXhpbi1jYWktZGFuLWNoaS1odW8tYnUtemhpLWRhby1kZS1zaGUtc2hhbmctbGlhbmctcWktd2VuLWh1YS1kb25nLWZhbmcteWEtZ2UteGluLWNhaS1zaGFuZy16aHVvLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04ODMxYzQ2MS0xYmRjLTQzYjYtYWE5MC1lNGQ3ZjM4NjI0Y2YiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZTJhNTQ1YTYtYjEzMS00ZGFhLWFjMDYtMzFkMDE5MDdiNjZlIiwidGltZU9mQXVjdGlvbiI6MTY5NTE4MzE3NzQxMCwiYmlkcyI6W3siY3BtIjowLjAyLCJhZElkIjoiNzVmNzhhNDk1MzcyNDliIiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6InZpZGVvIiwicmVzcG9uc2VUaW1lIjo0MjQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk1MTgzMTc3ODY1fSx7ImNwbSI6MC4wNCwiYWRJZCI6Ijc2ZTBjNGFiNDE2MDgyMyIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQzNywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTUxODMxNzc4Nzh9LHsiY3BtIjowLjAyNzg0NjAwMDAwMDAwMDAwMywiYWRJZCI6Ijg0NThjOGYxN2QwNTkwZSIsIm9yaWdpbmFsQ3BtIjowLjAzMjc2MDAwMDAwMDAwMDAwNCwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDI3ODQ2MDAwMDAwMDAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1NzQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk1MTgzMTc4MDEwfSx7ImNwbSI6MC4wMiwiYWRJZCI6Ijg1Yjk5OGZiMWM0MmJmOSIsIm9yaWdpbmFsQ3BtIjowLjAyLCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6OTkyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTE4MzE3ODQxN31dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJpeCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzZlMGM0YWI0MTYwODIzIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA0fSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJlMmE1NDVhNi1iMTMxLTRkYWEtYWMwNi0zMWQwMTkwN2I2NmUiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk1MTgzMTc3NDEwLCJiaWRzIjpbeyJjcG0iOjAuMDQsImFkSWQiOiI3NzU2YWY4YTAzMmIxM2YiLCJvcmlnaW5hbENwbSI6MC4wNCwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MzgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk1MTgzMTc3ODc5fSx7ImNwbSI6MC4wNCwiYWRJZCI6Ijc4MWRhZTliNTc4YmMyNiIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQzOCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTUxODMxNzc4Nzl9LHsiY3BtIjowLjAxLCJhZElkIjoiNzk5YWFiYmJhMzU1MWVlIiwib3JpZ2luYWxDcG0iOjAuMDEsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDM5LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTE4MzE3Nzg4MH0seyJjcG0iOjAuMDc5LCJhZElkIjoiODAwYjk5ZDU1NWQ2MWI1Iiwib3JpZ2luYWxDcG0iOjAuMDc5LCJiaWRkZXIiOiJvcGVueCIsInJldmVudWUiOjAuMDAwMDc5LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NjYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk1MTgzMTc3OTAwfSx7ImNwbSI6MC4wOTQ1OTEsImFkSWQiOiI4MTVmNjNiNmQ0YjY1MjIiLCJvcmlnaW5hbENwbSI6MC4wOTQ1OTEsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAwOTQ1OTA5OTk5OTk5OTk5OSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDk2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTE4MzE3NzkzM30seyJjcG0iOjAuMDIzNDA5MDAwMDAwMDAwMDAzLCJhZElkIjoiODNmOTg3NzVjM2ZlYmMxIiwib3JpZ2luYWxDcG0iOjAuMDI3NTQwMDAwMDAwMDAwMDAyLCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMjM0MDkwMDAwMDAwMDAwMDIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjU3MywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTUxODMxNzgwMDl9LHsiY3BtIjowLjAxLCJhZElkIjoiODYyNjY0YjY0ODhmODZjIiwib3JpZ2luYWxDcG0iOjAuMDEsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo5OTIsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk1MTgzMTc4NDE3fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFwcG5leHVzIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI4MTVmNjNiNmQ0YjY1MjIiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDk0NTkwOTk5OTk5OTk5OTl9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=4505.800003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:58 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3050780015833613&correlator=2648388523713622&eid=31077942%2C31077994%2C31077694&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&arp=1&abxe=1&dt=1695183178433&lmt=1695175978&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=781698518.1695183176&ga_sid=1695183177&ga_hid=1085918321&ga_fc=true&dlt=1695183175318&idt=1259&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_21_0%26cluster_reporting%3Dchrome_DESKTOP_21_1_active_0%26refresh27Split%3Drefresh_experiment_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.09%26hb_ap_adid%3D815f63b6d4b6522%26hb_ap_bidder%3Dappnexus%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
75273e7813ff85080a5dd7a7db27cb712105c1cca85be63cb4a072ab1a3623b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13708
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3050780015833613&correlator=2648388523713622&eid=31077942%2C31077994%2C31077694&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&arp=1&abxe=1&dt=1695183178436&lmt=1695175978&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=781698518.1695183176&ga_sid=1695183177&ga_hid=1085918321&ga_fc=true&dlt=1695183175318&idt=1259&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_21_0%26cluster_reporting%3Dchrome_DESKTOP_21_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.04%26hb_ap_adid%3D76e0c4ab4160823%26hb_ap_bidder%3Dix%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f1a59c8ecc4254d28cc190063de73a1400c86f0c2e63fff57c031b997551f86e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13562
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 20 Sep 2023 05:12:58 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.590.0_en.html
imasdk.googleapis.com/js/core/ Frame 23CD 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
7f35f83071a3c2e2026ed7f2b89b536c2c6a116bd99ae1cff343c0ecba7e9212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
457045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236505
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 21:15:33 GMT
expires
Fri, 13 Sep 2024 21:15:33 GMT
last-modified
Thu, 14 Sep 2023 21:14:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 04:12:58 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/canary/ Frame 1C5E 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/canary/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 04:17:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 20 Sep 2023 04:16:47 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=XHtqNWDT2IfJGKQ1rz4W165yjRycEYo0AMKt3xtv2P0S8PmTDEEG1FtUBzMIGOb41M7R8pELALwT%2FWyql3sy84xos44KlILwSvNHX%2B6X8aFvI3aLg5eWcRG0aKcOJQqJwbwi%2FwQGIo7JbEVq7tqpxugP8g8pYL%2FtU%2Bs0DQBBmhvsaCdqK90jLuOqMwNtY2A05D0xtKTm%2F%2BLiDG1PFthpm7hG9xGglJ8BLIVB5qTSJoj13Ry%2BTlBMugRYuEp7Y4Br%2BrmpWHyfVAsPzmbEV8Gwx24ABI8Fzc0Ipa4AnuL4eEpQArSjQVII1M9PqiSV%2Bo9AeHEzuSpDFO62hndo%2BJejuwE9dNfhKPyU4BzARy51X5%2FJW0tDjeWASTjDVg4llh82nbS4rOR1%2FDCzc6JcxT6NtIAppJUDUgR6nK6bNg37dJoXKZO%2BErNPfx3Xj1ivgqLOKunnk6Qib19AaosehwA6tM5yz%2FIyhqwImK4hnLxHsHyfjx%2FhnFtWP1D3oc%2F8cGafDNUeGNj2dqkfWaQkbhbjywPsBhzOflQ0c4sm8cPp0BmvYGCIK7fGTEwE17Fi91R9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 7794 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3a2eb12bb31b6137ebf9011835d5f91947ebe8113118e575de36de68182b7e57

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 04:12:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 14:17:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36227
Connection
keep-alive
Content-Length
10516
Expires
Wed, 20 Sep 2023 14:16:45 GMT
480_650.mp4
cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/ 		208 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 20 Sep 2023 04:12:58 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5DA4 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
8107fb840cf7147311362230ba32a48379068cadad5fa70071e26945641cc8a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50730
x-xss-protection
0
server
cafe
etag
125228262646801313
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 04:12:58 GMT
pixel;r=1193364163;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html;uh...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1193364163;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-525379589-1695183177886;pbc=b0c273f1-1027-4439-9d62-134cbd5736c1;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1695183178499;tzo=-120;ogl=;ses=6dd14a9f-ea16-413d-8c49-cafe981041a9;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A39C
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEINSxpn_C04eFO8WMQZFUPs&google_cver=1&google_push=AXcoOmS0mHGmxTwaNi1Mge1_UccqVglDO54485_cHLAzp_saTz5ceLU9_0TChICpc5NPSUJp8R8diT0GGDi9lkz604t2lW28ZvA
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg3RUNFOTkxNjBERjlFQQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg3RUNFOTkxNjBERjlFQQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg3RUNFOTkxNjBERjlFQQ==
date
Wed, 20 Sep 2023 04:12:59 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame A39C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFeytTYC993xMS9OGt7whwo&google_cver=1&google_push=AXcoOmTSdKKQTEf68A50DTbchcQTxrXe0HsOcy8jM0eeLoTBX65nAD2PERj8rDZqvqylAaIlox5dzjvHB58O60...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDc1NjMxMDI1MjcxNDEyNA%3D%3D&google_push=AXcoOmTSdKKQTEf68A50DTbchcQTxrXe0HsOcy8jM0eeLoTBX65nAD2PERj8rDZqvqylAaIlox5dzjvHB58O60OlLZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDc1NjMxMDI1MjcxNDEyNA%3D%3D&google_push=AXcoOmTSdKKQTEf68A50DTbchcQTxrXe0HsOcy8jM0eeLoTBX65nAD2PERj8rDZqvqylAaIlox5dzjvHB58O60OlLZWZqO8UIyK0
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDc1NjMxMDI1MjcxNDEyNA%3D%3D&google_push=AXcoOmTSdKKQTEf68A50DTbchcQTxrXe0HsOcy8jM0eeLoTBX65nAD2PERj8rDZqvqylAaIlox5dzjvHB58O60OlLZWZqO8UIyK0
Date
Wed, 20 Sep 2023 04:12:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A39C
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFoHrOl9zXBBEghWdrkxns0&google_cver=1&google_push=AXcoOmTeJ_zg_jmwepswpNG2TdlP99O3KK8j6qh12yYtI54GYOxNk94EajpNDOoLHR8Mf4q4i_XjWMsM1zMOcD8txTzecbQ...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFoHrOl9zXBBEghWdrkxns0&google_cver=1&google_push=AXcoOmTeJ_zg_jmwepswpNG2TdlP99O3KK8j6qh12yYtI54GYOxNk94EajpNDOoLHR8Mf4q4i_XjWMsM1zMOcD8txTzec...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTeJ_zg_jmwepswpNG2TdlP99O3KK8j6qh12yYtI54GYOxNk94EajpNDOoLHR8Mf4q4i_XjWMsM1zMOcD8txTzecbQIb4x0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTeJ_zg_jmwepswpNG2TdlP99O3KK8j6qh12yYtI54GYOxNk94EajpNDOoLHR8Mf4q4i_XjWMsM1zMOcD8txTzecbQIb4x0
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTeJ_zg_jmwepswpNG2TdlP99O3KK8j6qh12yYtI54GYOxNk94EajpNDOoLHR8Mf4q4i_XjWMsM1zMOcD8txTzecbQIb4x0
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame A39C
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEOwprAY98Kh15BL0qWR4HjM&google_cver=1&google_push=AXcoOmTKYx0A-yFMeyKe2CjkHYcSG9VpVUdV3nsSlgpt__RaYSB5gus-8LOTq2OL9doAtEBF01BFz5mS2rRyb4Z0-uG4WZTWVMbl
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM4MTg0Nzc4OTMxMjk2NDAwMFYxMA%3d%3d&mn_hm=MzM4MTg0Nzc4OTMxMjk2NDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTKYx0A-yFMeyKe2CjkHYcSG9V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM4MTg0Nzc4OTMxMjk2NDAwMFYxMA%3d%3d&mn_hm=MzM4MTg0Nzc4OTMxMjk2NDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTKYx0A-yFMeyKe2CjkHYcSG9VpVUdV3nsSlgpt__RaYSB5gus-8LOTq2OL9doAtEBF01BFz5mS2rRyb4Z0-uG4WZTWVMbl&gdpr=&gdpr_consent=
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:12:58 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM4MTg0Nzc4OTMxMjk2NDAwMFYxMA%3d%3d&mn_hm=MzM4MTg0Nzc4OTMxMjk2NDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTKYx0A-yFMeyKe2CjkHYcSG9VpVUdV3nsSlgpt__RaYSB5gus-8LOTq2OL9doAtEBF01BFz5mS2rRyb4Z0-uG4WZTWVMbl&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 20 Sep 2023 04:12:58 GMT
pixel
cm.g.doubleclick.net/ Frame A39C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTJPmlDC8xIwFru2VPtejL9-ywykZ8sj6Kjef_QsNlllgxvFDAzO1Ghmhwz7U8XOcgEcDovqe-0yWKigdy4_E2qefhMsDcSww&google_gid=CAESEO6SE2WuGJ6...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO6SE2WuGJ6VSj1Q1L6uHZw&google_hm=T1BVNWY0NWY1OGEwNzQyNDE4MDk2MDExMjBmYmRmNjFhNjg&google_nid=opera_norway_as&google_push=AXcoOmTJPmlD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO6SE2WuGJ6VSj1Q1L6uHZw&google_hm=T1BVNWY0NWY1OGEwNzQyNDE4MDk2MDExMjBmYmRmNjFhNjg&google_nid=opera_norway_as&google_push=AXcoOmTJPmlDC8xIwFru2VPtejL9-ywykZ8sj6Kjef_QsNlllgxvFDAzO1Ghmhwz7U8XOcgEcDovqe-0yWKigdy4_E2qefhMsDcSww
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:58 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO6SE2WuGJ6VSj1Q1L6uHZw&google_hm=T1BVNWY0NWY1OGEwNzQyNDE4MDk2MDExMjBmYmRmNjFhNjg&google_nid=opera_norway_as&google_push=AXcoOmTJPmlDC8xIwFru2VPtejL9-ywykZ8sj6Kjef_QsNlllgxvFDAzO1Ghmhwz7U8XOcgEcDovqe-0yWKigdy4_E2qefhMsDcSww
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame A39C
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJJgymKXdw08TRuvwUFTACY&google_cver=1&google_push=AXcoOmRxksHghQutst8D1i5TJM-LLu3He10EkKqieTqSzH9Y-oW74TVKGg84MViZz2msFBOj4UmdNKoVaL97RlHEvGtU2-h5WAovOA
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRxksHghQutst8D1i5TJM-LLu3He10EkKqieTqSzH9Y...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRxksHghQutst8D1i5TJM-LLu3He10EkKqieTqSzH9Y-oW74TVKGg84MViZz2msFBOj4UmdNKoVaL97RlHEvGtU2-h5WAovOA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 20 Sep 2023 04:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Wed, 20 Sep 2023 04:12:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRxksHghQutst8D1i5TJM-LLu3He10EkKqieTqSzH9Y-oW74TVKGg84MViZz2msFBOj4UmdNKoVaL97RlHEvGtU2-h5WAovOA
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame A39C
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEMTjSxrJO40fVhgOfo0XrrM&google_cver=1&google_push=AXcoOmRBk9izCjXRmsuccbsqEYUxwpODMMY4s4-94vW3DGElOhxefh3MxdJxXzaFLcwaeWaWx5HFu3iPZdH55hsMFCQXd3duU...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRBk9izCjXRmsuccbsqEYUxwpODMMY4s4-94vW3DGElOhxefh3MxdJxXzaFLcwaeWaWx5HFu3iPZdH55hsMFCQXd3duUJBXsA&google_hm=c42c57ff2cac...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRBk9izCjXRmsuccbsqEYUxwpODMMY4s4-94vW3DGElOhxefh3MxdJxXzaFLcwaeWaWx5HFu3iPZdH55hsMFCQXd3duUJBXsA&google_hm=c42c57ff2cac5e3e88b82877e9ecb8bc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRBk9izCjXRmsuccbsqEYUxwpODMMY4s4-94vW3DGElOhxefh3MxdJxXzaFLcwaeWaWx5HFu3iPZdH55hsMFCQXd3duUJBXsA&google_hm=c42c57ff2cac5e3e88b82877e9ecb8bc
date
Wed, 20 Sep 2023 04:12:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame A39C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8OJMjhoJwnjy5Mhjz5MasVDALDoterzjGPTfvYTUjPu-yjF4ZZT1j3Ym-qetXFP099lf2tD7a
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
khaos.json
token.rubiconproject.com/ Frame 7794 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 23:29:48 GMT
x-content-type-options
nosniff
age
362591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 23:29:48 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:05:52 GMT
x-content-type-options
nosniff
age
346027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 04:05:52 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
480_650.mp4
cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/ 		12 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 20 Sep 2023 04:12:58 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
bridge3.590.0_en.html
imasdk.googleapis.com/js/core/ Frame 60CF 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
7f35f83071a3c2e2026ed7f2b89b536c2c6a116bd99ae1cff343c0ecba7e9212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
457045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236505
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 21:15:33 GMT
expires
Fri, 13 Sep 2024 21:15:33 GMT
last-modified
Thu, 14 Sep 2023 21:14:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7A62 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 20 Sep 2023 04:36:14 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ Frame 5DA4 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js?bust=31077997
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
dd0adc663259326257e922b9eae5b6933e7409c5e95b3142e30715da1abbc5ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131529
x-xss-protection
0
server
cafe
etag
5195944029385261643
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 04:12:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/ Frame FF87 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
26938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 20:44:00 GMT
etag
8554266389219770021
expires
Tue, 03 Oct 2023 20:44:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
x0GhW6DXmALcoqN108%2BGZiPQI%2Fg3NrNlBUoSm8jPxUnEm2sAAF7%2B%2FnVIXybSWFDQkDMH9aQXplrAoKdd%2Bvl2BLEAD2cs3gXFFgaThwSVEp3CTHF8YE8tuttw39N749K5UqVcw8ubW3hmLbfp3y4u%2Ba1dyafXf0YmeZCwBMJt802ttgrmLBMyaC2bQ...
ad.vidverto.io/delivery/video/pod/ Frame 23CD 		45 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/x0GhW6DXmALcoqN108%2BGZiPQI%2Fg3NrNlBUoSm8jPxUnEm2sAAF7%2B%2FnVIXybSWFDQkDMH9aQXplrAoKdd%2Bvl2BLEAD2cs3gXFFgaThwSVEp3CTHF8YE8tuttw39N749K5UqVcw8ubW3hmLbfp3y4u%2Ba1dyafXf0YmeZCwBMJt802ttgrmLBMyaC2bQdy0vc3XGSsqE4nOxWNtqZ6rIIj0HAw2YGXgWswhA07ZFyt6yUza%2BmBcZEP%2FbXdlCjFLEGIcUmIQ2hNvTQ%2FzKBrMLw8CG4BlSmoHYWubOUpTn52Au5dm85Ypr9VS74FJBtKiFUr0B3Auh8YL7uYtP2VuelOMwqreoUntvleQyTCC1yfi4WMWTqMxiJ9j4VrZu9qOpquSAX9Y%2BZ3KZFUqfuOjU%2Bcouyw7rrmk1neybqb%2FTwS3%2F0jm52RMpSjWhqfMi0xxfLHpsTUs4xnV00VWYvFWVQxNtigLeG9Eav29NcXunV7K0fOFBL%2BWVAFayq58bgMA%2Brg9LlkRXfqySlrNzSkC44RhPsQBsTPtr1FPv1%2Foz32DOlhzH8WnwFs53Tq5kRQkzO%2FZ%2B%2F5hf8etpEb29iYQ0idkMBmbmUFEd%2FODJzyo9w6Jpxu2z8Qg2IGru0SuEYGBgh0L28hFIBq1BXQYHrt%2Fr9tnvP4oNI094r2Qa6QGV6L%2FdQC65VPgcTHfLh34zoZ51Iyx9GuCIZ5zrPWGQLE0vLEBcBNYqVeoz%2BVNp3PFIV%2FD6CCNcZ3j%2FyqlB4aCMxV5UWzH?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1b46d0f1718506335e249e68bc2250b9156348d5fc916ea2af50a82749ae0cfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
js
www.googletagmanager.com/gtag/ 		268 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f0064719c29801c85d311d8dab8c9fbf6c354854ce74c9ec155dfc2e281c7b62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91297
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Sep 2023 04:12:58 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012308011702000/ Frame D68E 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:32 GMT
age
24446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62025
x-xss-protection
0
server
sffe
etag
"2e9edf8f2a89282d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame D68E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:32 GMT
age
24446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5208
x-xss-protection
0
server
sffe
etag
"166738ad32285252"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame D68E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:33 GMT
age
24445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28952
x-xss-protection
0
server
sffe
etag
"cfd252d60a6db402"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame D68E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:33 GMT
age
24445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1920
x-xss-protection
0
server
sffe
etag
"a86a0dd8f4aab9b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame D68E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:33 GMT
age
24445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12942
x-xss-protection
0
server
sffe
etag
"02797982c4ca8b38"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:33 GMT
css
fonts.googleapis.com/ Frame D68E 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-TW
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 04:12:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 04:12:58 GMT
css
fonts.googleapis.com/ Frame D68E 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 04:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 03:58:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 04:12:58 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D68E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:49:34 GMT
x-content-type-options
nosniff
server
cafe
age
37404
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 20 Sep 2023 17:49:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D68E 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
55426
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 20 Sep 2023 12:49:12 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3618360310716010496/ Frame D68E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3618360310716010496/14763004658117789537?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIpgEQVxgBIAEtAAAAPzCoAThXRQAAgD8&rs=AOga4qkFzjCi-2kY3EkpJ3zffnR8jAZeSw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
ab4bffbde9e4dea3962da0838d43736f7ba405dc6951adc8bdba3df19b1dac15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11775
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 08:13:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Sep 2024 04:12:59 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/9880848611880302773/ Frame D68E 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9880848611880302773/14763004658117789537?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qk_QA0-6-HSbgFo-6WRu8ZRflDngw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
5913a21ea96ba4c84284c9da6fe33fe9e8842fec1576e65c8c9f24b3f540ace4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 16:57:36 GMT
x-content-type-options
nosniff
age
299722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16874
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 12:14:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 16:57:36 GMT
l
www.google.com/ads/measurement/ Frame D68E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmuQVSs05T9a4dDp1UXMfVmT2-sdfgskgPp9-RROV6fcjL7PnidC8QvhYG8U5oC2brR00T4p9TeE2yfKgLrG53eQdKvw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
idsync
sync.aralego.com/ Frame 7794
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMR8ANM5-13-2P8A
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMR8ANM5-13-2P8A
0
0
csi
csi.gstatic.com/ Frame 23CD 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmr8anxx&c=1288343504067&slotId=644171752033.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s08-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D68E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da82a167a0dfa335e93bf025500108cac8446a13c7b455868209bae630c2107e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
480_650.mp4
cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/ 		232 KB
232 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16973824-

Response headers

Date
Wed, 20 Sep 2023 04:12:59 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16973824-17211103/17211104
Connection
keep-alive
Content-Length
237280
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1AC5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 04:12:59 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 23CD 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1339241347181192&sdkv=h.3.590.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.590.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FCTyxBJ3SPx0wGr0ZHxuc0g%3A1695186777%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6591F4E2-F322-4E27-8215-BBDFE37B967A&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797157%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=1695183179036&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&scor=2388646632151729&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 23CD 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1339241347181192&sdkv=h.3.590.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.590.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FCTyxBJ3SPx0wGr0ZHxuc0g%3A1695186777%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6591F4E2-F322-4E27-8215-BBDFE37B967A&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797157%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=1695183179038&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&scor=2388646632151729&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx3.adform.net/adx/ Frame 23CD 		65 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/live/ Frame 23CD 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1339241347181192&cust_params=mt_fln%3D1.8&sdkv=h.3.590.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.590.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FCTyxBJ3SPx0wGr0ZHxuc0g%3A1695186777%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6591F4E2-F322-4E27-8215-BBDFE37B967A&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797157%2C44800470&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=1695183179042&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&scor=2388646632151729&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 23CD 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1339241347181192&sdkv=h.3.590.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.590.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FCTyxBJ3SPx0wGr0ZHxuc0g%3A1695186777%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6591F4E2-F322-4E27-8215-BBDFE37B967A&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797157%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=1695183179044&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&scor=2388646632151729&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 23CD 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1339241347181192&cust_params=mt_fln%3D1.3&sdkv=h.3.590.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.590.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FCTyxBJ3SPx0wGr0ZHxuc0g%3A1695186777%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6591F4E2-F322-4E27-8215-BBDFE37B967A&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797157%2C44800470&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=1695183179046&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&scor=2388646632151729&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 23CD 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1339241347181192&sdkv=h.3.590.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.590.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FCTyxBJ3SPx0wGr0ZHxuc0g%3A1695186777%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=6591F4E2-F322-4E27-8215-BBDFE37B967A&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797157%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=1695183179048&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&scor=2388646632151729&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 5DA4 		210 B
273 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js?bust=31077997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
bfeaa45d336bfe06c6af0da6fceb989f1af0ab382814bb1b792936cb66ab022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 889B 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js?bust=31077997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
f6198e3d3f250c3d334ee0a75a5b67045aecb8e59b385eb31f9069d57505136b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12375
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:12:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D68E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-TW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
432367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D68E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-TW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 02:35:09 GMT
x-content-type-options
nosniff
age
351470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 02:35:09 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8A7B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:12:59 GMT
expires
Wed, 20 Sep 2023 04:12:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:12:59 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
pagead2.googlesyndication.com/bg/ Frame 4E24 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js
Requested by
Host: 631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
URL: https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
391778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14699
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 15:23:21 GMT
ecm3
s.amazon-adsystem.com/ Frame 7794
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=c6eU_xd1Rxe7BeTsmkpRfw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=c6eU_xd1Rxe7BeTsmkpRfw
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=c6eU_xd1Rxe7BeTsmkpRfw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:12:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RMMXG48BAKM70ZT243PM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=c6eU_xd1Rxe7BeTsmkpRfw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7794
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ruq3lVrx5ifAo4FadgyQs8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zxjGZrJE2oLViyI29JwhyrU4t04ZIySebdVMIQ--~A
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zxjGZrJE2oLViyI29JwhyrU4t04ZIySebdVMIQ--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 20 Sep 2023 04:12:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zxjGZrJE2oLViyI29JwhyrU4t04ZIySebdVMIQ--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 7794 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 7794
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHgQ8tUjS5fXFzYFsDJvlaA&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHgQ8tUjS5fXFzYFsDJvlaA&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHgQ8tUjS5fXFzYFsDJvlaA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7794
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDRjODYwNmUwY2QyN2ViOWJlYzg5NjMyN2Y1MzY4MTFjMjI0ZjQwZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDRjODYwNmUwY2QyN2ViOWJlYzg5NjMyN2Y1MzY4MTFjMjI0ZjQwZA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDRjODYwNmUwY2QyN2ViOWJlYzg5NjMyN2Y1MzY4MTFjMjI0ZjQwZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7794
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1SOEFOTTUtMTMtMlA4QQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI7JRHPVogkWS2v1uuOtpvE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1SOEFOTTUtMTMtMlA4QQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1SOEFOTTUtMTMtMlA4QQ==&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1SOEFOTTUtMTMtMlA4QQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7794
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pDhp0g4VSnOitR8D73_TQw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=pDhp0g4VSnOitR8D73_TQw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=pDhp0g4VSnOitR8D73_TQw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:13:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E2ZPBQVXHP7KHH87W9YY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=pDhp0g4VSnOitR8D73_TQw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 7794
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMR8ANM5-13-2P8A
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMR8ANM5-13-2P8A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D3923B5527C14E528B8C1571810BB89F Ref B: ZRHEDGE0718 Ref C: 2023-09-20T04:13:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFwpdOVi+zDBdB4kttlw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMR8ANM5-13-2P8A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
si
googleads.g.doubleclick.net/pagead/drt/ Frame D68E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Wed, 20 Sep 2023 04:12:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012308011702000/ Frame E9AE 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:32 GMT
age
24447
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62025
x-xss-protection
0
server
sffe
etag
"2e9edf8f2a89282d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame E9AE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:32 GMT
age
24447
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5208
x-xss-protection
0
server
sffe
etag
"166738ad32285252"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame E9AE 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:33 GMT
age
24446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28952
x-xss-protection
0
server
sffe
etag
"cfd252d60a6db402"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame E9AE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:33 GMT
age
24446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1920
x-xss-protection
0
server
sffe
etag
"a86a0dd8f4aab9b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame E9AE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 21:25:33 GMT
age
24446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12942
x-xss-protection
0
server
sffe
etag
"02797982c4ca8b38"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 21:25:33 GMT
css
fonts.googleapis.com/ Frame E9AE 		2 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 04:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 02:30:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 04:12:59 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E9AE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:49:34 GMT
x-content-type-options
nosniff
server
cafe
age
37405
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 20 Sep 2023 17:49:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E9AE 		344 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
55427
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 20 Sep 2023 12:49:12 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D68E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:49:34 GMT
x-content-type-options
nosniff
server
cafe
age
37405
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 20 Sep 2023 17:49:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D68E 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
55427
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 20 Sep 2023 12:49:12 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/6179951098826786623/ Frame E9AE 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6179951098826786623/14763004658117789537?w=400&h=209
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
cef2b5f5d714132cca343253ca521b5420bcfc65804b061a932eb4d0da6e785b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 03:58:05 GMT
x-content-type-options
nosniff
age
173694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20648
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 02:22:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 03:58:05 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14457021782492063575/ Frame E9AE 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14457021782492063575/14763004658117789537?w=100&h=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
d04094f15b201a96332ab0d1521762f1565b06b8918c0f71cb94e79f30825fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 20:07:50 GMT
x-content-type-options
nosniff
age
115509
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1493
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 09:16:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 20:07:50 GMT
truncated
/ Frame E9AE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b630a3d20d285aa276fc6e21adcefa18ff9ec3626c8381f3d1ff719d3cd4c3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39i0&_p=1085918321&cid=781698518.1695183176&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695183179&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=%E6%98%9F%EF%BC%8E%E7%B4%9A%EF%BC%8E%E9%A4%90%EF%BC%8E%E5%BB%B3%EF%BC%8E%E6%96%B0%EF%BC%8E%E8%8F%9C%EF%BC%8E%E5%96%AE%EF%BC%8D%E5%90%83%E8%B2%A8%E4%B8%8D%E7%9F%A5%E9%81%93%E7%9A%84%E8%88%8C%E4%B8%8A%E9%A9%9A%E5%A5%87%20%E6%96%87%E8%8F%AF%E6%9D%B1%E6%96%B9%E9%9B%85%E9%96%A3%20%E6%96%B0%E8%8F%9C%E4%B8%8A%E6%A1%8C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C8BB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
18526
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 23:04:13 GMT
expires
Wed, 18 Sep 2024 23:04:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4878 		829 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
GSE /
Resource Hash
81c3793291bd5e110d6f7040b2b588e92e28bc3530ddbf36d6965f43658f38f4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JNbK8QCoXH5NDwjTeOqgRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-JNbK8QCoXH5NDwjTeOqgRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:12:59 GMT
expires
Wed, 20 Sep 2023 04:12:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E9AE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
432367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 04:06:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 889B 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CoXKoudsIOJx_1g7UbzN0meRcGwAZ74TP0FwMVT4kUvZFbchrirWBw5aam7vTfN_sRczmKFen-gk93c_2mFwEdwC9orP7Q9rWQ9cktirvURwvP5OA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 889B 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16556585685027892217&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 889B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 04:12:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 889B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
18947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 22:57:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 889B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 19:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29765
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:56:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 889B 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 04:12:59 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0B01 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNW-DOfI_kH5o2b8-_rXh_NOMYeSniIY6I0uKILl1BK6mnXwgJM8TrU05C0pFnK_HU0G-FMD9hDrYk1EWJ--AE93lVhYlw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:12:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame D68E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrWJsSnEKZYKzHryl9u8PutGAsAWVtuz1cpuR0s3sEd7ZHhABILqEwDNg9aXIgdQEoAGbtM6cA8gBBqkC4Ur5HrApgT7gAgCoAwHIAwqqBJcDT9AchgcpEOYk-DezrqNdzJv5IzPhOC5b82OWr7R7N1LO7UY7bywwqWZpFsBAtnwF4GE4iGYgKvEvy4r0y7ZmmBayeNwHJX5OjAlBC6OFYHVQ6hVX7GEnTBp_P5pY3S5ueIhvSPljiMCFJ-T_cwASpbOU_65Y3gdL5nCviWxs-tvyOuYEBed7kXNBU-Gq-86CM324hNkpJQRN3yyrZUvP932vNOyF43w9qcOtjllrjb711IQqG9vbUkpF9EdnGpMWq0czAJM_x_O94lKCiEp07NYreK612OeMuCgKR-GIncXCu5SlUV1fp5vMCEnWm3BDlNYxWpw7JqjHVeaHkeahnspCdozUjyzCfd0VMMFaeRUeB29VIEk3TsptncLtTv_-zhxzvLJzFebzz5Z3-JaWxZSXTmJxiE8vK5UOQGgm5aYkuMdaSF9DCbhZxAnGH5TC4Hk5ox_Pya3RAp5q2VXI9ERGaKLD8o4qyAFRCWe4Yc3qVu5mb2WSUpaMYmqJm3aeZy179UqX2tM8miEBWGJKaXADy3-ayVfABJiKnsnSBOAEAYgF6oCQq0ygBjeAB83LsWOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDG6wPSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJO2h0dHBzOi8vd3d3Lm1hbm5pbmdzLmNvbS5oay9zZWFyY2gvP3RleHQ9JUU4JThEJTg5JUU1JUE3JUFDgAoDyAsB2gwQCgoQwPSridndve00EgIBA9gTA4gUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMzI1MzQwNDI5ODIzNTAyGMqrHg&sigh=HfkdIyk3yT8&uach_m=[]&ase=2&cid=CAQSPwBpAlJWu7-J1PFK0Yn4dW_TJiksOQXxo83fjJe_evmHjBJCC5RUcq02nikq7AIcay8St4ibDm2WdxABD-KMfxgB&template_id=492&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4878 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309140101&jk=1411801122575046&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame C8BB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
18946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Sep 2024 22:57:13 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E9AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CW93bSnEKZZvnL82-9u8P3a-t8A2J7JCHc_XDxP7kEWQQASC6hMAzYPWlyIHUBKAB78L0qgLIAQngAgCoAwHIAwqqBJoDT9A7o3CqHrMZCChWCPTn56srmKpSE-YoTt6Axv4ZLYVA0SRCoRJy1GS_Y8O_0AV08lh8ieir6CkUmvpOOdrKEwgGPUtDMmqlCbYEXGBKsZk1j21CxZZ2i33Bi0OAYDnTx3wIf_ySTjPg3C7KbvuIqWGMKgabHMMk4RcyfuehcRbky1RS0lpnZVube1rckuRWdrUYJn3gCZjcK7vgc4nUsduPDAelSHwoj70ehp9e-xVTh7NAXvxdJu-9hGcAz0dn4fB2FMnzjg2PiFPrOSaepQCge-SMBOwlplUXYQpWKTMq3BbTmVbSbIfhb7UD61s9MQYn85WRARVlna-bBJ8ma1mVzrXSfe3NJDJunvYCzZsm32JUz8L7t9V5AqdYbWEhN66KruVTWSn0F6mmwK18QVgGd43m0D_X_P04SVg2e2dS5FyIY94WgwHM2n1-D6NWslXIadvhtT-aYvwAae7qpOsCZ6Q0fwgY4LCDcvfg84HrmTIlhcjbuDqtq_fxTYrKpkGAHVjOf_M4CSZzUaQKKkAWYYwomM3YGkXABPuAy5i-BOAEAYgFjonOxEySBQQIBBgBkgUECAUYBKAGLoAHi5flvwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDBvgrSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJWWh0dHBzOi8vd3d3Lmtsb29rLmNvbS96aC1ISy90ZXRyaXMvcHJvbW8va2xvb2s5dGhiaXJ0aGRheWhrLz9rbGNfbDE9ZGlzcGxheSZrbGNfbDI9Z29vZ2xlgAoDyAsB2gwQCgoQ4OXr3bz6xMYHEgIBA7gT5APYEw2IFALQFQGAFwGyFx4KHAgAEhRwdWItMTMyNTM0MDQyOTgyMzUwMhjKqx4&sigh=7CELflf1l-I&uach_m=[]&ase=2&cid=CAQSPwBpAlJWW-oJDYeQCgYcqPkNqLTXQFQ3PHmg2tdnQWGbZ1v225eNcJK2-Co1oZYBO9y4egpB6CbsAGL9rYyLzRgB&template_id=484&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 0B01 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNW-DOfI_kH5o2b8-_rXh_NOMYeSniIY6I0uKILl1BK6mnXwgJM8TrU05C0pFnK_HU0G-FMD9hDrYk1EWJ--AE93lVhYlw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0B01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFLsZRj0A7ggUdqpDGMi00&google_cver=1
43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFLsZRj0A7ggUdqpDGMi00&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNW-DOfI_kH5o2b8-_rXh_NOMYeSniIY6I0uKILl1BK6mnXwgJM8TrU05C0pFnK_HU0G-FMD9hDrYk1EWJ--AE93lVhYlw
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hs0vydXjhNM8855pVgWXeImESX1QTQH9zL6tsceStpEF2dVXmLPpiMEJJf%2FIo2%2BnJxSfnTOINjbFiqG07BdkdxErfV7kLXcYkgXAdeHtQbkdp6KeUbU3tUnKcX76F5hCJKElETs2W6JTew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bbbfc5523f7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFLsZRj0A7ggUdqpDGMi00&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0B01
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQpxS.EmnVdhzRHNN3Ou-gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFLsZRj0A7ggUdqpDGMi00&google_cver=1&google_hm=2
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFLsZRj0A7ggUdqpDGMi00&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNW-DOfI_kH5o2b8-_rXh_NOMYeSniIY6I0uKILl1BK6mnXwgJM8TrU05C0pFnK_HU0G-FMD9hDrYk1EWJ--AE93lVhYlw
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FquJSsgKyYfIZVO3V%2FW0sYsqz570tpuebpYepfsMQeMsa%2F25HPeEzcFDsY1Fnt83AYYv0GaS4IhenBsNRvOQgRQnum8bhMY7nkPEwdT%2FDoajPLBSzLjpNk0ZNh%2FWPvqK8j8d2q3QmVjnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bc118a224be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHFLsZRj0A7ggUdqpDGMi00&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame C8BB 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6HFFhQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:12:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 23CD 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmr8ao61&c=1288343504067&slotId=644171752033.5&ghmsh_eids=44768717%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797157%2C44800470
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s08-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:12:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 04:13:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 23CD 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 889B 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1925710568757&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 889B 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1925710568757&version=m202309120101&ct=77&x=1&cor=16556585685027891000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 889B 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Be-t2z0ss7YAyoUjKhh0qTOYOXyEBU_PBR7gQyWz-dL9rFm4SO4VdJ1nH1CY3TmqlmktgUI-_s1TVqwXUEoTtsCSHFzGRDucUjY3CmlpHYvv16-xayL_UNnc97dls5eI1ioWawyrj3doUjkA4V3ZWlJq2QIMHoQRqN13I3HjHNxnHjQYs&cry=1&dbm_d=AKAmf-CFNBLEeMXVRjXIX-iO8IDivS0kcFpHtt5DN4A2DC70cBrcXuI6Km0NezIXZpe7RqEHgDqII5iPonDKGj6h40pGSGLeO-l3Qy6-MLkyjbbtIzh-SUH0u4B-_7QH9z80K4YsRVqR-6ExKzyv9h3Ib03nYpCxD3arue51h3aHR-jcLR1b1ZvtxXVzDPCG-KA6MHMbii-m7ku5zWRln7iz3eS6EG6IBhmhF_9nHUi6AzBiVqBYVc0o-vjw535-HHciHlUkJjfZg7gYrDrcIuqtLFrGDe-NCLNnOac428udPZ40vrOTN3uMMcrb6xp-p2TnfHM9ewDlzOHLOFgsWUb1sswYx-MmFfbBzz-FEOSsA9YbIm55Ltig1ZO5LdUMGeSmDKjhu2WIvxw8tde_8ybZzES45i5oCWHqXAbz9bkOw6cbJ9pFJa2wcNmA5xImLXayPIj5QoBU9JWw1542PT0iq-sLJ4-0dl1RIoP7H-aiWh9mT3EgZE7ZnvktBJJEJ96JEUOhIwfc1DkHPCacpWna_XJLUYloAs0O5F_QW7Exy_RLc-O29Mjg-p5GA2GCMmRL_3MtX5r9um_cLG4dGExVMZsJ5IqluFchInOAZgvJ0IEUAtF64OmLk_y72jsaUn8JXmqlu-IUvgveXUTM3s3aPFYRdwDWZSqNPusNhEUsvByov67jbiJgE4mFbuSNwoXKtRMN9ODmCgkxsjCA3gIRqclt35eSHxpLobtn6W9RqjuSCGZytDdkKfxN6OcOjn7j2y5AC8P-g7x9e5UMyDRsvijegbj_z6ZGLrU3HDLOLIzckw3INnC2qZJRNa2JoXyGaGmTGYywL7kNN6beU2B84yj4Nf3bdsqu3v3cyWu7rr6QBJkDbYB2lETjEtrDGppthcn0_-5zlDKZ-BBPv2FXW_ZkqFkACI0X9BeJT5IHx8V7aVU3OcyeeucBBYt-VpDaHM-SCCkXpBR5sNH7SosJboS8HsXVYI8aO21CUwxCaqIauDoBIyI7VHL_rtM1u0T0Fn45h6yo3mkUgsVPT1Wh45PgIsjLMF4luaveIALFalfVsKugPdRcMbl4YaYzekR7SD_3EO2dcoI4GN-spgsADt2Hn7LmExHN2XLx92CaZH-sB9rxRsW5UxYBZjarB5DrssWigXmZw48K6O0e2Rb5GgBeiAY7oNo64xBLrLSP96_IcRAJu4R-EJfeIj-rZBQjxzgKBvrIh6u6tfMx6_Sf4aEeP5g2ozEPliIKICH7GJBfSTENAN1UPBKiSUj7_fA0MoiwgiOjqHrdmSAjdGmQzKzS_J9ZjPaEfkhi5eM8EC_g7YtKM0gf34mvn8Q8LNU_z8J19hGR26gBXzVyDFbamHiTz2_2t9ydHVKjrqKQafDiYrw_hZU7sRskqNGi9MQgsgtjQ5Kp_kfog9lW_krHk576UiaijadNNpa-TPaP-U1Z80Fn_ppTNUpmodP_8P_YjLXr-sRs5ppxhcgBPsUinMpf4Qxc19RWEIZ9n0YrgOS75w160C5YKsbmQCm3mgK_JeGf8r4t9Q0kiFcCMKL_7TQHTKEnr8hN5tFb4JfKySBFBJOupfoLsfHQUfIB6pPXsFeaGnqQOlE4BwYyurmi6zVMP7VO9BD17ZSLmwd0pWc2u-6E-bd3EGOvdE8PQQtw9sesXKxyr1xjKemndolGpBTyx2oZb6tR1Xwm4WXkZlNxzTMcPYaqDd8gf6zkjHeuKIT_rXBlAl40SOYmB4xugiQjIC-kRU8an2V7ngG8L89HCKjVc-UDYxGcIxEklh5KhJEP3KtfYmvmX6BRFV55xRBZNLY_jROFQKyZyVnXH2d2tOxNAEFQjUGvdUqQNI-v-Q9-ComZHkL6KhZ_jLpazcrUkII-FXr2y5KESnIoPzDQe3pTiqhXU7pvQ6L9rLroAFVjAqHfaMu-StOucBgsC2cMiiHziklwPPtEdx7zh1Gk4SsTDHDafouiEHR_8_NC2UG3w314n6aM4cBVUntIsRGUaongRa13lxdI6DwN_ua4QqESYQRmtzjfDxNzew_eoxcx8YRUFyuI6BydUACBiI6W_cBkwgKKsUyiI4umKNN_HFQZV5lpCTKU7ck5GGtnvdb8olMUmq1I0yufLFUY1K2iCSxJXxU7pqlR4fc-U4Fmx-DVd4Fr3IlPMDZWxWdX9_ZnLTaBWPMz9_chVLFkM26z1FAePS90LzP9jzXPnBP3YulYqKdXMa0JqR1DbVcwHV-KtyLw1hBdwCDP0WZtcXiv4ys33w9R_92hBoay4gDREayBMEmP5q2h6au8nxWcH8z6hI6yZWtzUtxgrTkLrgVR62OpUojqdTUxfMV9LgWfdJReYdHaRFdiKTDhRbJWzZcHFC1_S1U4AM5nnVe_KAMEdPqP3of6rdz2IdJOjcR1EEQCzNPoQmvblaOmK0hR-w9mUAZYwBFd8TcpoZtgVx4zrxly8Xciq__go6hu7qws4DGCL2g4xo1MyYNM1En_V1AnifY_NZhJwKcGRvgJnSdybPrZe5qoqNJnJJIqTo8YepHlR6Yldj7-7hn-AVFylxYbbLlXrxecvT7LPZmlrAnFoy4JB0zvuDWLzwjF-jH3d1MC4MwJ83dyGHor6Fx77VMmcOFVrCUAK1VXk4v9FZtmuov3RV7xoRqiLNwGYSHYrG88cWkc52P8kkVX2Gkpr7r-xkxlJktnw6XX5ldLOySmPJByVCdUcFATzSLuRfdRqggyN0SYUTiU_ZcoDgaBgL-TjmLoE7cUHYNMFYUl9NorD9hWI4xFna2so9hLCvSnhlRanogGRrTgm5cP3BRisKGv4MMmlBEFZvW7Gdqcydu0IDD1E1pFCWCCUzLr9aFNdn9l7qe0KX6_bfTeaBLTPdpYd8OpRrK65LpBSx_bLQZcUQbyn6AOgvjN0-MOTBPPVtdlNrIngKtX0nZVN5ak6bvO7-PfYGX8pfG9dyO9MXLKAfZugPo3TezN5btTS9p2AIr_PdYVEe8120nsKOjsVnm_A2Q1lePUxNeZiiypa0ojf2y37dYVeeTpx9V5kUCkY4NgX3hvLkxdmLuLrnl-TyYrbkhHkkqKlliux1VohLrsSekamQ4oBKSNLk17ZrcoQDXfrnh3wjLQqKBCaE3sYBwXHIEjqE2nNp8MVRalMWPvpBDD-j2t3usUamyFj6f0EBHtM0t91rnpJTwaVcaozdPsZnJdGOexUFueJWCilaYEfPfw-0vlbWkCEEgBRd38z56zoI7SpZ451LOuYawJ4ToVtIoCkVqtz_1q8ZZhd2pk4EXcwn6rF1XIQi9EfbuSbG9t_FjKt4BuILMAMLp7VXeoW7pEEKBN7tzBV7vs3TFPiqBRV_E9sdPnD2CskRHOdMQa5n2k4sC_JObkKgBcLnjUW04AwQaNvfIDZO8YvXm7k94bcjzXF8V_YuWY_MJN00TWYSUv7zf8NmW76Or7TRCt91RQKrouow7yMshz8k0Fd13M1FXAj41cQ62zoXDTigP_UErfADe192csL7EfpgQQVOsDM-JaDaRptEoK2Z9ie8_wldatA8h1xiHAN0pSqNeppkW1Pjfq2E5ZII9lCLQ4yyqJReqE_tHtWf3g-q8nl3r4ooJdvlPP6kfGxHJyC7t9tOXOYCQEcB6rtfqByTu9ZRAH6rOo3hqQBWTpRnXbmwSc6L2widzFMFSz0wO2zvk196d8gTTDGLaaR0SlZXtMQnajnM0WbFrCd2i_IS0c3FsQgvJkrfabmyjbR5K0KTqm7CCIsGvRHFFp2ZFHxmaZROTPZ_kBF98mRpua3PJ7NBkseNEBhTQYnYggCjdCbKBWooBewVgieB8H7pxOFthAhtoMpQUMfXKVLsPdwoXHNDQviGYrkvCcGfCIRVhhdbx1bkpKPn5Yivd4e7HeSpRiBgZTh5S0GwK0PuMSgWyO0tOx-qQFSEraQJFdhqTQIPwaZRCchPKqhW1Z4F6gc5Rky1sC1uqOk1Gq0tLskNqhAAqyqCOPZ74fayZf31qU7ZQf8IU&cid=CAQSPwBpAlJWTvlemUh3FRy64IIBLndKiFelhYGQhg_CSCboxyIFt38BZY0MlcVSSoCYRA8BkkvzcLDn4RLHUr_zsRgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=16556585685027891000&adk=676413724&idt=558&cac=0&dtd=29
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
1c5da30be7e9c3f69c373a01f3a78e2c6b4c7c9acc547fca3c37f11618bccdd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12309
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 23CD 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lmr8aous&c=1288343504067&slotId=644171752033.5&faa=1&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s08-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 23CD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 1AC5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309140101&jk=1411801122575046&bg=!6uml6abNAAbP3fMH7907ADQBe5WfOPtcmKlQk97wfUFG8onoH0ATTS7mC03JXwGO0mWN5scOaQJuqE1pLfsczVjp-n3FAgAAAGpSAAAADWgBB5kC3Sd9sun8SvFYdOc2f_Liho7lqLTjRsqhkOX7sXQWUiiICZyTinu_vIBMVsGEvhfqryvdbLydTxLcdZ3rfSKtsgAztZIYciUYoiCN87Fa-RvnZescf_yK7H80yrD-ra0adkadetbxXH9pJzIUizTeGrn0iKHA-laWDdxIVAxTxdAopa8mhioaETeDiWNE-5PuoJeW-2Y_s67QRZawwV8-oDKK8nTTfBYd1qxN1XCcR5SP8CezznHDpSbJEYYGZilZy6xozLxJBnDwmnRbEYxPa2Y0ug2b-b7qN279juTy5-oAmhn1IZ524axDd2t4609l5sKFl7X9L_i0e8cAnnlbanbi-XRvBTZUdejWIbSuruCk-yQSJLbwjqrGzBXJziipsb5UAl2Ubw6cEGw5EmOPOrdc69jxpIg-EhVmKFnszdLhmwEw80wDjH9r0NqTFCzfGfEmb7Lmv-du-0p_ad4GwAMI09-1txES6CiGC_A0dEPDB4SZUIoACJ84i8B8FvO0X0ob5GrGC6IiYhpgFVMdeqpyefFvmIs5OU0LktSG8iZnlIFrccjiSj6EOQiFtapg6Q5rcVBiWLVsbin_63UjZvDO7bQJpNlzmQUgE7qEkk0v40MAK3VKtWuPV1VfVAuzsA34fE-J7FbWuxOjiK3-WuyO-8yu2hG4_zgltHHUUKxoApnH-2d9OZpsWn8LDAOh6xfVy2og8_Ii8DFAN00oVSa28Dkol9J4nbF3a8DbVP_ZY5UY1vu9rt2zns7zAsyTKjKnTRrAmVCZT9EgDSfjJ146A53FDqtS6nsJSzSabiWe7PZboTN7arjwljlJrtRXs6BXSQvpkWA7f-vpy5E6-NSPZgJeIoHsxwIGjuqLgnYrjPDpClKa_Xccq6UCrgLvRbxF61m1AxoFwBSeAuwyCvv0qijY4zTuXiS8XZhH2ysa1vVyLYfL0QdlqgY8UwdN5XqJaGmtpus6FtuBDMo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/ 		40 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=196608-

Response headers

Date
Wed, 20 Sep 2023 04:13:00 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 196608-17211103/17211104
Connection
keep-alive
Content-Length
17014496
activeview
pagead2.googlesyndication.com/pcs/ Frame D68E 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnDOpUHr0VKgGzREXzsmm0rN5cwLzRJFTyJXpQlYe5jknZbnsz7w3z11Ypnk2aj1YcHUNOPG131cjaoNqhmGcY1klYDpPopFcoAF6ChMzG1Byg4RyAC99vNPIG7CFYjhQa8m2hJ-A3wNpqMB_kKkqNR7nRm9fTaK7--bALGaPNlx2r7VzE0QsvjJivi_wEBnDvYT1qKpX5WfW_q4pjNgs-HaziP2bjhTFTxadOjiAK-N_jQfHJB9IsdOSYTYkg4fjxtkSUsMc4Xgioez6aAItmieeflWJ3Wkl1nq8opz3ZrnCVa5L7UcC9u7KjAMVrwb0GoH1PKEKS_P5R8zkWKz-HowN_aFNu6jnn_RKmB7Cu2hzNFNyf5tPVYohatncqYMytT0s5ZIRrlnSbzb_r0uA84NvXKh36XZnUoXTCi9M7Px-V1i9BQjsYW6w7BNYnv2Mel36Ke3RWwAcDPhCo0i74i7indsP4iwwDAj-1TSrRIt8mMvL0OVQsxYc8NNRqpQXgbwXV9hEDJcXIXTyRDKkz9oa-EEOqIno8_Va5SvKSgzX9IA_QjK6AkixkjN7E7sO25YJOfH7r5kOV7whEFkN-5wxf-FFSdX0r4tfCRAoD4DA85M1Jvc1vLqng9iK2OoSoWcmh1BXjijEpLip8ega-lzVUZSqPHCLXD2xVAFzvVjnm800Iv0ICFBYjeseeiqff-CjclYCbt7Yzx8u_POzZdHGVTpzt0mAkYIgcP3W3upGSiSKooCS5buVlXNYyAENmxjzxKFPraSWp8-uL41gsUsHByU_Pt93-q0yZ_tIceS2Z1_wQbfpTPQ2RxNrkjzK0Q7lDLfQCb6htKy2tqqvHu5ABBWX7iE-7CNhBiCJ7vRadwGQOAfxUW8OuDA0PMmcaYQbqLAdP-eSkDlIKsx_tFbTm3iIaAO07fYRJjj17kZsCBi8aSaUGGZCOE3uP8pKqArFj6JTFTmavbYjtZVfoLRBJ47_FPUDpH8lWmzjKgc_Zaaxfx2R5dsKmkKBJ1ca8VCvDU7-urAlkPXQyhk1T3kE6YBwhr7ihTOxtMj9sOdexT9BOl8DYDqTq9za95Q_jeovKQGIB_UFW39AhIK3n5iDMdgltE3702MpuNTjeQ_3vEn63mMBaCtYEHzB2S6NQjCZsPtx4_AANVtKGRxUkoJ82sjJRblzDSCGpYxgyYp6lpcrqF1JGR0s-rp6p6UWegnuk-DUlXLM5IRybsDIQt1bgitc3JBEhq7I7eCpEJQtRmg45a2trDj_sbSA403G94pAi5mm7kSqkVe8qqwCE5OtFYlQaGJ11_Bxh9gW-EnnTcOv2G7CE8aruxXc6PWvpUCihbYogJM3TeLePE4uP_NH1s-44DNhKLn11obdKM5AksLiSSrgjEXGKCo5SfoPz6Tg8WJsCwgArixNx-wgGdc6QtpqlblQ0A7_ebGH3upOFOonG6ysj1kC0uHuPEGYq1839oX495aiU6-lj1v8Z4S7JM4Akluj4-9V0KIROvhXVWtz8n9m3BJSsX1FHTZKOrHUMI37RZ05V-wMOF3l3sQ&sai=AMfl-YSwwzkwCtJUlh4Pp5DzphzFnam4-BdzAX23WHLT9uVc0FL4CYSVJpqNRkAFL5_AEvib-jplDlrWTOD7X6ADi3nWFhbpCtJrcNIkHBKUmf4EZGSAvnFhjemiQBf24gCqBLp2isemX8Rvy1AdZA&sig=Cg0ArKJSzFz24M7mVSOxEAE&cid=CAQSPwBpAlJWu7-J1PFK0Yn4dW_TJiksOQXxo83fjJe_evmHjBJCC5RUcq02nikq7AIcay8St4ibDm2WdxABD-KMfxgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=562&tls=1562&g=100&h=100&tt=1562&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 23CD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 23CD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame E9AE 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwISrwaQ2Jc3AInvPXrREDqDBp8LZxl1sUBsP9t64ALRGhVq3BdRk7JtuyNkYfrlRrMDy2PSE1IGnZrQV8fm50mqCvqwExx63WG99qKYP-w7AVJzcUCX4L1HNVsaDYJRpMpNhNbo55eg&sai=AMfl-YSDToKjV90ytG_FXz9ye_DI7UEdv6ed73ShJHInNZXOF-fo0h1oRsQ5rQym4rgyyW8aWmG8Va7NAd3d2dbgnWlksfcGEfw7C8C3U0377TKEVSYYmtaAwg3AOJ7mXYZv&sig=Cg0ArKJSzBNhAjP09kV0EAE&cid=CAQSPwBpAlJWW-oJDYeQCgYcqPkNqLTXQFQ3PHmg2tdnQWGbZ1v225eNcJK2-Co1oZYBO9y4egpB6CbsAGL9rYyLzRgB&id=ampim&o=236,60&d=728,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=390&tls=1390&g=100&h=100&tt=1390&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 889B 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Be-t2z0ss7YAyoUjKhh0qTOYOXyEBU_PBR7gQyWz-dL9rFm4SO4VdJ1nH1CY3TmqlmktgUI-_s1TVqwXUEoTtsCSHFzGRDucUjY3CmlpHYvv16-xayL_UNnc97dls5eI1ioWawyrj3doUjkA4V3ZWlJq2QIMHoQRqN13I3HjHNxnHjQYs&cry=1&dbm_d=AKAmf-CFNBLEeMXVRjXIX-iO8IDivS0kcFpHtt5DN4A2DC70cBrcXuI6Km0NezIXZpe7RqEHgDqII5iPonDKGj6h40pGSGLeO-l3Qy6-MLkyjbbtIzh-SUH0u4B-_7QH9z80K4YsRVqR-6ExKzyv9h3Ib03nYpCxD3arue51h3aHR-jcLR1b1ZvtxXVzDPCG-KA6MHMbii-m7ku5zWRln7iz3eS6EG6IBhmhF_9nHUi6AzBiVqBYVc0o-vjw535-HHciHlUkJjfZg7gYrDrcIuqtLFrGDe-NCLNnOac428udPZ40vrOTN3uMMcrb6xp-p2TnfHM9ewDlzOHLOFgsWUb1sswYx-MmFfbBzz-FEOSsA9YbIm55Ltig1ZO5LdUMGeSmDKjhu2WIvxw8tde_8ybZzES45i5oCWHqXAbz9bkOw6cbJ9pFJa2wcNmA5xImLXayPIj5QoBU9JWw1542PT0iq-sLJ4-0dl1RIoP7H-aiWh9mT3EgZE7ZnvktBJJEJ96JEUOhIwfc1DkHPCacpWna_XJLUYloAs0O5F_QW7Exy_RLc-O29Mjg-p5GA2GCMmRL_3MtX5r9um_cLG4dGExVMZsJ5IqluFchInOAZgvJ0IEUAtF64OmLk_y72jsaUn8JXmqlu-IUvgveXUTM3s3aPFYRdwDWZSqNPusNhEUsvByov67jbiJgE4mFbuSNwoXKtRMN9ODmCgkxsjCA3gIRqclt35eSHxpLobtn6W9RqjuSCGZytDdkKfxN6OcOjn7j2y5AC8P-g7x9e5UMyDRsvijegbj_z6ZGLrU3HDLOLIzckw3INnC2qZJRNa2JoXyGaGmTGYywL7kNN6beU2B84yj4Nf3bdsqu3v3cyWu7rr6QBJkDbYB2lETjEtrDGppthcn0_-5zlDKZ-BBPv2FXW_ZkqFkACI0X9BeJT5IHx8V7aVU3OcyeeucBBYt-VpDaHM-SCCkXpBR5sNH7SosJboS8HsXVYI8aO21CUwxCaqIauDoBIyI7VHL_rtM1u0T0Fn45h6yo3mkUgsVPT1Wh45PgIsjLMF4luaveIALFalfVsKugPdRcMbl4YaYzekR7SD_3EO2dcoI4GN-spgsADt2Hn7LmExHN2XLx92CaZH-sB9rxRsW5UxYBZjarB5DrssWigXmZw48K6O0e2Rb5GgBeiAY7oNo64xBLrLSP96_IcRAJu4R-EJfeIj-rZBQjxzgKBvrIh6u6tfMx6_Sf4aEeP5g2ozEPliIKICH7GJBfSTENAN1UPBKiSUj7_fA0MoiwgiOjqHrdmSAjdGmQzKzS_J9ZjPaEfkhi5eM8EC_g7YtKM0gf34mvn8Q8LNU_z8J19hGR26gBXzVyDFbamHiTz2_2t9ydHVKjrqKQafDiYrw_hZU7sRskqNGi9MQgsgtjQ5Kp_kfog9lW_krHk576UiaijadNNpa-TPaP-U1Z80Fn_ppTNUpmodP_8P_YjLXr-sRs5ppxhcgBPsUinMpf4Qxc19RWEIZ9n0YrgOS75w160C5YKsbmQCm3mgK_JeGf8r4t9Q0kiFcCMKL_7TQHTKEnr8hN5tFb4JfKySBFBJOupfoLsfHQUfIB6pPXsFeaGnqQOlE4BwYyurmi6zVMP7VO9BD17ZSLmwd0pWc2u-6E-bd3EGOvdE8PQQtw9sesXKxyr1xjKemndolGpBTyx2oZb6tR1Xwm4WXkZlNxzTMcPYaqDd8gf6zkjHeuKIT_rXBlAl40SOYmB4xugiQjIC-kRU8an2V7ngG8L89HCKjVc-UDYxGcIxEklh5KhJEP3KtfYmvmX6BRFV55xRBZNLY_jROFQKyZyVnXH2d2tOxNAEFQjUGvdUqQNI-v-Q9-ComZHkL6KhZ_jLpazcrUkII-FXr2y5KESnIoPzDQe3pTiqhXU7pvQ6L9rLroAFVjAqHfaMu-StOucBgsC2cMiiHziklwPPtEdx7zh1Gk4SsTDHDafouiEHR_8_NC2UG3w314n6aM4cBVUntIsRGUaongRa13lxdI6DwN_ua4QqESYQRmtzjfDxNzew_eoxcx8YRUFyuI6BydUACBiI6W_cBkwgKKsUyiI4umKNN_HFQZV5lpCTKU7ck5GGtnvdb8olMUmq1I0yufLFUY1K2iCSxJXxU7pqlR4fc-U4Fmx-DVd4Fr3IlPMDZWxWdX9_ZnLTaBWPMz9_chVLFkM26z1FAePS90LzP9jzXPnBP3YulYqKdXMa0JqR1DbVcwHV-KtyLw1hBdwCDP0WZtcXiv4ys33w9R_92hBoay4gDREayBMEmP5q2h6au8nxWcH8z6hI6yZWtzUtxgrTkLrgVR62OpUojqdTUxfMV9LgWfdJReYdHaRFdiKTDhRbJWzZcHFC1_S1U4AM5nnVe_KAMEdPqP3of6rdz2IdJOjcR1EEQCzNPoQmvblaOmK0hR-w9mUAZYwBFd8TcpoZtgVx4zrxly8Xciq__go6hu7qws4DGCL2g4xo1MyYNM1En_V1AnifY_NZhJwKcGRvgJnSdybPrZe5qoqNJnJJIqTo8YepHlR6Yldj7-7hn-AVFylxYbbLlXrxecvT7LPZmlrAnFoy4JB0zvuDWLzwjF-jH3d1MC4MwJ83dyGHor6Fx77VMmcOFVrCUAK1VXk4v9FZtmuov3RV7xoRqiLNwGYSHYrG88cWkc52P8kkVX2Gkpr7r-xkxlJktnw6XX5ldLOySmPJByVCdUcFATzSLuRfdRqggyN0SYUTiU_ZcoDgaBgL-TjmLoE7cUHYNMFYUl9NorD9hWI4xFna2so9hLCvSnhlRanogGRrTgm5cP3BRisKGv4MMmlBEFZvW7Gdqcydu0IDD1E1pFCWCCUzLr9aFNdn9l7qe0KX6_bfTeaBLTPdpYd8OpRrK65LpBSx_bLQZcUQbyn6AOgvjN0-MOTBPPVtdlNrIngKtX0nZVN5ak6bvO7-PfYGX8pfG9dyO9MXLKAfZugPo3TezN5btTS9p2AIr_PdYVEe8120nsKOjsVnm_A2Q1lePUxNeZiiypa0ojf2y37dYVeeTpx9V5kUCkY4NgX3hvLkxdmLuLrnl-TyYrbkhHkkqKlliux1VohLrsSekamQ4oBKSNLk17ZrcoQDXfrnh3wjLQqKBCaE3sYBwXHIEjqE2nNp8MVRalMWPvpBDD-j2t3usUamyFj6f0EBHtM0t91rnpJTwaVcaozdPsZnJdGOexUFueJWCilaYEfPfw-0vlbWkCEEgBRd38z56zoI7SpZ451LOuYawJ4ToVtIoCkVqtz_1q8ZZhd2pk4EXcwn6rF1XIQi9EfbuSbG9t_FjKt4BuILMAMLp7VXeoW7pEEKBN7tzBV7vs3TFPiqBRV_E9sdPnD2CskRHOdMQa5n2k4sC_JObkKgBcLnjUW04AwQaNvfIDZO8YvXm7k94bcjzXF8V_YuWY_MJN00TWYSUv7zf8NmW76Or7TRCt91RQKrouow7yMshz8k0Fd13M1FXAj41cQ62zoXDTigP_UErfADe192csL7EfpgQQVOsDM-JaDaRptEoK2Z9ie8_wldatA8h1xiHAN0pSqNeppkW1Pjfq2E5ZII9lCLQ4yyqJReqE_tHtWf3g-q8nl3r4ooJdvlPP6kfGxHJyC7t9tOXOYCQEcB6rtfqByTu9ZRAH6rOo3hqQBWTpRnXbmwSc6L2widzFMFSz0wO2zvk196d8gTTDGLaaR0SlZXtMQnajnM0WbFrCd2i_IS0c3FsQgvJkrfabmyjbR5K0KTqm7CCIsGvRHFFp2ZFHxmaZROTPZ_kBF98mRpua3PJ7NBkseNEBhTQYnYggCjdCbKBWooBewVgieB8H7pxOFthAhtoMpQUMfXKVLsPdwoXHNDQviGYrkvCcGfCIRVhhdbx1bkpKPn5Yivd4e7HeSpRiBgZTh5S0GwK0PuMSgWyO0tOx-qQFSEraQJFdhqTQIPwaZRCchPKqhW1Z4F6gc5Rky1sC1uqOk1Gq0tLskNqhAAqyqCOPZ74fayZf31qU7ZQf8IU&cid=CAQSPwBpAlJWTvlemUh3FRy64IIBLndKiFelhYGQhg_CSCboxyIFt38BZY0MlcVSSoCYRA8BkkvzcLDn4RLHUr_zsRgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=16556585685027891000&adk=676413724&idt=558&cac=0&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:25:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
71279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Sep 2024 08:25:01 GMT
8w7qrx09r0fs
hal9000.redintelligence.net/zone/ Frame 889B 		0
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 23CD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame 23CD 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lmr8ap8f&c=1288343504067&slotId=644171752033.5&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s08-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 23CD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3160 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
71279
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 08:25:02 GMT
expires
Wed, 18 Sep 2024 08:25:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 23CD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:01 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
bridge3.590.0_en.html
imasdk.googleapis.com/js/core/ Frame 529A 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
7f35f83071a3c2e2026ed7f2b89b536c2c6a116bd99ae1cff343c0ecba7e9212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
457048
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236505
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 21:15:33 GMT
expires
Fri, 13 Sep 2024 21:15:33 GMT
last-modified
Thu, 14 Sep 2023 21:14:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5D0B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 20 Sep 2023 04:36:14 GMT
480_650.mp4
cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/ 		4 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 20 Sep 2023 04:13:01 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AF16 		1 KB
683 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
30372
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 19:46:49 GMT
etag
48472445140208031
expires
Wed, 20 Sep 2023 19:46:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 889B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcfbd2b447ce36ebcde81fc54e95a738e8d7b199f84215da1d647fcbdf0be8ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 04:13:02 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Sep 2023 04:13:02 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
209261
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
257492
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
9f1ab26a5ab9c0c0ad06a4e58d4570c1c429f2cf2425b0147ccc32cb08cac5a7

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 04:13:01 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 20 Oct 2023 04:13:01 GMT
sync.html
public.servenobid.com/ Frame 72F1 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
85516
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 19 Sep 2023 04:27:53 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-id
EAbO6I-Gdr2DF9CboC_M-0YnZ9mQH1iYJtrcbxXDOsWr0IKUyHn1ww==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame EC48 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Sep 2023 04:13:01 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame DE0B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1695183177728
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
da7391ce395f4b46dc145d7c6f87caa46e5ce4fab869a1419d792c6269b45009
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1261
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame D2B2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
77830
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 20 Sep 2023 04:13:01 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5289, 421303
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230081-FRA
X-Timer
S1695183182.937458,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 13C8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
763
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
80973bc64ee301eb-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 04:13:01 GMT
expires
Wed, 20 Sep 2023 08:13:01 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame CC4F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6417c65a57cd68bc0e5e18cf23b47ee22d6c9643d6b2987c6dbed425baebf25b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80973bc43fe42a7c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 04:13:01 GMT
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 5BD5 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf8610f26164e6dc650c5098ffe6c2afe9542d901df2ed2d4d33726912150c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8455
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 04:13:01 GMT
expires
Fri, 22 Sep 2023 04:13:01 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
adpushup-d.openx.net/w/1.0/ Frame F451
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
894890679188626438bf9769865a24d25c4fd944f7c85fd0eaf3b7c507c08d43

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
416
content-type
text/html
date
Wed, 20 Sep 2023 04:13:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 20 Sep 2023 04:13:01 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
isyn
prebid.a-mo.net/ Frame 28C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 20 Sep 2023 04:13:01 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync
eb2.3lift.com/ Frame EEA1 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 20 Sep 2023 04:13:02 GMT
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 3160 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
18948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Sep 2024 22:57:13 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://onetag-sys.com/usync/?tag=img
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:01 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=&gdpr_consent=
date
Wed, 20 Sep 2023 04:13:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usync.js
eus.rubiconproject.com/ Frame EC48 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3a2eb12bb31b6137ebf9011835d5f91947ebe8113118e575de36de68182b7e57

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 04:13:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 14:17:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36224
Connection
keep-alive
Content-Length
10516
Expires
Wed, 20 Sep 2023 14:16:45 GMT
img
sync.mathtag.com/sync/ Frame DE0B 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 04:13:01 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 20 Sep 2023 04:13:00 GMT
/
onetag-sys.com/match/ Frame DE0B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6902073697500061440
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6902073697500061440
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:01 GMT
an-x-request-uuid
fc54c131-e111-4089-9cdb-f9c965319cc8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6902073697500061440
x-proxy-origin
31.10.172.41; 31.10.172.41; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DE0B 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=u1m9afAQ32UEEhbwnTO4i__hPcOgn30uZG4Yc-9KBcY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DE0B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKl0j-xnW4Qv7Cb_ofzAY7vfTyg9Ao8A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKl0j-xnW4Qv7Cb_ofzAY7vfTyg9Ao8A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKl0j-xnW4Qv7Cb_ofzAY7vfTyg9Ao8A
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame DE0B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame DE0B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:13:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4HPX2JQ3DFDCR7KTQ0WG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame DE0B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:00 GMT
content-length
0
/
onetag-sys.com/match/ Frame DE0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFIGvmdf4Nnbq0WWZoLIYHk&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFIGvmdf4Nnbq0WWZoLIYHk&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFIGvmdf4Nnbq0WWZoLIYHk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame DE0B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame DE0B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695183177728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.194.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-194-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame CC4F 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
641100
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
80973bc5b9082a7c-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
google
match.adsrvr.org/track/cmf/ Frame AF16 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB23tu77z4j5Of_0s5TIoMw&google_cver=1&google_push=AXcoOmTIhUSCDvxCqdvn0RnoGSY-ENqs63H7JhPt2Wo9-EA72RJvXaJo2pa-Se_UzaJapeJ7ifHpqezFNUiVylUvjGMQeHqHASae
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame AF16
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEINSxpn_C04eFO8WMQZFUPs&google_cver=1&google_push=AXcoOmQX9qCXh7kqwyVq7SIkooZs8_3UnC3B638VtiRkxymqQ5XGPJ8i35j9_tt6m9vmPbxrSH_oJXG7cR1gSRvJhNuh5sx_jU4h
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg3RUNFOTkxNjBERjlFQQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg3RUNFOTkxNjBERjlFQQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Mzg3RUNFOTkxNjBERjlFQQ==
date
Wed, 20 Sep 2023 04:13:02 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame AF16
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFoHrOl9zXBBEghWdrkxns0&google_cver=1&google_push=AXcoOmRGDT9HQlLqbSyfgO6T4iLRMuf3U6wmk0Yrk7AfFpK53mKg7buGjs7_-WcofJwnF_QBA1nRVcJU9eBn-P1ODst5VRo...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRGDT9HQlLqbSyfgO6T4iLRMuf3U6wmk0Yrk7AfFpK53mKg7buGjs7_-WcofJwnF_QBA1nRVcJU9eBn-P1ODst5VRo_W-XFfA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRGDT9HQlLqbSyfgO6T4iLRMuf3U6wmk0Yrk7AfFpK53mKg7buGjs7_-WcofJwnF_QBA1nRVcJU9eBn-P1ODst5VRo_W-XFfA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRGDT9HQlLqbSyfgO6T4iLRMuf3U6wmk0Yrk7AfFpK53mKg7buGjs7_-WcofJwnF_QBA1nRVcJU9eBn-P1ODst5VRo_W-XFfA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame AF16
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOD-TExXMffdfdhNptYgTLo&google_cver=1&google_push=AXcoOmRyVclSjeBe2NngQcEA-Tgz6vloeRa8HyDcXMLPcb4k6IkZ4BNvc7LblN9L1QR_KCNJVaWb2H1hVq-80Z_...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FZXqowfsWHJZkIul9TEdNh8KrCk&google_push=AXcoOmRyVclSjeBe2NngQcEA-Tgz6vloeRa8HyDcXMLPcb4k6IkZ4BNvc7LblN9L1QR_KCNJVaWb2H1hVq-80Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FZXqowfsWHJZkIul9TEdNh8KrCk&google_push=AXcoOmRyVclSjeBe2NngQcEA-Tgz6vloeRa8HyDcXMLPcb4k6IkZ4BNvc7LblN9L1QR_KCNJVaWb2H1hVq-80Z_tbt9K_Dln8bZYMw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FZXqowfsWHJZkIul9TEdNh8KrCk&google_push=AXcoOmRyVclSjeBe2NngQcEA-Tgz6vloeRa8HyDcXMLPcb4k6IkZ4BNvc7LblN9L1QR_KCNJVaWb2H1hVq-80Z_tbt9K_Dln8bZYMw
Date
Wed, 20 Sep 2023 04:13:02 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame AF16
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECPTyGd2i8WSRJqPtvbPLNs&google_cver=1&google_push=AXcoOmT9X3jpn2KgpfaOkzrllwQsDLqmYExB0r0sGsxyzEEoYeBKyUCU4dQQOTxEqh412Gs5JVtGRZqLg6MNCZdl...
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b241b3bb4f&gdpr=0&gdpr_consent=
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b241b3bb4f&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Wed, 20 Sep 2023 04:13:02 GMT
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b241b3bb4f&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
397d-7a4iC1e5A3GbR-9kT-ESOUYIg-7DBIkXBQlhetkwcWUKxOeGg==
pixel
cm.g.doubleclick.net/ Frame AF16
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESENTL6s9XCv4dzttk-FWA7kU&google_cver=1&google_push=AXcoOmRomCDtV9kXAH39tKPF4L5oyghAJaGBi89QBd5WFqYkW1fPfqrCsZioP6xhrDe3fSy1j7yaoo-F8mngI77V4PBVM2H...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRomCDtV9kXAH39tKPF4L5oyghAJaGBi89QBd5WFqYkW1fPfqrCsZioP6xhrDe3fSy1j7yaoo-F8mngI77V4PBVM2H8roL3i2A&google_hm=MTg2ODQy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRomCDtV9kXAH39tKPF4L5oyghAJaGBi89QBd5WFqYkW1fPfqrCsZioP6xhrDe3fSy1j7yaoo-F8mngI77V4PBVM2H8roL3i2A&google_hm=MTg2ODQyNjE5MDM2NTY3MjY0Ng==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRomCDtV9kXAH39tKPF4L5oyghAJaGBi89QBd5WFqYkW1fPfqrCsZioP6xhrDe3fSy1j7yaoo-F8mngI77V4PBVM2H8roL3i2A&google_hm=MTg2ODQyNjE5MDM2NTY3MjY0Ng==
Date
Wed, 20 Sep 2023 04:13:02 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame AF16
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOLNlGEsdmJA4BdIuUOFWew&google_cver=1&google_push=AXcoOmSGmBS1tvpNvabO4M3QP-GRDkocwgI2cyckydtnPH3dryN-RyQ1Cz6Sm8DjpC7nhEz7cYfKD3-n3vz...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABirDKmRpU1AambuZOTFVd_xmvJz_CPZiQ1A&google_push=AXcoOmSGmBS1tvpNvabO4M3QP-GRDkocwgI2cyckydtnPH3dryN-RyQ1Cz6Sm8DjpC7nhEz7cYfKD3-n3v...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AF16 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kviwlz7ca-OtAq-8Ru6Ddu5c1tALs2LcqKTRJeghcik7Zq7oMvXXiI6t7a8otzshfWqMGlqbw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695175979&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695183178490&bpp=308&bdt=1370&idt=587&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D99b0988d47154f48%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZmymGweQoucKvdi0yjGZfqj1kkaQ&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&correlator=1288343504067&frm=23&ife=1&pv=2&ga_vid=781698518.1695183176&ga_sid=1695183179&ga_hid=1680768049&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10322&biw=1600&bih=1200&isw=336&ish=280&ifk=3845944276&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077327%2C42532403%2C44798934%2C31076996%2C31077997&oid=2&pvsid=280796656534332&tmod=1251585898&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hmp2f9m0zq9&btvi=1&fsb=1&dtd=625
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5DA4 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230918&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js?bust=31077997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
51578d8cb5aabd0461bad98b9742d32311ba95e6cdf991b71c22737c5adf4bfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11992
x-xss-protection
0
usermatch
ssum-sec.casalemedia.com/ Frame B331 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e90c0daa9394a22d661c61b084cb1400dfc30a5e829aefab2a5f9f5aec5c8c1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80973bc8cbf623f7-ZRH
content-encoding
br
content-type
text/html
date
Wed, 20 Sep 2023 04:13:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ykF7quM2ysACG5ZJ%2Fap%2BLa6XzLIby4ILaCNzaidtlLgBqPeAJU264z6fYEiJ1HeCHBtwew%2BCRQXJGdRPfIk4dzUFAW4yvExX98rezr%2FDi8dhJ3iSSlGn%2FuXfMTVhYooEkz4QFdM816AgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame F451
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=6j_ZKus73SrxM9145DnEcr08jXLxadl4vzsC4wBa
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=6j_ZKus73SrxM9145DnEcr08jXLxadl4vzsC4wBa
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=6j_ZKus73SrxM9145DnEcr08jXLxadl4vzsC4wBa
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F451
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6354298408334049921
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6354298408334049921
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6354298408334049921
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame F451 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=5fb47ba6-dced-84ed-9aa7-aa21db09d954
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:13:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3BBT03ZW1R6WCPT6C4WT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame F451 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=076207db-c047-3f17-5aa9-28b6b33a12b4&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame F451 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmIwZGQ0MTEtMDkzMC02MWIzLTRmNDktNzIwZjc5ZDhkY2Q0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F451
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECGB0QWG5VkgJHelVcFLgl0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECGB0QWG5VkgJHelVcFLgl0&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECGB0QWG5VkgJHelVcFLgl0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B331 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame B331
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJsbzTOaL4rkZOSL7EoQjBc&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJsbzTOaL4rkZOSL7EoQjBc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jj%2FmIr9On9QxW8W2RESWg5rYgD8WbxVUCck6q58SFNBEB1gnE%2FuLnAXkxbS%2FaLi4AtM9GLbqlc1SHq%2F7Ytqb8gczHZnYxPP8xp%2FKgSBmE7XUiHciKGtBePAwp3MPQ2TqRoxyu1vmLxM0fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bd0bc5624be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJsbzTOaL4rkZOSL7EoQjBc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B331 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:13:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TD68553GXX36BTER83H5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B331
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6902073697500061440
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6902073697500061440
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woijY%2B%2BG5i27Tk1OA4CsEgoGaCDkX8HcWZqXu5YcCJut9xAegYlSwV1DDXx7WkRyuYsT7BMEHr9jRF%2BHWsZF1qj%2FN1HYgQs6u9rP%2FxYdUaNF2CfhBGr6xI4zXApkcC53ThJZ6eVLIibK1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bcb7b7d24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
an-x-request-uuid
2e6b3693-dc45-4c27-8889-34c3e6afb285
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6902073697500061440
x-proxy-origin
31.10.172.41; 31.10.172.41; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame B331 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.128.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-128-129.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
crum
dsum-sec.casalemedia.com/ Frame B331
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=nvU7prbdnmzMRv9SSl2T&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164&tc=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=nvU7prbdnmzMRv9SSl2T&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9%2BQqKMiIHXeKgAp8baTDHWJG1YhHFH52uiyN8ApypQByICKbvWLuggXAU%2FiklB%2BlliRjQcHkD7CEPbTYyYIwcIEf1EdSPdz%2F7Mf2CnwjjA304HvD4O%2FAmJqeELwVMLSbr9pxEVc5eG3jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bcfcad324be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=nvU7prbdnmzMRv9SSl2T&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164&tc=1
pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT, Wed, 20 Sep 2023 04:13:03 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B331
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FZXqowfsWHJZkIul9TEdNh8KrCk
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FZXqowfsWHJZkIul9TEdNh8KrCk
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnHUqKwHhMJ7xBN81JI5GIlhac2T%2FyhbWlXHGMeO64nCwepL%2FmoqrIjnv2rQWgVnK7HGlxp9fXw6frEBXd47lGl0Ymy9XGpgaKhuanrDVjTtr7WZ7%2FIa7mXbUCqLZGLi%2FkzvenVzEk3gqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bd03b5d24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FZXqowfsWHJZkIul9TEdNh8KrCk
Date
Wed, 20 Sep 2023 04:13:03 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum.casalemedia.com/ Frame B331
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a2c23137-6be9-494c-987d-eb4238193d83&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=&gdpr_consent=&us_privacy=
43 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMHCdTn66vm%2BujPwPmV%2F2kZba%2BQUTJ3luuapBdf%2F1SpqD2g8Pm6kSfF5lGS89MKu5OUMGuj7nmFo1r5WYxL2WDtsb1mDv%2Bqy4rc7O55Ij%2FLQy0%2F4zBol0Y8xtrGBAebruCBLs2bB"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bd1cea223f7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 20 Sep 2023 04:13:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame B331 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZQpxS.EmnVdhzRHNN3Ou-gAA%261164
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
22270
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80973bcabd9a01eb-ZRH
content-length
43
expires
Thu, 21 Sep 2023 04:13:02 GMT
async_usersync
ib.adnxs.com/ Frame D2B2 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
an-x-request-uuid
0f846760-8d2b-4ffa-b2e8-a3af871f762f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
31.10.172.41; 31.10.172.41; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5DA4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js?bust=31077997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 04:13:02 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 6DCF 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80973bcaac2a2a7c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 04:13:02 GMT
server
cloudflare
vary
Accept-Encoding
log
c21lg-d.media.net/ Frame 5BD5 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3381847789312964000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-160-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:13:03 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 20 Sep 2023 04:13:03 GMT
/
onetag-sys.com/usync/ Frame 5A3F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
25e4215801dd78a58f8b197dbd0ff129fc0db6fe85d8fa6be918a3c80df4b390
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1120
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame C156 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 20 Sep 2023 04:13:02 GMT
X-Sovrn-Pod
ad_ap5ams1
13926
g2.gumgum.com/usync/ Frame CFA4 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.185.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0ee9aef9ed67cec36ee3020adfc75dc2b6f7a788618ae3eb47343292dc22b8c8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 20 Sep 2023 04:13:03 GMT
etag
W/"02ee205b64cefe9e45e40fba05d44657c"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame BFC8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
4830a78ee0a1d53545ad3c0678dc9981891e488ecf093b052f5e26d8a3f7d3b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1103
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 23E8 		854 B
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
9de83925d0c33eaafa51ca8f83d2e54f0a5dfc5f1c046acc35ed737c9696b943

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
854
content-type
text/html
date
Wed, 20 Sep 2023 04:13:02 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DB82 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7abc6940b2361f2e9d5d234b231046f5ae4e948e6cda367b28f0642bf279f90

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80973bcb3b1724be-ZRH
content-encoding
br
content-type
text/html
date
Wed, 20 Sep 2023 04:13:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMt5XbZyyN36Vqf0qZafeDZqT8dWWS7ay71k0HrfiVwa7Ink%2FzMt1vWHtTRvzfCd5YDy5%2FSkYTh1YkU7%2Fl9SN6cocV4yIaKoeN4eSj22J7b7S5c%2BhJChqgaBlPSEoAGL4wDjInOsl0Wd0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B5D1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Sep 2023 04:13:02 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Sep 2023 04:13:02 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 85FB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=54809
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 20 Sep 2023 04:13:02 GMT
expires
Wed, 20 Sep 2023 19:26:31 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 21A6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b20c191a1de029738ab0e25c1125a5821a32027abb52f93e7e5e513a49824324

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Wed, 20 Sep 2023 04:13:03 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-id
S-JfvcmpADLL0Iwl7aePLlT_fQWB8wShIsDSjSPXXMXKQtVerhzU0w==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame C2EC 		0
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 22A1 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.204.164.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-164-185.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
a285614cc6b1ceb45c9d96e64f2562615845a8797257dd6856219e87e075d9ff

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Wed, 20 Sep 2023 04:13:03 GMT
server
istio-envoy
x-envoy-upstream-service-time
5
sync
ads.servenobid.com/ Frame 72F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6902073697500061440
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6902073697500061440
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
an-x-request-uuid
0eac67bd-2d06-4d0d-90e4-2918a0481d96
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=6902073697500061440
x-proxy-origin
31.10.172.41; 31.10.172.41; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 72F1
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HWc9sRZHz8dAoh9jRfaaSxBd
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HWc9sRZHz8dAoh9jRfaaSxBd
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:13:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HWc9sRZHz8dAoh9jRfaaSxBd
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 72F1 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Sep 2023 04:13:02 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 72F1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1695183183093
  • https://ad.turn.com/r/cs?pid=45&rndcb=5982492553
  • https://sync.1rx.io/usersync/turn/2774169714449223286?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
date
Wed, 20 Sep 2023 04:13:04 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb2bf15b1c2df4347a90affaf4c1a4595003
content-type
text/html
sync
ads.servenobid.com/ Frame 72F1
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210827143705281
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210827143705281
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210827143705281
Date
Wed, 20 Sep 2023 04:13:03 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 72F1
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=758b3827-7fcb-400d-a091-7a61d93f0eb3
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=758b3827-7fcb-400d-a091-7a61d93f0eb3
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-93
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=758b3827-7fcb-400d-a091-7a61d93f0eb3
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 72F1
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Wed, 20 Sep 2023 04:13:01 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 72F1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
date
Wed, 20 Sep 2023 04:13:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 72F1
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-0012af5a-3a2c-3712-bd2f-87d3939198cb&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-0012af5a-3a2c-3712-bd2f-87d3939198cb&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0wMDEyYWY1YS0zYTJjLTM3MTItYmQyZi04N2QzOTM5MTk4Y2IQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wMDEyYWY1YS0zYTJjLTM3MTItYmQyZi04N2QzOTM5MTk4Y2IyAgwgOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Wed, 20 Sep 2023 04:13:03 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-0012af5a-3a2c-3712-bd2f-87d3939198cb&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0wMDEyYWY1YS0zYTJjLTM3MTItYmQyZi04N2QzOTM5MTk4Y2IQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wMDEyYWY1YS0zYTJjLTM3MTItYmQyZi04N2QzOTM5MTk4Y2IyAgwgOAE=
pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 72F1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
date
Wed, 20 Sep 2023 04:13:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 72F1 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
sync
ads.servenobid.com/ Frame 72F1
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 20 Sep 2023 04:13:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 20 Sep 2023 04:13:03 GMT
pbs.gif
sync.admanmedia.com/ Frame 72F1 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 529A 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2878585183775034&sdkv=h.3.590.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.590.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FCTyxBJ3SPx0wGr0ZHxuc0g%3A1695186777%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=096ACC38-D8F9-4DC8-93BA-28125DF43A12&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=1695183182590&cookie=ID%3D99b0988d47154f48-22c7698b7dde00a1%3AT%3D1695183176%3ART%3D1695183179%3AS%3DALNI_MbaLUjGfJCMwrNWkEIWe59L77xCzw&gpic=UID%3D00000c7913d960e5%3AT%3D1695183176%3ART%3D1695183176%3AS%3DALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ&scor=2983352909663819&ged=ve4_td8_tt4_pd8_la8000_er742.400.743.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame B83A
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
0
0
RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
sync.targeting.unrulymedia.com/csync/ Frame D299
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1695183183094
  • https://ad.turn.com/r/cs?pid=45&rndcb=1734614377
  • https://sync.1rx.io/usersync/turn/2702112120411295350?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3160 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1y5YTHEKZbPGCsXMgAfD86-oCQAAAAA4AeAEAg&bg=!hIelh8jNAAbP3fMH7907ADQBe5WfOGtIxzG5OY0hJG_1NMpcNalnaRiWwrZFWDjo1YSbtJ3ZgeglPrJLGky7JKD0iwfPAgAAAJdSAAAABmgBB5kC8bLn7kGfxYq2Xco7yR_dvDQUK54ChS8SqlFeePcim_chL2TqO6CZR2J0IUx88i8BLuifEXVV8Yt0gSlbC3QJPz61J9O2m1YiwWU7WEm2Sw07MnrtMcG8-ASZUDrPOs3wipKs8FnxSk0f6KmgSjRTd61P-vm6VFZ91Re8jc957A7uFAAcK-VKXq_Cpr2fI1Lsff40Tgsg0sHp8SzKHhCK-b0ci0aXtSbwBIuMSAi_X_RJfI7BvcPflzKXnzXb05q7GBfF5i3bEfGlJY2kQniH-2psikzFLkleMszgMfJW1l-TwNo2uqirEkYC8pUYHEDLONVj_sRrfTxVP-Lz1ejd_02Sfu0N_UnOLn9kVJY_FTAyUet6UURXQ4wW-JMLRWXau8zrKtFt8svLs-WGmxryhnjbjj0ZcvpUk8CLAEC0tkRnJ5zS7cw8JjAiJvavxI5eBZedOf-dIOGgTozCtnIq8eiuaot-X71FH14KRPyZLdgilaR5Ex4O9W0lqHHcR30xu-lf1uBazfGCD9bywYUZ2IZPzYkT-z0MKUgF7LXjB-o42_gjUmcN2GPqV-uh9d_HQi0EM4fUvih_Gjvh7qMWLH9eXp_Lv4IeiiUCyaFAe6hfxa500oTPg6tHxERNnz63QyDrG0Jx03mDAtGTXxF6L13qN0oOpyXDTslaoUfLOB63nuY8eFY7ZbP2atE4V208-ZvF9mYeC-KkQCTNfxyu88BKesL4nnFnqyLW43F47GmWUu7we_l3U-gIDHzlNE5q7RNjyA15xxfn65o86i7nLuHcACGAw9y_1KHfLSwRqNRxRLn0rGDB4sluR1HMc6w3z4YKyUc3RXK72acxjoA6G22gvL0rp0Wunk5C8Cht7AzifqDlachIZAopJ5ysg2i6Ah-JnTfNVPuwAO9zLR6qk1YvCDk5Rj1UAKgB8l3LzKSBvHvgtWAXoyqs2CmlypWcu0N529mByFVdV7PWap1Z6l7lVx_is2H0Y-jlZrSmM-EkuA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ece55359-3428-5307-808b-9933e581e879
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D2CF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/ece55359-3428-5307-808b-9933e581e879
0
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/ece55359-3428-5307-808b-9933e581e879
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80973bcd7e292a7c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 04:13:02 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/ece55359-3428-5307-808b-9933e581e879
ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DB82 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.44.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-44-222.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
user-registering
ads.stickyadstv.com/ Frame DB82 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 04:13:02 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1695183182533078-331
Expires
Wed, 20 Sep 2023 04:13:02 GMT
crum
dsum-sec.casalemedia.com/ Frame DB82
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACoGU7KFOMAABi22wyVXw&expiration=1696392785
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACoGU7KFOMAABi22wyVXw&expiration=1696392785
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BgAGsMcXZRUR%2FLj1lkPlyQJtVEIQ5jdLoa7v%2F8DL4wo10WMqoC0SvMifa0hB4Sqqb2gD7mLDtiq%2BnZIrJ8vQTEchCgs8CcVwT3waFlt58IIQkQ11BQ4RT8qSvyJXfaGCJd7xVsH3dTDPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bdc996e24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACoGU7KFOMAABi22wyVXw&expiration=1696392785
Date
Wed, 20 Sep 2023 04:13:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DB82
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
34.255.44.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-44-222.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB
date
Wed, 20 Sep 2023 04:13:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
casale
match.adsrvr.org/track/cmf/ Frame DB82 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame DB82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJsbzTOaL4rkZOSL7EoQjBc&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJsbzTOaL4rkZOSL7EoQjBc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9B0MFHF69XQnUe9j2rAT%2BpIsTGmC38NaSSn%2FQ%2FM1HpoR87UzuMl6K3LRFQQuqMGZ%2BQopCBey9SefytOM5kXXhUzRRobKubQGQM4PbRDPTZ4w2qiVH0V60o7KoySYm7Sw8%2ByGXyNh8%2Fycw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bd0cc7424be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJsbzTOaL4rkZOSL7EoQjBc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DB82
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZQpxTwARn09dTAAN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQpxTwARn09dTAAN&_test=ZQpxTwARn09dTAAN
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQpxTwARn09dTAAN&_test=ZQpxTwARn09dTAAN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B77xe5dlgE6ml5PoY2hUglnL8X%2FXS55raLdoDS3TWonuTEb%2Fuf8L5U49qQ4Bs9HweHUmuS2mCeg%2BROnIO4N84bFw187envMzShdsYdV6uR71jfFY%2F5SuT4DRC0imBB%2F1Dnfm6bFhbc5dw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80973bd17dcf24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230091-FRA
pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1695183184.507406,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQpxTwARn09dTAAN&_test=ZQpxTwARn09dTAAN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
onetag-sys.com/match/ Frame 5A3F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=bb51650a-714e-4600-81c8-1ddcfc99a325&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=bb51650a-714e-4600-81c8-1ddcfc99a325&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 20 Sep 2023 04:13:02 GMT
Server
MT3 933 7933424 master cdg-pixel-x32 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=bb51650a-714e-4600-81c8-1ddcfc99a325&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 20 Sep 2023 04:13:01 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5A3F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 5A3F 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 5A3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame 5A3F 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:01 GMT
content-length
0
zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 5A3F 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
80973bcc4d1a2a7c-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
2f6411bbd0a695e8bccff6fe37d6237fab37d2618e167798d080393f5c56c4ab
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 9A1B
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/2f6411bbd0a695e8bccff6fe37d6237fab37d2618e167798d080393f5c56c4ab
0
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/2f6411bbd0a695e8bccff6fe37d6237fab37d2618e167798d080393f5c56c4ab
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80973bd299722a7c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 04:13:03 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Wed, 20 Sep 2023 04:13:03 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/2f6411bbd0a695e8bccff6fe37d6237fab37d2618e167798d080393f5c56c4ab
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
tap.php
pixel.rubiconproject.com/ Frame BFC8 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame BFC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
img
sync.mathtag.com/sync/ Frame BFC8 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 04:13:02 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 20 Sep 2023 04:13:01 GMT
pubmatic
um.simpli.fi/ Frame BFC8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJGVAPCa1hATxBLlARwF2dg&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
0
0
generic
match.adsrvr.org/track/cmf/ Frame BFC8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ads.servenobid.com/ Frame BFC8 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B199 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
18529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 23:04:13 GMT
expires
Wed, 18 Sep 2024 23:04:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 58DE 		829 B
789 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
GSE /
Resource Hash
8d56170cfaeabd0af8a8329231f655ba79082cc922a845cef954c311a3e21c76
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7M0FCvRh0JcXfhCEYsZL2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-7M0FCvRh0JcXfhCEYsZL2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:13:02 GMT
expires
Wed, 20 Sep 2023 04:13:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
qmap
sync.crwdcntrl.net/ Frame DB82
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
0
0
sync
ads.servenobid.com/ Frame DB82 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
6354298408334049921
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 1A9A
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6354298408334049921
0
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6354298408334049921
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80973bd0c8232a7c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 04:13:03 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 20 Sep 2023 04:13:03 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6354298408334049921
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame 1678
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.co...
0
0
usync.js
eus.rubiconproject.com/ Frame B5D1 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3a2eb12bb31b6137ebf9011835d5f91947ebe8113118e575de36de68182b7e57

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 04:13:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 14:17:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36223
Connection
keep-alive
Content-Length
10516
Expires
Wed, 20 Sep 2023 14:16:45 GMT
9b6d9a51f4d79e89b9766142f701daa
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 2E7D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/9b6d9a51f4d79e89b9766142f701daa?gdpr_consent=&gdpr=0
0
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/9b6d9a51f4d79e89b9766142f701daa?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80973bce6eac2a7c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 04:13:03 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Sep 2023 04:13:02 GMT
Expires
Wed, 20 Sep 2023 04:13:02 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/9b6d9a51f4d79e89b9766142f701daa?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1695183182793079-519
v1
match.sharethrough.com/universal/ Frame 7D0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 58DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230918&jk=280796656534332&rc=
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 529A 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmr8aqul&c=1288343504067&slotId=644171752033.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s08-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ Frame 889B 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1925710568757&version=m202309120101&ct=77&x=1&cor=16556585685027891000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/CTyxBJ3SPx0wGr0ZHxuc0g:1695186777/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=229376-

Response headers

Date
Wed, 20 Sep 2023 04:13:03 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 229376-17211103/17211104
Connection
keep-alive
Content-Length
16981728
sync
ads.servenobid.com/ Frame 23E8 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7953013701535579324&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 23E8 		0
0
9.gif
id5-sync.com/i/102/ Frame 23E8 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 20 Sep 2023 04:13:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
rtb-csync.smartadserver.com/redir/ Frame 23E8 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 23E8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6902073697500061440&gdpr=0&gdpr_consent=
0
0
usersync
usersync.gumgum.com/ Frame CFA4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6902073697500061440
0
0
usersync
usersync.gumgum.com/ Frame CFA4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_02f602d9-9d1c-404b-800f-08a4934009ff&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=_2wdvf5oGb3kYBnv8WoA5ahvSeXkOh3vqmiLzFxR
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 20 Sep 2023 04:13:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=9b6aa8bd-f40a-4509-8980-2a278c8f1560&gdpr=0&gdpr_consent=&us_privacy=
date
Wed, 20 Sep 2023 04:13:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
redirectObuid
sync.outbrain.com/ Frame CFA4 		0
0
usersync
usersync.gumgum.com/ Frame CFA4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=f05fa3ab-e852-0741-3dd2-385b7b6a13f2
0
0
sync
sync.srv.stackadapt.com/ Frame CFA4 		0
0
usersync
usersync.gumgum.com/ Frame CFA4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-fgKSfXZE2perXFWIqRy2ewYJVPGY4C5EI6vO~A
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame CFA4 		0
0
142
match.deepintent.com/usersync/ Frame CFA4 		0
0
/
b1sync.zemanta.com/usersync/gumgum/ Frame CFA4 		0
0
server_match
ad.360yield.com/ Frame CFA4 		0
0
rtset
bh.contextweb.com/bh/ Frame CFA4 		0
0
usersync
usersync.gumgum.com/ Frame CFA4
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7953013701535579324
0
0
sync
ads.servenobid.com/ Frame CFA4 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_02f602d9-9d1c-404b-800f-08a4934009ff
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 95E8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]
  • https://rtb.gumgum.com/usersync?b=adf&i=6354298408334049921&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
0
0
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame D955
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZQpxTwAAAcXn_AA_
85 B
170 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZQpxTwAAAcXn_AA_
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
989
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 20 Sep 2023 04:13:03 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
2229
x-served-by
cache-fra-eddf8230091-FRA
x-timer
S1695183183.483247,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Wed, 20 Sep 2023 04:13:03 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZQpxTwAAAcXn_AA_
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230091-FRA
x-timer
S1695183183.273204,VS0,VE93
pixel
cm.g.doubleclick.net/ Frame A4A4 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wMmY2MDJkOS05ZDFjLTQwNGItODAwZi0wOGE0OTM0MDA5ZmY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:13:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7D35 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=54808
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 20 Sep 2023 04:13:03 GMT
expires
Wed, 20 Sep 2023 19:26:31 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 8744 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 20 Sep 2023 04:13:03 GMT
server
Kestrel
idsync
tg.socdm.com/aux/ Frame 55A7 		0
0
gumgum
cs.admanmedia.com/sync/ Frame 6A05 		0
0
usersync
usersync.gumgum.com/ Frame EF5B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=nvU7prbdnmzMRv9SSl2T&pi=gumgum
0
0
usync.html
eus.rubiconproject.com/ Frame A257
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Sep 2023 04:13:03 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Sep 2023 04:13:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
khaos.json
token.rubiconproject.com/ Frame B5D1 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LMR8ANM5-13-2P8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame B199 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
18950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Sep 2024 22:57:13 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 85FB 		0
0
async_usersync
ib.adnxs.com/ Frame D2B2 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
an-x-request-uuid
adb20bc4-19ef-4855-8282-89bee8945dc0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
31.10.172.41; 31.10.172.41; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B5D1 		0
0
usync.js
eus.rubiconproject.com/ Frame A257 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3a2eb12bb31b6137ebf9011835d5f91947ebe8113118e575de36de68182b7e57

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 04:13:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Sep 2023 14:17:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36222
Connection
keep-alive
Content-Length
10516
Expires
Wed, 20 Sep 2023 14:16:45 GMT
khaos.json
token.rubiconproject.com/ Frame A257 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LMR8ANM5-13-2P8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
generate_204
tpc.googlesyndication.com/ Frame B199 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hHT40g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 529A 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmr8ar9k&c=1288343504067&slotId=644171752033.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44800470
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.590.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s08-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs-rtb.minutemedia-prebid.com/ Frame 21A6
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2382515013304278464328
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2382515013304278464328
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:04 GMT
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
WSk-bIbCvUuui1FUiUz7DbnUNB3yQ2Ay7JMHxFwtfcx0Xfy5c0zjCg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2382515013304278464328
date
Wed, 20 Sep 2023 04:13:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 21A6
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=09B60D9C-CC52-47DF-8C66-F931A7727FF5
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=09B60D9C-CC52-47DF-8C66-F931A7727FF5
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
vMmP9W8WD4QbAcBPfablbeZBnGfvNLctKGJ3H9Qhr1v1QiDU664FVA==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=09B60D9C-CC52-47DF-8C66-F931A7727FF5
date
Wed, 20 Sep 2023 04:13:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
bsync
visitor.omnitagjs.com/visitor/ Frame 21A6 		0
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 21A6
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
oaKsYZgSBzjpNT9hRDk0GFhV93PW5koC_0losKTondXEFiKLmZIvrA==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Wed, 20 Sep 2023 04:13:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 21A6
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=9e3be5df-bfd5-0043-2231-3141f3399851
0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=9e3be5df-bfd5-0043-2231-3141f3399851
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
28LIXOCAuMphDErrQjETm5szSL1GygSwqF7dl2UXzwvq4p-j1vG5aw==

Redirect headers

date
Wed, 20 Sep 2023 04:13:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=9e3be5df-bfd5-0043-2231-3141f3399851
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 21A6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
rgTkDg4keee_bfr1WPuxY7OhdRwSaAj7YeyCaWET3rDI2iH4sDLl8Q==

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EP1Ka5B10CvTKnGjAZKaEwN0oI0Eq8%2FJqxNq1KkB3c8vIOu9JHLgb9GWWSXMr6zVo0af7XWcfxF8qYFC%2FS5GL9SBjnJp%2BCTny9BauVW0rRv7i1Kl2d05QFP3ropXmHKnBVjwMBFZwmedxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZQpxS.EmnVdhzRHNN3Ou-gAA%261164
cache-control
no-cache
cf-ray
80973bd1ee7f24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
ap.lijit.com/ Frame 21A6 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Sep 2023 04:13:03 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 21A6 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=ZXsLY6H-Cp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame A257
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMR8ANM5-13-2P8A
  • https://usersync.gumgum.com/usersync?b=mag&i=LMR8ANM5-13-2P8A
0
0
cs
cs.yellowblue.io/ Frame 22A1
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=718aef75712626221be5347fe8286&gdpr_consent=&gdpr=0
0
0
v1
match.sharethrough.com/universal/ Frame 22A1 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 22A1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=09B60D9C-CC52-47DF-8C66-F931A7727FF5
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=09B60D9C-CC52-47DF-8C66-F931A7727FF5
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.204.164.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-164-185.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=09B60D9C-CC52-47DF-8C66-F931A7727FF5
date
Wed, 20 Sep 2023 04:13:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 22A1 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=vKbLYwT-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:03 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5DA4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230918&jk=280796656534332&bg=!fH-lfzDNAAbP3fMH7907ADQBe5WfOFoyqYpzhS3sdUfPPglHNDxmcgj38dA-5tkPs-cr4cG0jpPt5gbmA17cQ171C6XbAgAAAIpSAAAAB2gBB5kCyL5VpSIHVF6atfj1UvXZMzlG_Xik0Lfv90FWYvBDbEM7AvPwgWngJ7E8ZdNYA8EP42uitYYcFbVS0tzuSYidtrbuQX14uEUmzi9BD5u8NPNob5aGardLkXuyM7AvCYBeKfy-ekYeyHX5XrVH8SUegY3mXfiA8W6zNOoj50wuN7qz1UawLjuZ1wP6iH1WWfG0ea7vvrEIjk7RXHz5sA6YX7odxpYM_6Kp60SOcRi2aMwZviVKwOGsQ7YuXdmhwRY3LiWrD01lE1taZHF2lwJ0KRC_4mNCZRTHGcKJKzxtZsixuimfNpf_ZQS5_Rje8RUiM0Zw2QeBTlZbzHhvntAhKYmlHQN9XqdiAxOdHfbaWCXBsg4xMkkiJwjOPU0tyxRGPDGbMPtint_yMJUNXxx9eGN1nPeK2OGXCqxP2jrAI-grAPeVDuFPNtfGk9cWJCbH3N-gAQg0al8PZn_GktiWV08kzUpFXSB5rgO--rqZNyJoKTNrDQHcwM84w8Amy70blSB3hZSY2ArZ4-MXaajDbj1wZ7pn_DFx1pPQ0x3sRkLGcGsWHLAfNeQgd69_qCDIts-jyVIn0Uri6PINPP2SlQxfURR5OQuehEE5hQOpY30wru4eQwq1ur2EVfAhSMf5SwRhn1rSpZqO24z-O3M3gBl0tN5h_5BEtWi88-HXLuU_eieERLCdK-fVGddury3I81XUVSMVCHVwbLffvj02xol1pDthSUeohK_exsmHc22c2nX9IRzMF3ytbS5emuVa3pY6NbOz3wHgy564RPBVxAN-Kn8x35Lljti1d_1WPM3rsiVJBpbnppWsoDZ3-XalWtGemoyY75SnfWnGITJdpm87vR4Xi2uNc88LixTniPgHJbxh51q8XOkRnNtoUuucEa1tXSDDOye_1brH-lnOO_Dtr96kQeOMHvpRR9IkpoTNY9_pFbWHTto
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39i0&_p=1085918321&cid=781698518.1695183176&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1695183179&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxing-ji-can-ting-xin-cai-dan-chi-huo-bu-zhi-dao-de-she-shang-liang-qi-wen-hua-dong-fang-ya-ge-xin-cai-shang-zhuo.html&dt=%E6%98%9F%EF%BC%8E%E7%B4%9A%EF%BC%8E%E9%A4%90%EF%BC%8E%E5%BB%B3%EF%BC%8E%E6%96%B0%EF%BC%8E%E8%8F%9C%EF%BC%8E%E5%96%AE%EF%BC%8D%E5%90%83%E8%B2%A8%E4%B8%8D%E7%9F%A5%E9%81%93%E7%9A%84%E8%88%8C%E4%B8%8A%E9%A9%9A%E5%A5%87%20%E6%96%87%E8%8F%AF%E6%9D%B1%E6%96%B9%E9%9B%85%E9%96%A3%20%E6%96%B0%E8%8F%9C%E4%B8%8A%E6%A1%8C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
702ccca2ea9ff70fbc0c93cf9913fc73.jpg
static.bg3.co/imgs/202309/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ad78de3623e2f8abfa89848e122d733e512f6c2a974522420f1bcbc9d0ffcca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11958
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 4133 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:13:05 GMT
server
Kestrel
server-processing-duration-in-ticks
355277
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 4133 		436 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2565825a68af3ad0b8b9538c9b9850af2031cd7dc5bc70ed31951c1155f55930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 04:13:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1681450
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 04:13:06 GMT
bs4P0r2jHTicInLSxveefOjrD2ImH0eZ9NmQttV6K7xMeifeb65eeo59Y02jVcA31nbyIVFuRIUePAVIObuj6%2BX5rfumsVKVmMXUiDFlVR5Op53dDQWbaLmAnUa7HeLLDv9H%2B%2BKtDXrTHD2aT0z9MQ%2FgaM5CuVwZhePmzf2dFHUA17sazWp2sKWy6kSlPUje
ad.vidverto.io/delivery/v2/content/tracking/progress/1813/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1813/bs4P0r2jHTicInLSxveefOjrD2ImH0eZ9NmQttV6K7xMeifeb65eeo59Y02jVcA31nbyIVFuRIUePAVIObuj6%2BX5rfumsVKVmMXUiDFlVR5Op53dDQWbaLmAnUa7HeLLDv9H%2B%2BKtDXrTHD2aT0z9MQ%2FgaM5CuVwZhePmzf2dFHUA17sazWp2sKWy6kSlPUje
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 04:13:06 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4490 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
18533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 23:04:13 GMT
expires
Wed, 18 Sep 2024 23:04:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 21BA 		829 B
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
GSE /
Resource Hash
7ef0d07ef382199fc5a9093bcf0e78be7de2651ab7aeaa35e4134ef53b679206
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2enlSgOFCepUid0RBjkVbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-2enlSgOFCepUid0RBjkVbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 04:13:06 GMT
expires
Wed, 20 Sep 2023 04:13:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PugMaster
image6.pubmatic.com/AdServer/ Frame 7D35 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 21BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309180101&jk=3050780015833613&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 85FB 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73377420&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 04:13:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 4490 		31 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 22:57:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
18953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Sep 2024 22:57:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/c1664850ab90683c7b5f65bdd3129942.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/98169da0cb97f941385b0851c349a51f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/27349548c3801581c95f5f612d4bdaef.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/472bf7b12c624421fe2a063fd56dbf04.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c5f49ce7de04ac7fc3fd373bf4bd62e2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/3a41a991d611add62bf534cf5d4af6eb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/0247a2373cacefd1b929dfc985830394.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/6d9c3cbedd7f5242ee146aec16a9cb2b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/f60843e3c98493ed70a27583b12f9b9e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/48446f0ca6db61d7ad7df33310ec3d17.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/65690686bd6e7d2b0bf8c866caf5b21a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/bbe46b29be6944d029a61cc8438197ca.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/48888a57beb1338aa5d50108de28271b.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9bbc727e93bca57cdcc6983a2af591d4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/7ed6f5240e5ef3a47a26341e2887af7b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/d236bc47e32d95bb9ecd83c443c1d5f9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/839bacee28b10bcff0ada4ff29db28bd.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/b7d405bdfe2b89d374c3dfbca0faf9f4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/8e54a58bfd3dd7a9ba64e68b5f28f7aa.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/0856292fb9c4de31c60f84fdbd184491.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9b4590b9692e5b2626b8451d260c1598.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/521ac69c1cb13c96498e04c614d51fe5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2244fa67cbe08129a99c3c3d6dda1304.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/d3be49ec01cc01ed7f71421d74b943a9.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/13470bba5736188f07157e36b97dca75.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e785f059fd171e53b520924f35495690.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0ff1fe5aec30ed437d033a15bcdd7f7d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/cad7436db958738698367d74db18157a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e75b7875206ed1ea94197d0297400c23.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/40ab61596e41dbb6df04096f6d2921fb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/74bd8e18b8ce2e4569d920f7032d17d2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/10f85c5c8f67706480a6d94d6098d137.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/2f560803a0ecf5eda28346d6d9cef38d.jpg?w=150&h=100&q=100
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0lowRyxE2oU3V8iB_2_AVIz6CKnnT6vrxuCro3I-~A&redirect=
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMR8ANM5-13-2P8A
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5gyxS3EKZd65CbORjuwPneCRgAuRwdCbafvwg5LcD_AuEAEg0syBGmD1pciB1ATIAQmpAoZi29Hs6rE-qAMByAObBKoEjwJP0NTMP2zYb9tosmiHWDtdeA3LIv7LsluCW5US_FB_BKJ9QkCUsB9IJBPrMIdncbO9JsTt3Cp-arhPLdevZqJsbakyo1yqfr17coMHE2J341btTrwT_6gw-cC4fBlgbbFjiBvDV0iLCLyRYgKlj8X9Hck0CQGB2zx8pnqq1UwDuNoYzjneXcaTxaqPXIDDmxURop4XrJirT4YLxSsSzwJNocNb9E8XAqjn3BOA1dSk7e_RuSN3bcL_BPBfaEo4bM-mvVdJ3NZz-oh647ugL_x_chYoEnU88JBE1xrpqV-orcaqhv3of-PTUyE-NyNNiXasy-eqt3waEuAPVZERiCdJHvwWDP4umvGSVDqj8M78wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMInovkuam4gQMVs4iDBx0dcASwEAEYASAAEgIjm_D_BwE%26num%3D1%26cid%3DCAQSPwBpAlJWTvlemUh3FRy64IIBLndKiFelhYGQhg_CSCboxyIFt38BZY0MlcVSSoCYRA8BkkvzcLDn4RLHUr_zsRgB%26sig%3DAOD64_14bkA6vgjms7CKsurid33kdWh0pA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A6c3MTrXTn_Dfcwm9g5UNuzp_3d0VTyyYUfhGEZZ5IogVbJOz01fOAQJ3zYBx2iP9b_f-yHYxoxE-zwWcbHdTovhpUSJDo-1s17K9fo6NwIyUGedcUblT61ZmRInKXX4tHRvng95qUDOysDpLpGlzxjHE4rDbek7U_hpo6VV-WtvDggPY%26cry%3D1%26dbm_d%3DAKAmf-C5uiOfoH4Jo8FVFQGuNDlxRB1xp0jYIZgKUAR1LV3G2qji6PHaQ9blZG_KR5hV7xuVKFTzSRZiTwddun8ymrDUSRp-FuplBqRU2YPNGDBdeKk8xlC2VxPH5omTbXYXAn_4nADP2rMOo8oe6e4gf3WgZmbDMB1NVbBDLW9-DXZgXufhdV7wqBcA3pDneC2PYdtST_oc9dp45GiZj34knxy-z3AE2sCKjxt05_JbI8xr35DS6hisQJquMoH4f5L2KedNlw6Mlm-ID0WAaQlSz-Fabmcz6TwVZLPdAT9GYniL0SMqvShlJ0J9SmXURw37mMYibc5qTayTsFC-8vWB7GxZ39Odgw_r_S58NO4yPmp3OMJPfcQjxpi4ZsNIX3yp9mhiQSXObfiN_ZXAGvzNRn8QXcqiE-vYqcWumAN3khSoBD08xXvUJc8Mm6FpStcatgmN1sXjuq3XNFfB4e5UYttBeKveYGJaBpUyX31z5zP2WRbdRzpjdJ17xFVg6xKXAIql48Eh7sSPw9ofbHoiNcPwZK09LJZ5QZHjQNYciDMRoJgUB_8gJUnoToUxprSzy79XM78ounhmJbPdICS_9_Woznq2_REMURxZrhY5_uuF5Y7TXY-gS__yYxK8tDq4MS3JLBiice9cBrodrhZysFKlP7y1UDx7gGiDp5vxnykyHDDE4EZMjoq_2csmiB1rACV_z_5q%26adurl%3D
Domain
sync.adkernel.com
URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Domain
sync.admanmedia.com
URL
https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Domain
sync.smartadserver.com
URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348%2526gdpr%253D0%2526gdpr_consent%253D
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6902073697500061440&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=6902073697500061440
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=f05fa3ab-e852-0741-3dd2-385b7b6a13f2
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=oth&i=y-fgKSfXZE2perXFWIqRy2ewYJVPGY4C5EI6vO~A
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_02f602d9-9d1c-404b-800f-08a4934009ff&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sad&i=7953013701535579324
Domain
rtb.gumgum.com
URL
https://rtb.gumgum.com/usersync?b=adf&i=6354298408334049921&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=e_02f602d9-9d1c-404b-800f-08a4934009ff&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rth&i=nvU7prbdnmzMRv9SSl2T&pi=gumgum
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79646478&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LMR8ANM5-13-2P8A
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mag&i=LMR8ANM5-13-2P8A
Domain
cs.yellowblue.io
URL
https://cs.yellowblue.io/cs?aid=11601&id=718aef75712626221be5347fe8286&gdpr_consent=&gdpr=0
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/702ccca2ea9ff70fbc0c93cf9913fc73.jpg
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70553668&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| documentPictureInPicture function| gtag object| dataLayer number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag function| _statcounter object| adRecover object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_tag_manager object| google_tag_data object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal function| setImmediate function| clearImmediate undefined| google_measure_js_timing number| google_unique_id undefined| $ undefined| jQuery string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| aries function| jqAlias object| google_reactive_ads_global_state function| runAnimCheck object| ucf object| request string| paramsString object| _qevents number| vidverto object| regeneratorRuntime object| aries_registry object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo function| inView function| VASTClient function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _aries function| quantserve function| __qc object| ezt object| _qoptions object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| inViewWindow boolean| noPreviewPage object| vidvertoPromiseCache object| closure_lm_63739 function| VidvertoPlayerVideoPlaylistUI object| closure_lm_553544 object| google_ad_modifications object| google_prev_clients object| closure_lm_474542 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| GoogleGcLKhOms

133 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1695183176.B5F62416B7A04FB10FF991794E99AD25.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1695183176.0
.statcounter.com/ Name: is_visitor_unique
Value: 1695183176370133796
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1695183176.1.0.1695183176.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.781698518.1695183176
www.bg3.co/ Name: __AP_SESSION__
Value: 19bfce5c-4b8f-47a2-90ef-c46809a8eb82
.bg3.co/ Name: __gpi
Value: UID=00000c7913d960e5:T=1695183176:RT=1695183176:S=ALNI_MZ8jI-52-7nRfI6LQc4m69Pi4SXrQ
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: b0c273f1-1027-4439-9d62-134cbd5736c1
ad.vidverto.io/ Name: moxuuid
Value: 43d68535-3416-4ea7-a6f6-7eb3c972fec8
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1695269577
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1695269577
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1695269577
.doubleclick.net/ Name: IDE
Value: AHWqTUlfmoKJRF_KL0RKLBVMKgxg-_S96wGTwAyT5HR2pPk9VGIcptAOdyfV8vhmdjo
.prebid.a-mo.net/ Name: __amc
Value: 1_1695183177_1695183177
.omnitagjs.com/ Name: ayl_visitor
Value: 986979419fce8398858030b71806554e
.aralego.com/ Name: sspid
Value: 583bdf8b-f6f8-3221-a525-1c4ee8843632
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwyeKpqAY4AUABSAEQyeKpqAYYAA..
a4p.adpartner.pro/ Name: apuid
Value: cf3aa1ba-6474-4e44-b766-aa0470cf07de
.yahoo.com/ Name: A3
Value: d=AQABBElxCmUCEILFjawNPdkN3QkEf6zFtbcFEgEBAQHCC2UUZbth0CMA_eMAAA&S=AQAAAqGt3NVE1vxcs11Oas9GyHw
.adnxs.com/ Name: uuid2
Value: 6902073697500061440
.teads.tv/ Name: tt_viewer
Value: e834d936-6af7-475b-99db-ec55ca8aec7f
ad.vidverto.io/ Name: adpartner
Value: 43d68535-3416-4ea7-a6f6-7eb3c972fec8
.smartadserver.com/ Name: pid
Value: 7953013701535579324
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 09B60D9C-CC52-47DF-8C66-F931A7727FF5
.bidswitch.net/ Name: c
Value: 1695183178
.bidswitch.net/ Name: tuuid_lu
Value: 1695183178
.bidswitch.net/ Name: tuuid
Value: 9b6aa8bd-f40a-4509-8980-2a278c8f1560
.rubiconproject.com/ Name: khaos
Value: LMR8ANM5-13-2P8A
ad.mox.tv/ Name: onetag
Value: JoqNrxFaXwifyBKLLwCWB4L23rjIBUu-_2cKWQs8BXk
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: mc
Value: 650a714a-94383-9a6d9-c03c1
.aralego.com/ Name: euconsent-v2
Value:
.bg3.co/ Name: __qca
Value: P0-525379589-1695183177886
.adform.net/ Name: uid
Value: 6354298408334049921
.adfarm1.adition.com/ Name: UserID1
Value: 7280756310252714124
.de17a.com/ Name: guid
Value: 1.3737103341529263882
.adx.opera.com/ Name: UID
Value: OPU5f45f58a074241809601120fbdf61a68
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: ece55359-3428-5307-808b-9933e581e879
.betweendigital.com/ Name: ss
Value: 1
.fksnk.com/ Name: f_001
Value: 387ECE99160DF9EA
.fksnk.com/ Name: g_001
Value: 1
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1695183179.1.0.1695183179.0.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mediago.io/ Name: __mguid_
Value: c42c57ff2cac5e3e88b82877e9ecb8bc
.bg3.co/ Name: __gads
Value: ID=99b0988d47154f48-22c7698b7dde00a1:T=1695183176:RT=1695183179:S=ALNI_MbaLUjGfJCMwrNWkEIWe59L77xCzw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMID
Value: ZQpxS.EmnVdhzRHNN3Ou-gAA
.casalemedia.com/ Name: CMPS
Value: 1164
.casalemedia.com/ Name: CMPRO
Value: 1164
.amazon-adsystem.com/ Name: ad-id
Value: A-JGwtE5NUf4lGj6eRzRz28
ad.vidver.to/ Name: bidswitch_com
Value: 9b6aa8bd-f40a-4509-8980-2a278c8f1560
.linkedin.com/ Name: bcookie
Value: "v=2&c427ab1f-7bec-4095-818e-9dab28146d6a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTUxODMxODA7MjswMjEy18fxvDwTBKne6amw+4sQHX1imoVtynjnmV6Tn+nmiQ==
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3012:u=1:x=1:i=1695183180:t=1695269580:v=2:sig=AQHpwTb4V1vMDhsG2sX3QflhthHm3mXR"
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-20T04%3A13%3A01%22%7D
.openx.net/ Name: i
Value: d4ce3882-69c0-00e0-007f-e05ed71d2149|1695183181
.openx.net/ Name: pd
Value: v2|1695183182|gen0vNvQiygu
fksnk.com/ Name: AWSALBCORS
Value: NijqDXV7EyEFoas8T+xebfUSjv78rXO4S29FZb43pfPz/xWBIh7TZH3V0oEUxTO0aEjdQXNwYvCZ6wJdC10tCAOHgZdzdYFX1umJyVIeerypwHLgrS7spIOhcg3Z
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129QvxMSu2jHAuM0mpKinJ1nULdzTPDgUAeJSN_R4AAAA
.onetag-sys.com/ Name: OTP
Value: 3N0HYvkdBO_48Hgu3bgR5IEPmUPOtV2rrs1zfk2cp-U
.servenobid.com/ Name: pid_312
Value: 6902073697500061440
.mathtag.com/ Name: uuid
Value: bb51650a-714e-4600-81c8-1ddcfc99a325
.servenobid.com/ Name: pid_337
Value: y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
.betweendigital.com/ Name: ut
Value: ZQpxTgALv9DiDKJB6tUteR3Lqpva_wL2mAM_AA==
.servenobid.com/ Name: pid_318
Value: zdnqNJEDMYG5FGGSQ_Bnny19wIEwbN0jXyGQhIEkzho
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1595eaa3-07ec-5872-5990-8ba5f5311d36.M%2FvoI82u4z%2BgGG3EdRZ3KUyHAGM2w2jtJ8b7i4KeoKc
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1595eaa3-07ec-5872-5990-8ba5f5311d36.M%2FvoI82u4z%2BgGG3EdRZ3KUyHAGM2w2jtJ8b7i4KeoKc
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFZXqowfsWHJZkIul9TEdNh8KrCk.rMFWttZhPoakQV8DmM6rbGHTM4Y4nK7FUDL00x7Sne8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFZXqowfsWHJZkIul9TEdNh8KrCk.rMFWttZhPoakQV8DmM6rbGHTM4Y4nK7FUDL00x7Sne8
.servenobid.com/ Name: pid_333
Value: ZQpxS-EmnVdhzRHNN3Ou_gAABIwAAAIB
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2e0s:196n~2e0s:175w~2e0s:198o~2e0s"
.smaato.net/ Name: SCM
Value: b241b3bb4f
.smaato.net/ Name: SCMv
Value: b241b3bb4f
.creativecdn.com/ Name: u
Value: nvU7prbdnmzMRv9SSl2T
.creativecdn.com/ Name: ts
Value: 1695183182
.lijit.com/ Name: ljt_reader
Value: HWc9sRZHz8dAoh9jRfaaSxBd
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjc0MTY3MDWyMBTiM9Qt8gkoci93MwuNSHICAOvCRr4lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmlqaGEMRAaWBgDCmiK4EAAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjc0MTY3MDWyMBTiM9Qt8gkoci93MwuNSHICAOvCRr4lAAAA
.gumgum.com/ Name: vst
Value: e_02f602d9-9d1c-404b-800f-08a4934009ff
.servenobid.com/ Name: pid_339
Value: y-IHl90L9E2uEV6XCRdaSmUN8Q7pZA6VNJ4SUsHwI-~A
.servenobid.com/ Name: pid_317
Value: 7953013701535579324
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAfcE9olY7z8SwmNqw_g__4HeMxt-2QOvfIty7R3-cDtEAEYAyDP4qmoBjABOgTwi70wQgTEb9Py.0j7yzc3bjvvwDGjniMKtGwv6vFjCHwn84B49SUUpaA4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAfcE9olY7z8SwmNqw_g__4HeMxt-2QOvfIty7R3-cDtEAEYAyDP4qmoBjABOgTwi70wQgTEb9Py.0j7yzc3bjvvwDGjniMKtGwv6vFjCHwn84B49SUUpaA4
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.scoota.co/ Name: tuuid
Value: a2c23137-6be9-494c-987d-eb4238193d83
.scoota.co/ Name: c
Value: 1695183183
.scoota.co/ Name: tuuid_lu
Value: 1695183183
.servenobid.com/ Name: pid_324
Value: 5141210827143705281
.richaudience.com/ Name: pdid
Value: 930f329a-9405-4906-aa74-1zz1695183173
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_fe272700-576b-11ee-9f07-125335d52042
.sitescout.com/ Name: ssi
Value: 79af42bc-2e6f-475d-9a69-83f04ad743cd#1695183183280
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZQpxTwARn09dTAAN
.servenobid.com/ Name: pid_309
Value: e_02f602d9-9d1c-404b-800f-08a4934009ff
.quantserve.com/ Name: d
Value: EAABEwH_KYqsMOyugQA
.servenobid.com/ Name: pid_310
Value: HWc9sRZHz8dAoh9jRfaaSxBd
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJGVAPCa1hATxBLlARwF2dg&KRTB&23025-CAESEJGVAPCa1hATxBLlARwF2dg&KRTB&23386-CAESEJGVAPCa1hATxBLlARwF2dg
.pubmatic.com/ Name: PugT
Value: 1695183182
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY5NTE4MzE4MzUyOCwiMzkiOjE2OTUxODMxODM1MjgsIjciOjE2OTUxODMxODM1Mjh9
.go.sonobi.com/ Name: __uis
Value: 758b3827-7fcb-400d-a091-7a61d93f0eb3
.go.sonobi.com/ Name: HAPLB8G
Value: s8593|ZQpxU
.minutemedia-prebid.com/ Name: wrvUserID
Value: ZXsLY6H-Cp_mm
.servenobid.com/ Name: pid_353
Value: 0000EEA
.pubmatic.com/ Name: SyncRTB3
Value: 1696377600%3A13_220_21
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%23PMUID^1^0
.yellowblue.io/ Name: wrvUserID
Value: vKbLYwT-Cp_s
.3lift.com/ Name: tluid
Value: 2382515013304278464328
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqybqLmA8m21KcuuStJ44l3zRwHVWjHYiVrW4uLSpvhpRWNZkkvtjbryltXeaGqKZZlQFtkXMfAS3oebD9XI3Kh
.lkqd.net/ Name: sr109
Value: 1|b241b3bb4f|1695183183
.lkqd.net/ Name: lkqdid
Value: pjYweVLzbk8
.lkqd.net/ Name: lkqdidts
Value: 1695183183
.servenobid.com/ Name: pid_332
Value: 758b3827-7fcb-400d-a091-7a61d93f0eb3
.us.ck-ie.com/ Name: CID
Value: 65c96639842764ddbf6695e197cbf9cab8050565
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-0012af5a-3a2c-3712-bd2f-87d3939198cb
.servenobid.com/ Name: pid_348
Value: ZXsLY6H-Cp_mm
.servenobid.com/ Name: pid_352
Value: vKbLYwT-Cp_s
.smilewanted.com/ Name: sw_user_params_infos
Value: OCC0%2FBWNrIP2JPRSXyEM7XV32lNYztJSoOa5Yfocxv5InGIoEeUgg70RApiLeWgI2cNmiQ6cGtZahpoPSVUpMzh490K%2BsXMbW%2FzfaSnnlkwsi%2BwJncp8%2B4PI8dULqoi2COMh5cgRr9lM3tpM82yMqTxF2s8hjtrpAzjznwgnXDUxuAr9MkhTJnO6kPN0fkUcBEVdweAfBb4Q5myRqiVOcFbyuUQE7vLxkJ7nRIpNid5euDpbcw8rM9AdjBDqBzT6qOpfXSJQWPeZP9qNy9rKwzcAaUhtJe7CHXp48UqaEV2VOasUCrojM545Da%2F18KY%2Fy3eplPniaWTvW1W0%2F%2FRd4GeDET5B96PA%2FTuBxfMRwHBbm23ZvbqECUQP16dwZiJ8h6ni13K3MhvFgikXBKr3wr25HziPYKwwKfFGGlJwl1JTYfJFwWEkvSqCkCdwhSj3UywyVhWULK2J8bEpfvvRKCfpbjU5Ur7%2BwwFr4GYH9%2FOc9M06SaSVhRd4JYEMgaIm
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.turn.com/ Name: uid
Value: 2702112120411295350
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003%22%7D
.servenobid.com/ Name: pid_321
Value: RX-b2bf15b1-c2df-4347-a90a-ffaf4c1a4595-003
.bidr.io/ Name: bito
Value: AACoGU7KFOMAABi22wyVXw
.bidr.io/ Name: bitoIsSecure
Value: ok
.criteo.com/ Name: uid
Value: 904063b5-d03c-4fcd-9084-e1f68624701c
.bg3.co/ Name: cto_bundle
Value: ULidil81eVhXRzJ4VTdBWmVMWWlGNE45bE84VWlQJTJGaSUyRnFFWHV0NHoxTURLa3hseEZFdHN1UnVYN3BpV1RQbVk4TkYzcUZQUU1ONVZVdEY5enVMNURUNHlqbCUyQkZ5ejRPZ25MZEJJaEtGVEhXJTJCeERFc0pZN1lPenViRHklMkZjUTh2VCUyQjN3RHpyTVRaOUN4RXpZZSUyRkZpNVdXSlJzUSUzRCUzRA
.ads.pubmatic.com/ Name: KCCH
Value: YES

70 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202309/27349548c3801581c95f5f612d4bdaef.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/472bf7b12c624421fe2a063fd56dbf04.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c5f49ce7de04ac7fc3fd373bf4bd62e2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/98169da0cb97f941385b0851c349a51f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/3a41a991d611add62bf534cf5d4af6eb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/c1664850ab90683c7b5f65bdd3129942.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/65690686bd6e7d2b0bf8c866caf5b21a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/f60843e3c98493ed70a27583b12f9b9e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/6d9c3cbedd7f5242ee146aec16a9cb2b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/48446f0ca6db61d7ad7df33310ec3d17.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/0247a2373cacefd1b929dfc985830394.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/bbe46b29be6944d029a61cc8438197ca.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/0856292fb9c4de31c60f84fdbd184491.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/839bacee28b10bcff0ada4ff29db28bd.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/48888a57beb1338aa5d50108de28271b.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/7ed6f5240e5ef3a47a26341e2887af7b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9b4590b9692e5b2626b8451d260c1598.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9bbc727e93bca57cdcc6983a2af591d4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/8e54a58bfd3dd7a9ba64e68b5f28f7aa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/d236bc47e32d95bb9ecd83c443c1d5f9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/521ac69c1cb13c96498e04c614d51fe5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/b7d405bdfe2b89d374c3dfbca0faf9f4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/d3be49ec01cc01ed7f71421d74b943a9.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2244fa67cbe08129a99c3c3d6dda1304.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0ff1fe5aec30ed437d033a15bcdd7f7d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/cad7436db958738698367d74db18157a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e785f059fd171e53b520924f35495690.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/40ab61596e41dbb6df04096f6d2921fb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/74bd8e18b8ce2e4569d920f7032d17d2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e75b7875206ed1ea94197d0297400c23.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/10f85c5c8f67706480a6d94d6098d137.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/13470bba5736188f07157e36b97dca75.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/2f560803a0ecf5eda28346d6d9cef38d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 491)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 491)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EveGluZy1qaS1jYW4tdGluZy14aW4tY2FpLWRhbi1jaGktaHVvLWJ1LXpoaS1kYW8tZGUtc2hlLXNoYW5nLWxpYW5nLXFpLXdlbi1odWEtZG9uZy1mYW5nLXlhLWdlLXhpbi1jYWktc2hhbmctemh1by5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMR8ANM5-13-2P8A
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0lowRyxE2oU3V8iB_2_AVIz6CKnnT6vrxuCro3I-~A&redirect=
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 491)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5gyxS3EKZd65CbORjuwPneCRgAuRwdCbafvwg5LcD_AuEAEg0syBGmD1pciB1ATIAQmpAoZi29Hs6rE-qAMByAObBKoEjwJP0NTMP2zYb9tosmiHWDtdeA3LIv7LsluCW5US_FB_BKJ9QkCUsB9IJBPrMIdncbO9JsTt3Cp-arhPLdevZqJsbakyo1yqfr17coMHE2J341btTrwT_6gw-cC4fBlgbbFjiBvDV0iLCLyRYgKlj8X9Hck0CQGB2zx8pnqq1UwDuNoYzjneXcaTxaqPXIDDmxURop4XrJirT4YLxSsSzwJNocNb9E8XAqjn3BOA1dSk7e_RuSN3bcL_BPBfaEo4bM-mvVdJ3NZz-oh647ugL_x_chYoEnU88JBE1xrpqV-orcaqhv3of-PTUyE-NyNNiXasy-eqt3waEuAPVZERiCdJHvwWDP4umvGSVDqj8M78wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMInovkuam4gQMVs4iDBx0dcASwEAEYASAAEgIjm_D_BwE%26num%3D1%26cid%3DCAQSPwBpAlJWTvlemUh3FRy64IIBLndKiFelhYGQhg_CSCboxyIFt38BZY0MlcVSSoCYRA8BkkvzcLDn4RLHUr_zsRgB%26sig%3DAOD64_14bkA6vgjms7CKsurid33kdWh0pA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A6c3MTrXTn_Dfcwm9g5UNuzp_3d0VTyyYUfhGEZZ5IogVbJOz01fOAQJ3zYBx2iP9b_f-yHYxoxE-zwWcbHdTovhpUSJDo-1s17K9fo6NwIyUGedcUblT61ZmRInKXX4tHRvng95qUDOysDpLpGlzxjHE4rDbek7U_hpo6VV-WtvDggPY%26cry%3D1%26dbm_d%3DAKAmf-C5uiOfoH4Jo8FVFQGuNDlxRB1xp0jYIZgKUAR1LV3G2qji6PHaQ9blZG_KR5hV7xuVKFTzSRZiTwddun8ymrDUSRp-FuplBqRU2YPNGDBdeKk8xlC2VxPH5omTbXYXAn_4nADP2rMOo8oe6e4gf3WgZmbDMB1NVbBDLW9-DXZgXufhdV7wqBcA3pDneC2PYdtST_oc9dp45GiZj34knxy-z3AE2sCKjxt05_JbI8xr35DS6hisQJquMoH4f5L2KedNlw6Mlm-ID0WAaQlSz-Fabmcz6TwVZLPdAT9GYniL0SMqvShlJ0J9SmXURw37mMYibc5qTayTsFC-8vWB7GxZ39Odgw_r_S58NO4yPmp3OMJPfcQjxpi4ZsNIX3yp9mhiQSXObfiN_ZXAGvzNRn8QXcqiE-vYqcWumAN3khSoBD08xXvUJc8Mm6FpStcatgmN1sXjuq3XNFfB4e5UYttBeKveYGJaBpUyX31z5zP2WRbdRzpjdJ17xFVg6xKXAIql48Eh7sSPw9ofbHoiNcPwZK09LJZ5QZHjQNYciDMRoJgUB_8gJUnoToUxprSzy79XM78ounhmJbPdICS_9_Woznq2_REMURxZrhY5_uuF5Y7TXY-gS__yYxK8tDq4MS3JLBiice9cBrodrhZysFKlP7y1UDx7gGiDp5vxnykyHDDE4EZMjoq_2csmiB1rACV_z_5q%26adurl%3D
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_02f602d9-9d1c-404b-800f-08a4934009ff&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6902073697500061440&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://usersync.gumgum.com/usersync?b=oth&i=y-fgKSfXZE2perXFWIqRy2ewYJVPGY4C5EI6vO~A
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=apn&i=6902073697500061440
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79646478&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=sad&i=7953013701535579324
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LMR8ANM5-13-2P8A
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=opx&i=f05fa3ab-e852-0741-3dd2-385b7b6a13f2
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D79af42bc-2e6f-475d-9a69-83f04ad743cd-650a714f-4348%2526gdpr%253D0%2526gdpr_consent%253D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=mag&i=LMR8ANM5-13-2P8A
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.yellowblue.io/cs?aid=11601&id=718aef75712626221be5347fe8286&gdpr_consent=&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://static.bg3.co/imgs/202309/702ccca2ea9ff70fbc0c93cf9913fc73.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70553668&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

631b0855dac6dd5d502edc972ff7f9b3.safeframe.googlesyndication.com
a.rfihub.com
a.teads.tv
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mox.tv
ad.turn.com
ad.vidver.to
ad.vidverto.io
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adx3.adform.net
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
c21lg-d.media.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.vidverto.io
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.lkqd.net
cs.media.net
cs.yellowblue.io
csi.gstatic.com
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e0413bc25a06952e4f87cbbe16be312e.safeframe.googlesyndication.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
r.scoota.co
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
visitor.omnitagjs.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
ad.360yield.com
b1sync.zemanta.com
bh.contextweb.com
cs.admanmedia.com
cs.yellowblue.io
dis.criteo.com
hal9000.redintelligence.net
image6.pubmatic.com
match.deepintent.com
pixel-us-east.rubiconproject.com
rtb-csync.smartadserver.com
rtb.gumgum.com
static.bg3.co
sync.adkernel.com
sync.admanmedia.com
sync.aralego.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.outbrain.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tg.socdm.com
um.simpli.fi
usersync.gumgum.com
visitor.omnitagjs.com
103.231.174.251
104.16.86.20
104.18.25.18
104.18.26.193
104.20.218.77
104.22.68.131
104.26.5.103
13.107.42.14
13.248.245.213
13.32.27.67
141.95.98.64
142.250.185.130
142.250.185.170
142.250.185.99
142.250.186.136
142.250.186.138
142.250.186.161
142.250.186.34
145.40.97.67
15.197.193.217
151.101.130.137
151.101.65.108
151.101.66.49
152.199.21.70
162.210.196.208
172.217.16.195
172.217.18.100
172.217.18.2
172.217.23.98
175.110.113.208
175.110.113.213
178.250.1.3
178.250.1.8
178.250.7.13
18.157.194.184
18.66.112.58
18.66.147.106
18.66.97.31
184.30.16.195
184.30.21.51
184.30.22.30
184.72.108.234
185.180.223.67
185.184.8.90
185.255.84.150
185.29.134.248
185.84.60.29
185.86.138.150
185.86.138.151
192.96.203.13
193.0.160.130
198.47.127.18
198.47.127.19
198.47.127.205
2.18.160.23
2.19.126.84
2.21.20.220
20.127.253.7
212.8.243.37
213.155.156.183
213.19.162.45
216.239.34.36
216.52.2.48
216.52.2.86
216.58.206.34
216.58.206.38
216.58.208.99
216.58.212.129
23.201.255.110
23.212.88.20
23.97.225.52
3.127.138.223
3.216.96.7
3.71.149.231
3.72.148.229
34.107.148.139
34.242.185.58
34.247.205.196
34.255.44.222
35.186.253.211
35.208.249.213
35.244.159.8
35.244.174.68
37.157.2.229
37.157.5.132
37.252.171.21
46.228.164.11
46.228.174.117
50.16.128.129
51.83.220.94
51.89.9.254
52.204.164.185
52.214.251.135
52.31.253.130
52.46.130.91
52.57.130.135
54.164.186.38
63.35.23.211
67.220.228.203
69.166.1.35
69.173.144.137
69.173.144.138
69.173.144.139
69.20.43.192
72.246.168.23
8.2.108.194
82.145.213.8
85.114.159.118
91.228.74.251
96.46.183.20
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05d72e8d2f2fb1f3e8e3cc5996e980da6f04cceec2f6c1fda6164f692a323146
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ee9aef9ed67cec36ee3020adfc75dc2b6f7a788618ae3eb47343292dc22b8c8
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
132429f275b7375948a384f277f6a7266d3cf8ae6034466b64a4a6ae4b5e0b1d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
1a4dc19ff4252e47630d51b345780b1b96b9c6a21ff358266e9d60bf8c715ac2
1b46d0f1718506335e249e68bc2250b9156348d5fc916ea2af50a82749ae0cfa
1bce2b8645bae6675164e4bb4210fd68ebfb6aacc8a49a008c50cbacda268bbd
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c5da30be7e9c3f69c373a01f3a78e2c6b4c7c9acc547fca3c37f11618bccdd3
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2565825a68af3ad0b8b9538c9b9850af2031cd7dc5bc70ed31951c1155f55930
25e4215801dd78a58f8b197dbd0ff129fc0db6fe85d8fa6be918a3c80df4b390
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26dadea2a6154a0c2c1eaedd61eea4d61e4134433897ee9d620ca93f7b984952
284af4aaafdbb86887a8f1f45feb84b6d633f300791efde1eb19c076772ef638
2a94f14cf27cc9e52ced463877173dc1025bba2179e94e635ef4862392076d79
2c22f8537d2baacdf4aca6e0e5f8959be5d89785fe67a23d5239a5da697ab4c7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
30bdf82816190e65c8c6c0fd833cc4f21dd641eb6311a467d2ba48c84882d400
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c
3a2eb12bb31b6137ebf9011835d5f91947ebe8113118e575de36de68182b7e57
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
4830a78ee0a1d53545ad3c0678dc9981891e488ecf093b052f5e26d8a3f7d3b4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a3f733fef7fef6fa38e1fbdebc344c91949dae96eeed5cc5d10c4e024b5339f
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5130a665876baa408752889a5a7f498cff3d14b4ce42b0a0aaa9c76bd5bdd682
51578d8cb5aabd0461bad98b9742d32311ba95e6cdf991b71c22737c5adf4bfa
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719693f4791356738d5fec2cf83ef9583e6b62aa9ee802cf1c7f84f23be3288
5913a21ea96ba4c84284c9da6fe33fe9e8842fec1576e65c8c9f24b3f540ace4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5edc0991cd47a3871cf46e2b201b41d8795790d8bad3d0b21f502d19b88953b4
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620ffdaa666bbf15e58038ef061ba78acbf5729c714fa3e991c025089009c23c
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6417c65a57cd68bc0e5e18cf23b47ee22d6c9643d6b2987c6dbed425baebf25b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6eb9a1320488ed44177d468f5ab5b2f3086582b225a743ed3be8b5b930cb2b52
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
75273e7813ff85080a5dd7a7db27cb712105c1cca85be63cb4a072ab1a3623b2
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79ccf8a90f2ef3125f3dccf4b46c2395c7418e2a681398396febeac40cbb61f2
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7e90c0daa9394a22d661c61b084cb1400dfc30a5e829aefab2a5f9f5aec5c8c1
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7ef0d07ef382199fc5a9093bcf0e78be7de2651ab7aeaa35e4134ef53b679206
7f35f83071a3c2e2026ed7f2b89b536c2c6a116bd99ae1cff343c0ecba7e9212
8107fb840cf7147311362230ba32a48379068cadad5fa70071e26945641cc8a4
811f9d79c598a546abace0ae233a4ec675ec39ac4155a37e1df6a6f50a7849cf
81c3793291bd5e110d6f7040b2b588e92e28bc3530ddbf36d6965f43658f38f4
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
894890679188626438bf9769865a24d25c4fd944f7c85fd0eaf3b7c507c08d43
8be5f11b40d73f6965e5d69189d533173aca057616a3b573316868678c132bfd
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d56170cfaeabd0af8a8329231f655ba79082cc922a845cef954c311a3e21c76
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94d24d38cbc44ff8e2821d5172b11409ce6c6c0485fd3a3c2ea56c679a6aaa61
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb6eb34f7f63470279f6c85a38a0407adfe53b4187264f4ab71553b78d7928e
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9de83925d0c33eaafa51ca8f83d2e54f0a5dfc5f1c046acc35ed737c9696b943
9f1ab26a5ab9c0c0ad06a4e58d4570c1c429f2cf2425b0147ccc32cb08cac5a7
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2453f57b84b20e70c39ff36f3c5d5c8e77656e9decc211a6efec5a1bb183908
a285614cc6b1ceb45c9d96e64f2562615845a8797257dd6856219e87e075d9ff
a4b630a3d20d285aa276fc6e21adcefa18ff9ec3626c8381f3d1ff719d3cd4c3
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ab4bffbde9e4dea3962da0838d43736f7ba405dc6951adc8bdba3df19b1dac15
abf71c669264b2ea4ce52ba6773bed91327c7fae09bcd730f043948a18b00b28
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
ad78de3623e2f8abfa89848e122d733e512f6c2a974522420f1bcbc9d0ffcca7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20c191a1de029738ab0e25c1125a5821a32027abb52f93e7e5e513a49824324
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776
bf0d89f6cf945fd7ed047ad6a1f84ff45691eaa0df367e0d808dc1db9beea0b8
bf8610f26164e6dc650c5098ffe6c2afe9542d901df2ed2d4d33726912150c6d
bfeaa45d336bfe06c6af0da6fceb989f1af0ab382814bb1b792936cb66ab022d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c7abc6940b2361f2e9d5d234b231046f5ae4e948e6cda367b28f0642bf279f90
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cef2b5f5d714132cca343253ca521b5420bcfc65804b061a932eb4d0da6e785b
d04094f15b201a96332ab0d1521762f1565b06b8918c0f71cb94e79f30825fb1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d42e900c4f328ef096deeba2f8ba33a23ecd80d8e1b5ce06e7c48c65cacfc02e
d4ffa36c3282ba25a2b7c2058b40b7d87ba192fe76a70cede2b1f3435b37ef1e
da7391ce395f4b46dc145d7c6f87caa46e5ce4fab869a1419d792c6269b45009
da82a167a0dfa335e93bf025500108cac8446a13c7b455868209bae630c2107e
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dd0adc663259326257e922b9eae5b6933e7409c5e95b3142e30715da1abbc5ca
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e199eb95ef80a94d4b0cf9380988a76b71daa735b0db058d5f1e301c8778324a
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53c5eee221fd5d08b77632cc1fa32ea1a561a312db5064dcb7fdb9ea8e158da
e5418455c8aeb00641fe667756925987132c1054275a3d2065399105691fb277
e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7012e9773f9fe3e6453e6431888caa3caf960dcf5faa0a32d3b21b60a6b802
f0064719c29801c85d311d8dab8c9fbf6c354854ce74c9ec155dfc2e281c7b62
f1a59c8ecc4254d28cc190063de73a1400c86f0c2e63fff57c031b997551f86e
f1f999e84cb28c6d16dc1274bd3ba0af473c922e6c9b8231b884e661eff3970f
f6198e3d3f250c3d334ee0a75a5b67045aecb8e59b385eb31f9069d57505136b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa5d1a9443bad567a0c0789bd579227ce1eccc1c97f2acf7904edb651b7455b9
fcfbd2b447ce36ebcde81fc54e95a738e8d7b199f84215da1d647fcbdf0be8ef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0