urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Submission: On September 06 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 10 countries across 85 domains to perform 612 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 754565.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 142.250.186.129 15169 (GOOGLE)
19 216.58.212.130 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
1 3 192.96.203.13 30633 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 152.199.21.70 15133 (EDGECAST)
5 95.101.54.200 20940 (AKAMAI-ASN1)
51 151.101.1.44 54113 (FASTLY)
2 69.16.175.42 20446 (STACKPATH...)
7 178.250.7.13 44788 (ASN-CRITE...)
43 142.250.181.226 15169 (GOOGLE)
1 18.66.127.127 16509 (AMAZON-02)
1 104.22.52.86 13335 (CLOUDFLAR...)
2 104.16.88.20 13335 (CLOUDFLAR...)
24 178.250.1.3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 172.217.16.193 15169 (GOOGLE)
18 185.165.240.175 49981 (WORLDSTREAM)
5 142.250.185.226 15169 (GOOGLE)
4 151.101.129.44 54113 (FASTLY)
18 185.106.33.48 200478 (TABOOLA-AS)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
3 5 162.210.196.208 30633 (LEASEWEB-...)
10 23.97.225.52 8075 (MICROSOFT...)
1 162.19.138.83 16276 (OVH)
1 142.250.185.234 15169 (GOOGLE)
3 16 51.75.86.98 16276 (OVH)
4 142.250.185.74 15169 (GOOGLE)
1 1 51.83.220.94 16276 (OVH)
9 13 18.158.83.223 16509 (AMAZON-02)
3 7 178.250.7.11 44788 (ASN-CRITE...)
1 185.180.223.221 49981 (WORLDSTREAM)
10 141.226.228.48 200478 (TABOOLA-AS)
2 2 2.19.70.117 16625 (AKAMAI-AS)
10 95.101.149.233 16625 (AKAMAI-AS)
4 7 52.210.175.116 16509 (AMAZON-02)
13 52.223.40.198 16509 (AMAZON-02)
1 4 91.228.74.208 16509 (AMAZON-02)
1 172.217.16.195 15169 (GOOGLE)
2 185.255.84.150 200271 (IGUANE-)
2 95.101.149.35 16625 (AKAMAI-AS)
7 172.67.10.198 13335 (CLOUDFLAR...)
2 7 35.186.253.211 15169 (GOOGLE)
2 178.250.7.10 44788 (ASN-CRITE...)
3 145.40.97.66 54825 (PACKET)
2 3.75.75.174 16509 (AMAZON-02)
3 12 104.18.39.155 13335 (CLOUDFLAR...)
4 8 185.89.210.46 29990 (ASN-APPNEX)
2 34.107.148.139 396982 (GOOGLE-CL...)
2 69.173.144.137 26667 (RUBICONPR...)
2 213.19.162.45 26667 (RUBICONPR...)
2 52.58.98.136 16509 (AMAZON-02)
2 108.128.60.227 16509 (AMAZON-02)
6 35.244.159.8 15169 (GOOGLE)
3 185.29.132.245 30419 (MEDIAMATH...)
1 3 69.173.144.138 26667 (RUBICONPR...)
6 13 69.173.144.139 26667 (RUBICONPR...)
11 22 142.250.185.98 15169 (GOOGLE)
1 1 5.196.111.69 16276 (OVH)
3 35.244.174.68 15169 (GOOGLE)
1 3 209.54.182.161 16509 (AMAZON-02)
3 5 185.64.190.79 62713 (AS-PUBMATIC)
1 3 198.47.127.205 3257 (GTT-BACKB...)
2 6 3.71.149.231 16509 (AMAZON-02)
1 2 175.110.113.205 49981 (WORLDSTREAM)
1 172.64.196.38 13335 (CLOUDFLAR...)
2 142.250.186.104 15169 (GOOGLE)
4 3.233.155.50 14618 (AMAZON-AES)
2 2 37.157.5.84 198622 (ADFORM)
2 4 52.94.222.140 16509 (AMAZON-02)
21 216.58.212.129 15169 (GOOGLE)
7 172.217.16.194 15169 (GOOGLE)
2 142.250.184.238 15169 (GOOGLE)
1 142.250.186.38 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
5 190.2.151.7 49981 (WORLDSTREAM)
1 69.173.151.100 26667 (RUBICONPR...)
1 18.239.50.115 16509 (AMAZON-02)
7 142.250.186.164 15169 (GOOGLE)
1 13.107.42.14 8068 (MICROSOFT...)
2 142.250.181.227 15169 (GOOGLE)
4 216.239.32.36 15169 (GOOGLE)
1 108.177.15.155 15169 (GOOGLE)
3 178.250.1.17 44788 (ASN-CRITE...)
2 178.250.7.9 44788 (ASN-CRITE...)
2 142.250.185.66 15169 (GOOGLE)
6 74.125.69.94 15169 (GOOGLE)
7 142.250.186.162 15169 (GOOGLE)
1 185.84.60.21 198622 (ADFORM)
3 178.250.1.6 44788 (ASN-CRITE...)
2 178.250.1.9 44788 (ASN-CRITE...)
3 104.17.24.14 13335 (CLOUDFLAR...)
10 178.250.7.19 44788 (ASN-CRITE...)
9 178.250.1.25 44788 (ASN-CRITE...)
3 95.101.148.20 16625 (AKAMAI-AS)
3 18.194.15.213 16509 (AMAZON-02)
2 185.86.138.152 201081 (SMARTADSE...)
2 104.75.89.75 16625 (AKAMAI-AS)
3 13.248.245.213 16509 (AMAZON-02)
1 3 37.157.3.26 198622 (ADFORM)
1 18.184.190.66 16509 (AMAZON-02)
1 1 141.95.32.69 16276 (OVH)
1 178.250.7.12 44788 (ASN-CRITE...)
612 100
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
11    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
cdn.ampproject.org
19    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
securepubads.g.doubleclick.net
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
3    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
4    104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
5    95.101.54.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-200.deploy.static.akamaitechnologies.com
cdn.adpushup.com
51    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
videos.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
7    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
43    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
1    18.66.127.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-127.fra60.r.cloudfront.net
cdn.prod.uidapi.com
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
24    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f1.1e100.net
6cd7bf16590c4acd6252f188e987571d.safeframe.googlesyndication.com
a2efcd6d92f8c72da0402e7aedaff86e.safeframe.googlesyndication.com
59bb09cd39c83dd241c255c34c1f4719.safeframe.googlesyndication.com
18    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.vidverto.io
5    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googletagservices.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
18    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
5    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
10    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
16    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
4    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
imasdk.googleapis.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
13    18.158.83.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-83-223.eu-central-1.compute.amazonaws.com
x.bidswitch.net
7    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    185.180.223.221 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net
ad.vidver.to
10    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
am-wf.taboola.com
2    2.19.70.117 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-70-117.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    52.210.175.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-175-116.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
13    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    91.228.74.208 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
d-3017157876154211517.ampproject.net
2    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
7    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
7    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    3.75.75.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-75-174.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
12    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
8    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    213.19.162.45 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    52.58.98.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-98-136.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    108.128.60.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-60-227.eu-west-1.compute.amazonaws.com
ads.servenobid.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
adpushup-d.openx.net
3    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
13    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
22    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    5.196.111.69 (Le Grau-du-Roi, France)

ASN16276 (OVH, FR)
PTR: ip69.ip-5-196-111.eu
ssbsync-global.smartadserver.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
simage2.pubmatic.com
6    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    175.110.113.205 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-205.hosted-by-worldstream.net
ad.mox.tv
1    172.64.196.38 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
2    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
4    3.233.155.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-155-50.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
2    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
21    216.58.212.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f1.1e100.net
tpc.googlesyndication.com
7    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
googleads.g.doubleclick.net
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
1    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
s0.2mdn.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
5    190.2.151.7 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-151-7.hosted-by-worldstream.net
cdn.vidverto.io
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    18.239.50.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-115.ams58.r.cloudfront.net
rules.quantcount.com
7    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
4    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net
stats.g.doubleclick.net
3    178.250.1.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
6    74.125.69.94 (United States)

ASN15169 (GOOGLE, US)
PTR: iq-in-f94.1e100.net
csi.gstatic.com
7    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pubads.g.doubleclick.net
1    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
3    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.nl3.eu.criteo.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    178.250.7.19 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
9    178.250.1.25 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
3    18.194.15.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-15-213.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    18.184.190.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-190-66.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    141.95.32.69 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-004.roqad.pl
ws.rqtrk.eu
1    178.250.7.12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
Apex Domain
Subdomains		 Transfer
84 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1076
trc.taboola.com — Cisco Umbrella Rank: 674
vidstat.taboola.com — Cisco Umbrella Rank: 2913
il-trc-events.taboola.com — Cisco Umbrella Rank: 17784
images.taboola.com — Cisco Umbrella Rank: 1811
videos.taboola.com — Cisco Umbrella Rank: 5707
imprammp.taboola.com — Cisco Umbrella Rank: 13424
am-match.taboola.com — Cisco Umbrella Rank: 13561
wf.taboola.com — Cisco Umbrella Rank: 3138
am-vid-events.taboola.com — Cisco Umbrella Rank: 12698
vidstatb.taboola.com — Cisco Umbrella Rank: 5470
sync.taboola.com — Cisco Umbrella Rank: 1143
pips.taboola.com — Cisco Umbrella Rank: 1685
cds.taboola.com — Cisco Umbrella Rank: 2059
sync-t1.taboola.com — Cisco Umbrella Rank: 1485
am-wf.taboola.com — Cisco Umbrella Rank: 14755
2 MB
67 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
6cd7bf16590c4acd6252f188e987571d.safeframe.googlesyndication.com
a2efcd6d92f8c72da0402e7aedaff86e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
59bb09cd39c83dd241c255c34c1f4719.safeframe.googlesyndication.com
702 KB
56 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
pubads.g.doubleclick.net — Cisco Umbrella Rank: 430
567 KB
43 criteo.net
static.criteo.net — Cisco Umbrella Rank: 653
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8975
csm.eu.criteo.net — Cisco Umbrella Rank: 8658
256 KB
33 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1188
eus.rubiconproject.com — Cisco Umbrella Rank: 656
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 981
fastlane.rubiconproject.com — Cisco Umbrella Rank: 557
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2455
pixel.rubiconproject.com — Cisco Umbrella Rank: 385
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1232
token.rubiconproject.com — Cisco Umbrella Rank: 662
79 KB
27 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 455
dis.criteo.com — Cisco Umbrella Rank: 633
bidder.criteo.com — Cisco Umbrella Rank: 866
ads.eu.criteo.com — Cisco Umbrella Rank: 8559
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9381
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9434
widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 16542
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15092
176 KB
23 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 31959
cdn.vidverto.io — Cisco Umbrella Rank: 43491
430 KB
16 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 799
9 KB
15 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 369
grid.bidswitch.net — Cisco Umbrella Rank: 1197
27 KB
15 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1391
rtb.openx.net — Cisco Umbrella Rank: 796
google-bidout-d.openx.net — Cisco Umbrella Rank: 1399
eu-u.openx.net — Cisco Umbrella Rank: 2750
us-u.openx.net — Cisco Umbrella Rank: 518
adpushup-d.openx.net — Cisco Umbrella Rank: 25659
8 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15734
e3.adpushup.com — Cisco Umbrella Rank: 18621
281 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
3 KB
13 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490
ups.analytics.yahoo.com — Cisco Umbrella Rank: 352
5 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 645
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629
r.casalemedia.com — Cisco Umbrella Rank: 1668
24 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 399
220 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
8 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 746
image2.pubmatic.com — Cisco Umbrella Rank: 1056
simage2.pubmatic.com — Cisco Umbrella Rank: 896
2 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 279
secure.adnxs.com — Cisco Umbrella Rank: 500
acdn.adnxs.com Failed
6 KB
8 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 37628
sync.aralego.com — Cisco Umbrella Rank: 3214
4 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
4 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106
4 KB
7 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6963
csync.smilewanted.com — Cisco Umbrella Rank: 3056
static.smilewanted.com — Cisco Umbrella Rank: 11944
16 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 1977
817 B
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 660
adx3.adform.net — Cisco Umbrella Rank: 62285
cm.adform.net — Cisco Umbrella Rank: 1256
2 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 666
eb2.3lift.com — Cisco Umbrella Rank: 440
2 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1453
contextual.media.net — Cisco Umbrella Rank: 712
c21lg-d.media.net Failed
12 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
imasdk.googleapis.com — Cisco Umbrella Rank: 521
818 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
283 KB
4 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9350
1009 B
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1581
criteo-sync.teads.tv — Cisco Umbrella Rank: 2585
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1322
pixel.quantserve.com — Cisco Umbrella Rank: 1108
cms.quantserve.com — Cisco Umbrella Rank: 933
10 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15983
42 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 610
69 B
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249
14 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 920
3 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1723
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 730
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1285
1 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1027
406 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1180
817 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
88 KB
2 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 46109
303 B
2 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2661
public.servenobid.com Failed
2 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4269
visitor.omnitagjs.com Failed
617 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351
3 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 828
id5-sync.com — Cisco Umbrella Rank: 432
27 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 820
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27806
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16086
c.statcounter.com — Cisco Umbrella Rank: 10633
15 KB
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3832
352 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2249
44 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 405
649 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1255
633 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
17 KB
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 23946
3 KB
1 ampproject.net
d-3017157876154211517.ampproject.net
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 55771
155 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10548
258 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1537
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1891
3 KB
1 bg3.co
www.bg3.co — Cisco Umbrella Rank: 754565
static.bg3.co Failed
13 KB
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 ck-ie.com Failed
us.ck-ie.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 richaudience.com Failed
sync.richaudience.com Failed
0 lijit.com Failed
ap.lijit.com Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 thebrighttag.com Failed
s.thebrighttag.com Failed
0 krxd.net Failed
beacon.krxd.net Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 dotomi.com Failed
openx2-match.dotomi.com Failed
0 redintelligence.net Failed
hal9000.redintelligence.net Failed
0 indexww.com Failed
js-sec.indexww.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 yieldmo.com Failed
sync-criteo.ads.yieldmo.com Failed
0 yieldlab.net Failed
ad.yieldlab.net Failed
0 tremorhub.com Failed
criteo-partners.tremorhub.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 mediavine.com Failed
exchange.mediavine.com Failed
0 ivitrack.com Failed
matching.ivitrack.com Failed
0 360yield.com Failed
ad.360yield.com Failed
match.360yield.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
612 85
Domain Requested by
43 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
www.bg3.co
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
24 static.criteo.net securepubads.g.doubleclick.net
cdn.adpushup.com
static.criteo.net
ads.eu.criteo.com
23 images.taboola.com www.bg3.co
22 cm.g.doubleclick.net 11 redirects onetag-sys.com
google-bidout-d.openx.net
eus.rubiconproject.com
googleads.g.doubleclick.net
www.bg3.co
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
pagead2.googlesyndication.com
19 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
18 il-trc-events.taboola.com www.bg3.co
18 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
16 onetag-sys.com 3 redirects ad.vidverto.io
cdn.adpushup.com
onetag-sys.com
csync.smilewanted.com
16 cdn.taboola.com www.bg3.co
cdn.taboola.com
13 match.adsrvr.org www.bg3.co
onetag-sys.com
imprammp.taboola.com
am-match.taboola.com
google-bidout-d.openx.net
eus.rubiconproject.com
cdn.adpushup.com
googleads.g.doubleclick.net
13 x.bidswitch.net 9 redirects am-match.taboola.com
ads.eu.criteo.com
widget.nl3.eu.criteo.com
onetag-sys.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 imageproxy.eu.criteo.net ads.eu.criteo.com
10 eus.rubiconproject.com ads.aralego.com
imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
cdn.adpushup.com
10 e3.adpushup.com www.bg3.co
9 csm.eu.criteo.net ads.eu.criteo.com
9 pixel.rubiconproject.com 2 redirects onetag-sys.com
eus.rubiconproject.com
ads.eu.criteo.com
widget.nl3.eu.criteo.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
7 googleads.g.doubleclick.net cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 rtb.openx.net 2 redirects cdn.adpushup.com
adpushup-d.openx.net
7 pr-bh.ybp.yahoo.com 4 redirects imprammp.taboola.com
am-match.taboola.com
adpushup-d.openx.net
7 dis.criteo.com 3 redirects ads.eu.criteo.com
7 gum.criteo.com cdn.taboola.com
static.criteo.net
gum.criteo.com
cdn.adpushup.com
6 csi.gstatic.com imasdk.googleapis.com
6 ups.analytics.yahoo.com 2 redirects ads.eu.criteo.com
widget.nl3.eu.criteo.com
onetag-sys.com
6 ib.adnxs.com 4 redirects cdn.adpushup.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 cdn.vidverto.io www.bg3.co
5 image8.pubmatic.com 3 redirects onetag-sys.com
5 htlb.casalemedia.com cdn.adpushup.com
5 sync.aralego.com 3 redirects ads.aralego.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 www.googletagservices.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
4 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
4 token.rubiconproject.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects google-bidout-d.openx.net
eus.rubiconproject.com
4 http-intake.logs.datadoghq.com cdn.adpushup.com
4 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
4 trc.taboola.com cdn.taboola.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 am-wf.taboola.com vidstat.taboola.com
3 cm.adform.net 1 redirects ads.eu.criteo.com
widget.nl3.eu.criteo.com
3 eb2.3lift.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
cdn.adpushup.com
3 match.sharethrough.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
csync.smilewanted.com
3 contextual.media.net ads.eu.criteo.com
widget.nl3.eu.criteo.com
cdn.adpushup.com
3 cdnjs.cloudflare.com ads.eu.criteo.com
3 cat.nl3.eu.criteo.com ads.eu.criteo.com
3 ads.eu.criteo.com cdn.adpushup.com
googleads.g.doubleclick.net
3 us-u.openx.net google-bidout-d.openx.net
adpushup-d.openx.net
3 s.amazon-adsystem.com 1 redirects onetag-sys.com
eus.rubiconproject.com
3 id.rlcdn.com onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 sync.mathtag.com onetag-sys.com
3 prebid.a-mo.net cdn.adpushup.com
3 ads.aralego.com 1 redirects ads.aralego.com
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 simage2.pubmatic.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
2 r.casalemedia.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
2 criteo-sync.teads.tv ads.eu.criteo.com
widget.nl3.eu.criteo.com
2 sync-t1.taboola.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
2 rtb-csync.smartadserver.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
2 secure.adnxs.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
2 widget.nl3.eu.criteo.com ads.eu.criteo.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 cat.fr3.eu.criteo.com www.bg3.co
2 fonts.gstatic.com ad.vidverto.io
2 www.google-analytics.com www.bg3.co
2 c1.adform.net 2 redirects
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 ad.mox.tv 1 redirects onetag-sys.com
2 ads.servenobid.com cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 prebid.media.net cdn.adpushup.com
2 grid.bidswitch.net cdn.adpushup.com
2 bidder.criteo.com cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 a.teads.tv cdn.adpushup.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 secure-assets.rubiconproject.com 2 redirects
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 videos.taboola.com www.bg3.co
2 oajs.openx.net 1 redirects www.bg3.co
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 static.smilewanted.com csync.smilewanted.com
1 ws.rqtrk.eu 1 redirects
1 adpushup-d.openx.net cdn.adpushup.com
1 e1.emxdgt.com ads.eu.criteo.com
widget.nl3.eu.criteo.com
1 adx3.adform.net imasdk.googleapis.com
1 pixel.quantserve.com www.bg3.co
1 stats.g.doubleclick.net cdn.ampproject.org
1 px.ads.linkedin.com eus.rubiconproject.com
1 rules.quantcount.com secure.quantserve.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 cds.taboola.com cdn.taboola.com
1 s0.2mdn.net imasdk.googleapis.com
1 pips.taboola.com cdn.taboola.com
1 59bb09cd39c83dd241c255c34c1f4719.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 eu-u.openx.net google-bidout-d.openx.net
1 sync.taboola.com am-match.taboola.com
1 a2efcd6d92f8c72da0402e7aedaff86e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 vidstatb.taboola.com www.bg3.co
1 amp.analytics-debugger.com cdn.ampproject.org
1 image2.pubmatic.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 d-3017157876154211517.ampproject.net cdn.ampproject.org
1 secure.quantserve.com cdn.adpushup.com
1 imprammp.taboola.com vidstat.taboola.com
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 fonts.googleapis.com cdn.taboola.com
1 id5-sync.com cdn.id5-sync.com
1 6cd7bf16590c4acd6252f188e987571d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 ads.stickyadstv.com Failed csync.smilewanted.com
0 us.ck-ie.com Failed csync.smilewanted.com
0 ads.betweendigital.com Failed csync.smilewanted.com
0 sync.1rx.io Failed csync.smilewanted.com
0 sync.richaudience.com Failed csync.smilewanted.com
0 ap.lijit.com Failed csync.smilewanted.com
0 cs.chocolateplatform.com Failed googleads.g.doubleclick.net
0 match.360yield.com Failed googleads.g.doubleclick.net
0 um.simpli.fi Failed googleads.g.doubleclick.net
0 s.thebrighttag.com Failed www.bg3.co
0 c21lg-d.media.net Failed contextual.media.net
0 beacon.krxd.net Failed www.bg3.co
0 creativecdn.com Failed adpushup-d.openx.net
0 openx2-match.dotomi.com Failed adpushup-d.openx.net
0 hal9000.redintelligence.net Failed googleads.g.doubleclick.net
0 acdn.adnxs.com Failed cdn.adpushup.com
0 public.servenobid.com Failed cdn.adpushup.com
0 js-sec.indexww.com Failed cdn.adpushup.com
0 sync.srv.stackadapt.com Failed googleads.g.doubleclick.net
0 b1sync.zemanta.com Failed googleads.g.doubleclick.net
0 pm.w55c.net Failed googleads.g.doubleclick.net
0 sync-criteo.ads.yieldmo.com Failed ads.eu.criteo.com
widget.nl3.eu.criteo.com
0 ad.yieldlab.net Failed ads.eu.criteo.com
widget.nl3.eu.criteo.com
0 criteo-partners.tremorhub.com Failed ads.eu.criteo.com
widget.nl3.eu.criteo.com
0 sync.outbrain.com Failed ads.eu.criteo.com
widget.nl3.eu.criteo.com
0 exchange.mediavine.com Failed ads.eu.criteo.com
widget.nl3.eu.criteo.com
0 matching.ivitrack.com Failed ads.eu.criteo.com
widget.nl3.eu.criteo.com
0 ad.360yield.com Failed ads.eu.criteo.com
widget.nl3.eu.criteo.com
0 dpm.demdex.net Failed ads.eu.criteo.com
0 visitor.omnitagjs.com Failed ads.eu.criteo.com
widget.nl3.eu.criteo.com
0 static.bg3.co Failed www.bg3.co
612 161
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
cdn.adpushup.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
ad.vidverto.io
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
cdn.vidverto.io
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh

This page contains 74 frames:

Primary Page: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Frame ID: 71708B87C8948DC6A6E7B8B378997673
Requests: 254 HTTP requests in this frame

Frame: https://6cd7bf16590c4acd6252f188e987571d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B55D4C3C6739EB07FF2507A77635C331
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5X-HQa6ynf9sFnWqel5hU7sEHF3Zj8hGZ71gol26GL_-1sbQo1hgoMHGC8Hp2LlNrkgn9OE4oHb1kJafHTYC2nzy61EMpraU_zPfVPq3JeMS60soIFHHU1WlcA5MWszzg1Bzdj7YPQdCKjaqsy0v94YFhchoGJJo59f2fc8gU4wBOlNFjIArq8A3nRe1e0_UU104wcX6OB50J3KqUXiw4SIHX5q2gQUtseS-hq7FS7v8ssapRhb5XjCoy5cMAHLClkwxDH-on63RR0HZSptJyAAovjVVQ2bo-pmE52U8RqPlVdgJxT2hChdpppVrQcvvByQ&sai=AMfl-YSezJJk1mSJLICD5uPzgHg0RURebMZroxb493qH6ksTzQDN_ROj5NsLlDiFVUT6EJfiSUx9PIt3LQPsUsTy44WARPF1DSxBo8TKZ57hhocHHt0bBPPjYF5T9RMEp42bDNlf3Dk3D2F3rmjh-Zw&sig=Cg0ArKJSzO4IpAwUbpc_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9CCFF21045BE4075EB9BEFB69E9B45E6
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Frame ID: 973CC7740D4A65190059ACC866B73C61
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 00324F34FF789E9F444D69532EA76624
Requests: 15 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&cmcv=&pix=undefined&cb=1694003987986&uv=3334&tms=1694003987986&abt=adxLoadDist5-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9398f89c-6f45-4cf9-828d-d02fe3a10d79&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: BCE1BF6E6B931A8FC6BC4FA286A4D188
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 6C58B8C49E137D3C792338CD49538CE8
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 2D03B8C50CC51692741994A5088CD2C6
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: A5121E78C811C7D1CB9220199D0228E6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 25247607C7A0988BDFDBAB09B40D92AC
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 7A225A8399C4EC7C6BFAEE6B51B60AF5
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: D2943014465A97ACA2FC621D92EA972F
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1734DA2AA88575A17749800AE1C1CB3E
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 509F7722227D93E6C7E2FCF9F73B4E74
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 8D83C8AA00D4EE46EE4FED6235427D58
Requests: 11 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2430F4E62CCA6D5667E9865455CCCB22
Requests: 3 HTTP requests in this frame

Frame: https://a2efcd6d92f8c72da0402e7aedaff86e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FB18333D076F2F319207AD16B93EA64E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 2DBDE25835032C889DD2C90F1DB3095D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1970043339420932615&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3389&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=670009431&ga_hid=1099694063&dt=1694003988588&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&bdt=3428&dtd=28&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: F4F429B30E58033CCD870E53920E5C0F
Requests: 1 HTTP requests in this frame

Frame: https://59bb09cd39c83dd241c255c34c1f4719.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 17CD53E249FD17E91AB03F0F9DDCC679
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: 17552EEF1440544494D8F301730E98A0
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D36C314BF4A8BF50248C5726510AB34A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E4C42107DE1E31841201F87512DDB10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F42409EB7A09ACAA7E02A71356719FCF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230831/r20190131/zrt_lookup.html
Frame ID: 2DF271F8EF7B8DC19E8B0432EEA5A960
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: 4FB0E588B6FAEB3405408376DF623852
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CB051D420A14F50F2237B42B922178A3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 238E17DFD5ED5D2BEFDB763656FED5B2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 235CF90929F1314261BE40F06193E860
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvJScfobys9jzGevAtGVWCtqJnLU3VR4osx9597TNEO4o8NaH7mqgWu3249NrBxYw81ZqQ8BZQWq0rzlKEmV8bIKVRRJYDX_aShVn-aYXCMwWbfi7KJnHvnHS1jiuo_xwI7Ni4Ps5F_kLT0Ahnv9Z2ydK01qLCPolEPNYprRtZHW_C5E-DUGbznYQVnfbH_SDuRyN4lcWlWY4RWn7JBhQMJxyuPZrt3-qlxZQny0lZXm29odxYgzeGMIS1XIOA8O4IVXy8wX7hM9st--pNbKE6m2IW7s04WtY1zyscKZF_mr5XB1Mhr5eqlloUIRjcG1c&sai=AMfl-YSfznWRUBOmj6ZGecLIYRtscWNfArAwOSTlKHYuazl8V9HMs_sELaZhCQC6XIbTTzOr9B0mWxrQ1lB2fAXDp1RHiRpz3mcku9fhoHB84qr3bC1qzzwSF8aal9O2nA&sig=Cg0ArKJSzMD7Kc2lhnCyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 45A92AFA94FE63A4DA80BD5F9107352D
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Frame ID: AB211C4C9CE58EB42E0B3E3AE404E05E
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU6UuY_VUyD5PrL8ELwCRAdkpczHD2gPrVrNnmT8JsAvWIjKuyHmNRQCyXyI3rU3PpMj2Ft0ZAIH1Pl9tBNZw86cepP0qScQ4RxbP94lzyMQDCaiYeFWbCGSBdhIxom2NHczWa9nGjU25J7WWvdc9lYAbAs65WgOPIrJxoL0Vp9Je1931g7oKLuQKKJqLDC2LQ2oIgI5sEWK9L7SN4XRBFvaGs9UsMsqQ3QjbAdwYRANYKL4UmcjJHS1aDZ41kNrAX4yAxi44FuHnXn9Opnzc3R3Hc_6ccdTLBX8sZZ05SOK1fNYQcQ45hpOJ6SL3R_uJS&sai=AMfl-YRnUoPHVPQW1b8oEPGQHQgi9MzYkVINT6ruDXcE_yCmDDyQb-awciRytfC1G9VsIIf0l-a5rpVjetLXOe02MuzX20KsmGvI2tpMlUQQzO5PDK20m1NtNmmy493fVw&sig=Cg0ArKJSzCR8a7SOUklnEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 17EE0E608C149BE18E93D4E0BB5B12A9
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Frame ID: 7741E4E0FDB7B4AAAC11BE7ECE25870F
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Frame ID: 4A073DC8C530A0EED61581DDBC86E666
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Frame ID: 7EDB8E9B8CF302F858D7C9C7E9500751
Requests: 9 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Frame ID: 728D9F9C16BA57BAA8FD286E34B6F3AD
Requests: 1 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317b48b3de46dfb7245fe3621b8&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Frame ID: 0D8DC362D60866AC74F19F78E76BF9FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNVsUkNJAJUu9aztNiBPWqSR1Vo4KI3rmB7iDKoRMiPJ5ksjQpCgjhLIIAqMCKOiBBYMzif62UXFmsx0lW1YxM_jVhp6bA
Frame ID: BEB9DA7FA4897E4928224CFE211EF17F
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 8C8040A1247235F80E309CF93F150251
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 16D7F041725A8FDC10178CD9F21FA785
Requests: 9 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
Frame ID: DB09CAD067CA8FB2C9BED3398BB4359D
Requests: 27 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
Frame ID: 3FEFCAD23F4530A22C2321A4C673DBC5
Requests: 27 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 47076377422868D513811A22D32C9038
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: C57F04450292662470AE4E04E70FEA87
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 82306815FDB90DC79B59F0EC445ECD35
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: FAB218CECE6C2E567E97E29F811938E9
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B4221960B6F0B5A707F085324B9FDE35
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 80E5B98F67B70C7D41C9677190625699
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 8EFA5FB0D229EF6119135FDEFEE1026C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1694003988273
Frame ID: BD2834FA262B897663D573F100DC375C
Requests: 9 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 679A47D30EB1530C53A594C8F4E5E6EA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DFC0F5C4447494D749792B2F5AB8D76E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: 880F6C3B11404293FAF9B428EC71E4B1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4EC9DFDB8911C7C16425D8AAC040CBCA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D9B29DECE4EBCFD86E04D618909D7F4E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1D1586B7EC416C3FB558062A558B4522
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: C7A70D038AC32CC154BF214A17C4378D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 78FB56F9996A3E3CA2D9AE3EA29A1F76
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: D03A38C102A45C66637E6D4C3E679ED2
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: 6C999170C227306E504446837C9E9672
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Frame ID: 6D3EC1AB6802C57A4E89D4FF051A0836
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0724911272C1D1D448354F143E1FE424
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD7C3C931FBE2FD12E27D959AC48B240
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Frame ID: 73125EBE953DB92994D92EC4E32DF584
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 7E4A998A47D61D8A70E97495724D0076
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/4126843277910630446
Frame ID: C4C126A864D2766E6A50242092FD633B
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
Frame ID: 0FFE19A3CF44A5ADA9B118AF71A193E7
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 470F1272BD39564EBBE856707DCE0915
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 6DB33B7A8BCDBCE6FC2BDF3B9A3DE95E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 77E7517AA5051BA16CA5AF922410B7CC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2CFF27342EAF01767E42E9A359B5939
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 088730F769641DA0999B9EE12428C8C8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 22EE15C77E4C87170CF3C1B566262A1C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 416E6D8FD0034CFCB811469195B5C8F4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

baby唱《畫畫的baby》 穿抹胸紗裙人美歌甜 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

612
Requests

79 %
HTTPS

0 %
IPv6

85
Domains

161
Subdomains

100
IPs

10
Countries

6683 kB
Transfer

21411 kB
Size

69
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 87
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&rid=esp&cc=1
Request Chain 132
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D9af41ca9-4f83-4c5d-822e-ea5e8d26e095%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=9af41ca9-4f83-4c5d-822e-ea5e8d26e095&p_id=23
Request Chain 133
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=9af41ca9-4f83-4c5d-822e-ea5e8d26e095&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=9af41ca9-4f83-4c5d-822e-ea5e8d26e095&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-EDLSRng1gTZB3if4x9cvpMUUqMOhgkE5sz093Q&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&p_id=15
Request Chain 153
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 154
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a863c8e9-b758-32d6-aeea-a05489dddc9a?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-8bLE3I1E2oUtB4TjYTuIr.U6K6O4ikOckbRaE_Y-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 183
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 186
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LM7Q8JER-4-9T0D&gdpr=0
Request Chain 187
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2825018790679395221
Request Chain 189
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimqAxuCWL3Z-WVdl0eqZcavk7DQEFQI0oQ
Request Chain 190
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=5128187030614505374
Request Chain 192
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo
Request Chain 193
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZGMzM4MjUtQTE0Qi00M0ExLUI3MDgtQzg1RTVDNTM0RUUz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=26F33825-A14B-43A1-B708-C85E5C534EE3
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAXwq2gz892y2ec3kDAsAP4&google_cver=1
Request Chain 195
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-IeQod0NE2uF5Lc0.e3rhuSd6CqHKGJXWQmUyx8g-~A
Request Chain 197
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&google_hm=YjRiODNkNWEtZmM3OC00YmY2LWE3OTgtZjE5YTRiNzc5NTdk HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIaGzBHwpCf63ObRFcRw7nw&google_cver=1&ssp=onetag&bsw_param=b4b83d5a-fc78-4bf6-a798-f19a4b77957d HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 198
  • https://ad.mox.tv/delivery/sync?userid=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo&p_id=5 HTTP 301
  • https://ad.mox.tv/delivery/v2/sync?userid=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo&p_id=5
Request Chain 245
  • https://pr-bh.ybp.yahoo.com/sync/taboola/45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RZCNM.hE2oQBmuzD3H9ZDPc4tB.Y1ZPlknox0g--~A
Request Chain 249
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4126843277910630446
Request Chain 250
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8b57a9e4-3f8e-c306-33dd-e60d87def8c8 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8b57a9e4-3f8e-c306-33dd-e60d87def8c8&dcc=t
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEITZN6uLikZXVX4vmjc5Yno&google_cver=1
Request Chain 286
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM7Q8JIZ-1V-GWGK HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM7Q8JIZ-1V-GWGK HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 290
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 291
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM7Q8JIZ-1V-GWGK&gdpr=1&us_privacy=1---
Request Chain 292
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE03UThKSVotMVYtR1dHSw==&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEE_4LJiw_9lmOtirwUmkcJ0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE03UThKSVotMVYtR1dHSw==&google_push=&gdpr=1
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEN3LOChWA_nUC-9-d76Deig&google_cver=1
Request Chain 295
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/r8HkFCOw2fgtU48GQu9nJ8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HeNe2SlE2oI0b8dNF9mzYIDE8apPGgy4AWk4Hg--~A
Request Chain 296
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ExNzFmNDRkNTU1NTM0YjU5ODFjZTA5ZmQ5ZTI2YzAzYTAzMzExMw&gdpr=1&us_privacy=1---
Request Chain 297
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1&C=1
Request Chain 390
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPhzGJePj38mET-tZMVd.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1&google_hm=2
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_cm&google_hm=ay1xUkFNLW5nMWdUWkIzaWY0eDljdnBNVVVxTVBuRjBtRkM4ZjBOQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
Request Chain 399
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2825018790679395221
Request Chain 412
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=b56B-mdXDumTf-c0kmHp018efPg1I0Vm
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_cm&google_hm=ay1xUkFNLW5nMWdUWkIzaWY0eDljdnBNVVVxTVBuRjBtRkM4ZjBOQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
Request Chain 425
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2825018790679395221
Request Chain 438
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=R6uTpm3aQc8lcToPXTCUYd38onwceQ-n
Request Chain 463
  • https://onetag-sys.com/usync/?tag=img HTTP 302
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=&gdpr_consent=
Request Chain 470
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMvDRV_2L3jOZ59CmEBi4GI&google_cver=1&google_push=AXcoOmQNMtkPuNdaUWR8_k9e-dfJhH2pcJy75S4fADalrhRYqozBFZfWduBQTv-JJVWmOR43-ierlBtNTXjTC6KMUb4CyNgmOrIE1AjyPKQXlvZw8jx4ThGPXms7_jEXO6Lap0AFlwoxJzjsrz7dD9QSHQeO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQNMtkPuNdaUWR8_k9e-dfJhH2pcJy75S4fADalrhRYqozBFZfWduBQTv-JJVWmOR43-ierlBtNTXjTC6KMUb4CyNgmOrIE1AjyPKQXlvZw8jx4ThGPXms7_jEXO6Lap0AFlwoxJzjsrz7dD9QSHQeO&google_hm=eS01UHdsMVhSRTJwRnRsT0VCVlJacVh1bUFLR0xmaVplOX5B
Request Chain 471
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSKr47YCh8fJAtOf_vdpUdH_z1ii0ZtSfQ05RdE4UN1SAsu0WRdCEWiQ_kRiiflA4o-6eGCE65uvO00x9V22JSNS8Uc1Ny94JNWoeD9v4jd1qAe4egIrm8Q06OpeXYz_9cKK3gS2DN-9m4yx24qSQYG&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_push=AXcoOmSKr47YCh8fJAtOf_vdpUdH_z1ii0ZtSfQ05RdE4UN1SAsu0WRdCEWiQ_kRiiflA4o-6eGCE65uvO00x9V22JSNS8Uc1Ny94JNWoeD9v4jd1qAe4egIrm8Q06OpeXYz_9cKK3gS2DN-9m4yx24qSQYG
Request Chain 472
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBbA5OninnAQegugSKsIrcs&google_cver=1&google_push=AXcoOmS6KF_RajTssSULlr6SRRRHAYkr5YcKCJp6cwubJPg0wrpEfUG8UHLgdjSWDu5b3OgNXPwBWH5Wbtrp2bTT7NNGTF9gXdsotmjyNoOuvxSQg4VbsmdpUtjTVfafkpZWAyhlqVY4p6yGZVdFhO3EhhE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmS6KF_RajTssSULlr6SRRRHAYkr5YcKCJp6cwubJPg0wrpEfUG8UHLgdjSWDu5b3OgNXPwBWH5Wbtrp2bTT7NNGTF9gXdsotmjyNoOuvxSQg4VbsmdpUtjTVfafkpZWAyhlqVY4p6yGZVdFhO3EhhE&google_hm=DNdfpYqiwdIVpygtPPQJkg==
Request Chain 503
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=DNdfpYqiwdIVpygtPPQJkg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 505
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 507
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=gF5UioFZA4qbW1CE01wf04VeB9ebU1fT113B5ZeS
Request Chain 513
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=edZFomzkC092HOLuGzOIWONrM-0lkxiX
Request Chain 514
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XHJmtggpWvq-5-RvLfT2fDEpxcs_VbDy
Request Chain 531
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=mviAvYeC8vNlZfno5eQTepx5_17Zupwd
Request Chain 532
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vFisLo1cYCNqzWDs_u2DBXpXFmelim5O
Request Chain 536
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR3vladox9rx9bDOFoBFm2F38L5T_OCHHsH9UDTUXpTnqzvICHrLsyAC3xaKWIm62AJ2u7C6PgJOarExNV5xv2_4Kj33VYg&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_push=AXcoOmR3vladox9rx9bDOFoBFm2F38L5T_OCHHsH9UDTUXpTnqzvICHrLsyAC3xaKWIm62AJ2u7C6PgJOarExNV5xv2_4Kj33VYg
Request Chain 569
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4126843277910630446

612 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
www.bg3.co/a/ 		48 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8a6dbe4a502874141c7ee3a0eff91931c02d2a53c20b989245a2092d7c8b5b28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 06 Sep 2023 12:39:44 GMT
etag
"c1cd-yLAcZU11paDaAql6gZuEOi3D+og"
expires
Wed, 06 Sep 2023 12:54:44 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 06 Sep 2023 12:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72941
x-xss-protection
0
server
sffe
etag
"1fd4dd9eff57c430"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 12:39:45 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 06 Sep 2023 12:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9642
x-xss-protection
0
server
sffe
etag
"02dd63e520ffd2e6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 12:39:45 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 06 Sep 2023 12:39:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7559
x-xss-protection
0
server
sffe
etag
"7e5f99ff05e5cd4c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 12:39:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
02d3592b99720f67ff377e5a232778adcd8e91b3226dd6b570b7f2a0bbb96ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29355
x-xss-protection
0
server
cafe
etag
933 / 19606 / m202308310101 / config-hash: 15008231380658717738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:45 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 17:11:15 GMT
server
cloudflare
age
37424
etag
W/"64f76133-a067"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8026c6ce9e5f4c44-MXP
expires
Wed, 06 Sep 2023 14:16:00 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6885
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0c4R2ZGolQodLXONxVU%2BU4VOIHEaCUvqSOpfDUO70OpYn2esqKR6nSTbgOhzJB19D2oKM02BbeKsG6jzCVVJDyBBkpIHIYT9Ol0nnvJK4jaSIYg4voMAhPzDVEe7bHVwRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8026c6d47b5a83b4-MXP

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF4) /
Resource Hash
9091887c532ff3fc009e74a447355106b85b5fb70f31c3c75cca42d71ad8db4e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Wed, 06 Sep 2023 12:39:45 GMT
content-encoding
gzip
age
17149
x-cache
HIT
x-client-device
desktop
content-length
10567
x-ap-device
DESKTOP
last-modified
Wed, 06 Sep 2023 07:14:46 GMT
server
ECAcc (frc/4CF4)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
DE
expires
Wed, 06 Sep 2023 13:39:45 GMT
adpushup.js
cdn.adpushup.com/42753/ 		658 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-200.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
0ca5dae92ef6608fe14a8ba5e56f72d38b31e7570d98f2287024bfe4a0d53c99

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 06 Sep 2023 12:39:45 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Thu, 31 Aug 2023 21:40:02 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=76, ak_p; desc="1694003985756_1600468676_110771284_7599_1217_17_64_146";dur=1
content-length
141535
expires
Wed, 06 Sep 2023 13:39:45 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		492 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29b110ded380d57fd0b65e05023807dd1ed2d7a50d293f8b1dffc415929df8e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CS4xXnbn3e0eQM.Y8bfmZ_XtvJ_HUi_a
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:45 GMT
x-amz-request-id
M3VZGS0PZ6PVNWBH
age
80
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
53746
x-amz-id-2
kwOEz1bR2lNbE1d7kcQVT6OEpt0FAaOwyL8RnIwS5mPGnBlI99TOl84LTuCCqNFkX7MW87SgYmQ=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:28:01 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003986.698589,VS0,VE0
etag
"6f10d5706f39c3d8dbbf8f496b40a0c2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
3
t.php
c.statcounter.com/ 		192 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=10BF351922714F1F4E2B57E99F6DCECC&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&t=baby%E5%94%B1%E3%80%8A%E7%95%AB%E7%95%AB%E7%9A%84baby%E3%80%8B%20%E7%A9%BF%E6%8A%B9%E8%83%B8%E7%B4%97%E8%A3%99%E4%BA%BA%E7%BE%8E%E6%AD%8C%E7%94%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=6136&sc_rum_e_e=6140&sc_rum_f_s=0&sc_rum_f_e=6129&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8026c6cf3fbe4c44-MXP
expires
Mon, 26 Jul 1997 05:00:00 GMT
impl.20230904-6-RELEASE.js
cdn.taboola.com/libtrc/ 		804 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e22158808f2f86a0356dd020a0a86bdfded121d34ecc9055830973870e674115

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jk1U17_tVU9HHlI58kwr84SV8wNlkfRk
content-encoding
br
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:45 GMT
x-amz-request-id
8N3WWZS83FY7KXYZ
age
12216
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170198
x-amz-id-2
1Pd1M/fJq1x3ptOaUCNdcj1gaKA8gdpblHHvPIZ1QnUvgFp7XWDXIFPigWO79nbvUhNRK8ed8aY=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Mon, 04 Sep 2023 08:57:08 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003986.808737,VS0,VE0
etag
"7e2de674deacd469493acfda59783351"
vary
Accept-Encoding
content-type
application/javascript
abp
75
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
912
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1694003986.dop269.fr8.t,1694003986.cds133.fr8.hn,1694003986.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
252732
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		71 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=14%3A39%3A45.947&lti=deflated&data=%7B%22id%22%3A282%2C%22ii%22%3A%22%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693906069385%2C%22vi%22%3A1694003985944%2C%22cv%22%3A%2220230904-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%22%2C%22vpi%22%3A%22%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3489%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A310%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3e621c1b3d4aa2666a1f0473f42220c7d91f47106c1cc50f2041ddf7baed8c12

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
395
date
Wed, 06 Sep 2023 12:39:46 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
69074
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220034-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694003986.000732,VS0,VE395
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
668ee8abe00a920c716933b4d04240cc.jpg
static.bg3.co/imgs/202105/ 		0
0
59b0b8c7986b2b70b58afcad42fd09a9.jpg
static.bg3.co/imgs/202105/ 		0
0
3199debbca334930f0c74f0981026dfb.jpg
static.bg3.co/imgs/202105/ 		0
0
9f5873974a6d354e53f583716a610863.jpg
static.bg3.co/imgs/202106/ 		0
0
a0382271e51ee29953a9577748e17545.jpg
static.bg3.co/imgs/202105/ 		0
0
49f379a7baf7effc155e7c2ee810f1e8.jpg
static.bg3.co/imgs/202106/ 		0
0
b83c5a5eb509dd5e192c39a44104172c.jpg
static.bg3.co/imgs/202105/ 		0
0
d81c35535d6bf6149f8f0a9f95474ec2.jpg
static.bg3.co/imgs/202203/ 		0
0
3ecfcc7cd59e8429cdfb9c412990d202.jpg
static.bg3.co/imgs/202105/ 		0
0
f309931811ff56c53530cf519ca4af5b.jpg
static.bg3.co/imgs/202105/ 		0
0
47014fdc1be63e5c12af6600098983ec.jpg
static.bg3.co/imgs/202103/ 		0
0
b015a942042d337fba05504ebaadb516.jpg
static.bg3.co/imgs/202105/ 		0
0
dcdfa7a103c7c1f43dc604095e80cfd1.jpg
static.bg3.co/imgs/202105/ 		0
0
837d05252d29c8e4cc812ce2a72ea083.jpg
static.bg3.co/imgs/202105/ 		0
0
9616e31d00a0ba292ac26718c10bfc15.jpg
static.bg3.co/imgs/202107/ 		0
0
7b284ebb883632348aef4684a10110b0.jpg
static.bg3.co/imgs/202105/ 		0
0
2204c568ccb145be676c1f17946244ae.jpg
static.bg3.co/imgs/202105/ 		0
0
acbbe2c159f94a2e723689aeb4f15e19.jpg
static.bg3.co/imgs/202105/ 		0
0
5f6a507cf237788635f2d61abdaf17e2.jpg
static.bg3.co/imgs/202105/ 		0
0
e2e2c22d3aa3f9c3d499299fd859fbda.jpg
static.bg3.co/imgs/202105/ 		0
0
a0cc05e587eb180f086c78f988f6d74f.jpg
static.bg3.co/imgs/202105/ 		0
0
9e90d3da3e631a5f29cfefd1a4542c5a.jpg
static.bg3.co/imgs/202105/ 		0
0
558d435f6008ca44ce9a95e8ed792d95.jpg
static.bg3.co/imgs/202105/ 		0
0
92f053820039fe57677ee74f6cc43561.jpg
static.bg3.co/imgs/202105/ 		0
0
f4ce3968bbdd107331ef66ab1c950572.jpg
static.bg3.co/imgs/202105/ 		0
0
db30bc4ade5fd9599049e563e4e5282a.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:30 GMT
age
67996
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2968
x-xss-protection
0
server
sffe
etag
"20a8808a3fce3085"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:30 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
67995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23124
x-xss-protection
0
server
sffe
etag
"91fba5c7cd59114d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
871 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
26ebac8b8d1247e5aa00ec53cd97a110c0b1edd887362c6d25ddab4570bb79f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
523
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
67995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3948
x-xss-protection
0
server
sffe
etag
"a02df160e36bd176"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 09:56:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
9767
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Sep 2024 09:56:59 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1694003986.dop269.fr8.t,1694003986.cds133.fr8.hn,1694003986.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 03:41:04 GMT
x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
32323
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
Xo1IzHj91dY28kBox1iW20Of4EJ1JtTkJmx8LQtGareVO15yY8JSwg==
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
PZWZRGMGZGC1FZZC
age
16
x-amz-server-side-encryption
AES256
x-amz-id-2
S58JdPqukaHa1PfPpov4GyEz83dr63BKbaJmuhDvlOSU38dLMdr4IM2RoJbb53yBIZS0UEGIoH8=
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8026c6d55f4dbb2f-MXP
expires
Wed, 06 Sep 2023 13:39:46 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42944
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWIQ69VwDDYoJ3LerrparvPN42U8pncBmRioS5vojWR558yYJb0983BHDemiJBb%2BEwAYR9SSacbKGXWJjg7Zd3oxLSyHCu8Z1%2FRUepWeESX0rtBswHcgTZT%2FdJ2wdQOZuYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8026c6d55a095249-MXP
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 02 Jan 1970 00:00:00 GMT
server
nginx
etag
W/"15180-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 12:39:46 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 04:27:21 GMT
content-encoding
gzip
age
807145
x-guploader-uploadid
ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 27 Aug 2024 04:27:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1523095062415793&correlator=2236584989965359&eid=31076480&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694003986211&lmt=1693996786&adxs=220&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&vis=1&psz=760x0&msz=760x0&fws=4&ohw=1600&ga_vid=1361012700.1694003986&ga_sid=1694003986&ga_hid=1099694063&ga_fc=false&dlt=1694003985160&idt=1026&adks=3605545259&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
88790c731c0410552050895ee0f1cd06a6303b567302f6bf8649cc2cf0945799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12478
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6cd7bf16590c4acd6252f188e987571d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B55D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6cd7bf16590c4acd6252f188e987571d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:46 GMT
expires
Thu, 05 Sep 2024 12:39:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9CCF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5X-HQa6ynf9sFnWqel5hU7sEHF3Zj8hGZ71gol26GL_-1sbQo1hgoMHGC8Hp2LlNrkgn9OE4oHb1kJafHTYC2nzy61EMpraU_zPfVPq3JeMS60soIFHHU1WlcA5MWszzg1Bzdj7YPQdCKjaqsy0v94YFhchoGJJo59f2fc8gU4wBOlNFjIArq8A3nRe1e0_UU104wcX6OB50J3KqUXiw4SIHX5q2gQUtseS-hq7FS7v8ssapRhb5XjCoy5cMAHLClkwxDH-on63RR0HZSptJyAAovjVVQ2bo-pmE52U8RqPlVdgJxT2hChdpppVrQcvvByQ&sai=AMfl-YSezJJk1mSJLICD5uPzgHg0RURebMZroxb493qH6ksTzQDN_ROj5NsLlDiFVUT6EJfiSUx9PIt3LQPsUsTy44WARPF1DSxBo8TKZ57hhocHHt0bBPPjYF5T9RMEp42bDNlf3Dk3D2F3rmjh-Zw&sig=Cg0ArKJSzO4IpAwUbpc_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:39:46 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 06 Sep 2023 13:39:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CCF 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:47 GMT
floating-unit.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0523c9f4c6e8ba75215efcb5a0dd935a921f2f7ab3fb4704ce76e1581b138f8f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gCyHf_VCfjZj4MCtkTlwg.UqGXFNzlsk
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:46 GMT
x-amz-request-id
CPQK909B5FDC125Z
age
97903
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
U+RbM3c+KhVYDklAMG5nRTIdUFwi37tgwxJ8dkSlzJiRxIZzaE5B4Hal5BU4SKUTqMKfyT1g0ZU=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:28:03 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003987.784008,VS0,VE0
etag
"2f075479883762ccb190880a2d99a178"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
980
taboola-vignette-new-scanning.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81fdea7c18bbcfa19c107195f178531a1894893820fa4f813e8a2d4626e7ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gD92SrEmdVN9wiZ2ljLxk6xmqtYcr2Zx
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:46 GMT
x-amz-request-id
T7QSD1WKG39VA09Q
age
97884
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
Q6rL/wcYIVVRSo6X4d8EiTQYtTKeYPOuVnKj9Vhh+/vA1LjvPMc6DVHh2PJj7yD+kddLML6bpaE=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:28:23 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003987.784001,VS0,VE0
etag
"b64dfc1b22cb23aa523b455c1b278478"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
41
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
997
distance-from-article.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c96ae71aaa29dc81173e75f0decbce2c96524acc59f1dc3e99a0292560a2b892

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fcaFwkup65aQSTOfbV798hbxQaKYLZN0
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:46 GMT
x-amz-request-id
TBAF86P320DWNCNC
age
97912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
f4BMEakH1WnK7qd/8+Q0DLe0xcWCvigexxOAuAFZqSUFVXdQjNrrLbj/W7KX5vEOeLIJW9ntywg=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:27:55 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003987.835984,VS0,VE0
etag
"bb24e279c0edcbe16d2ff26dac9946d1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
17
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11749
article-detection.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16c56af26101715bb14f3afe53bf3f2c60a1413cbe8e58a1d2c6d8296908f665

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FV1al.V4wnjth4d5oxM5T_RrUBt1RiQC
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:46 GMT
x-amz-request-id
8ARDCGFHWDRSQFV6
age
97918
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
Ofk6E/uif5xfbuReF/tqeVHyX6lvLneKQGV6c7eCfuujRV0yOWJm2EtPWQ0tnRXCgiyrTolG5cc=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:27:49 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003987.835967,VS0,VE0
etag
"314d847535f292f04cfd0a2d8c97c85c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11760
article-and-feed-area-scanner.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dca4a223126c4d32188763323f0630c6a702cbf2912a9cad59b269a4588ad7fe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3aEwXXdAP0RVowFGRqoEDLwkTvPB33bw
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:46 GMT
x-amz-request-id
SQRHMK90W5E5RGDV
age
97919
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1149
x-amz-id-2
QqxdqW9FIVGkngG+aDBi/wmskhnofnElfGE9kHT8qyTJ585Qt0IEp8YSbRkqn4Ie8wbzQF85lug=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:27:47 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003987.835950,VS0,VE0
etag
"049ffbcb47e917362b34d0c19f30ae6c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4045
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.9/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:46 GMT
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
166456
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36490
x-served-by
cache-fra-eddf8230099-FRA
last-modified
Mon, 04 Sep 2023 14:25:10 GMT
server
AmazonS3
x-timer
S1694003987.967441,VS0,VE0
etag
"fd7ae01836d3569c79370b947186fc34"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
zY8aCoBHNlS93pxqjFjaT-d-7We2oA4brP-hg1H22wJfPEM1hA9XIg==
x-cache-hits
26863
feed-card-placeholder.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53294044ef54aa72d219a20ecea405f082270bb7774af92c6117b2c7a5ea8013

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pQEvK3O7.nDcN6fftr4DN4W2TxDndq5Q
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:46 GMT
x-amz-request-id
JBRQRFRD2YDH6WYF
age
97907
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
jBNzSO4e6FEgjBx1CEsXt44GkAYej/Hd4tICKex78JJV031r+9RwuFdRlYNmQuIr8ONLv62yO70=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:28:00 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003987.860011,VS0,VE0
etag
"fb5fdfa274fdc2467deb2cb66f816ee1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10635
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:46 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
98
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003987.882975,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
82
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
115
userx.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
920e61c4d114a96b890545ff904a61109578821e50306b6d9f642cebead0eca3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ULC0lSCIq3CJA8CiJO4V6IWR2raQl_y5
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:46 GMT
x-amz-request-id
FSBMWH530VRS62CD
age
97880
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
j3yH8/NdleXn3yw0lyq8dOBLo9//QRWBjx5IWoFfpAn2FGOo234cvso935W6ioHD7H5S49t0HVg=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:28:26 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003987.906876,VS0,VE0
etag
"bef5c48573436bea4af3bca2d3a096c2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
12
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3449
explore-more.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f6a107a3fdb1536c81826561e818486e2a0ae0b230df8b15f908af89b0071e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cGIJeEWfP5aFkjM4FO.sq.jOyEuP0ujD
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:47 GMT
x-amz-request-id
PFT5D60MTMS3ZF4Y
age
97909
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8803
x-amz-id-2
d5Vq0xWrqgOvY24b6aGmY+EXGqOFLvKngOdsUUQhTIG4mKWvlNVYFDCb6iywjiqkjQJpGkCchfM=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:27:58 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003987.031353,VS0,VE0
etag
"faaae21a0564075e67ac64af0bda9aad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5573
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=14%3A39%3A46.760&id=5038&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1694003986761%7D&tim=14%3A39%3A46.761&id=3905&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1694003986788%7D&tim=14%3A39%3A46.788&id=6849&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A39%3A47.021&id=2851&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A39%3A47.024&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2130&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
54179
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A39%3A47.025&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6263&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
54179
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A39%3A47.041&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7269&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
53205
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A39%3A47.043&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3796&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
53205
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A39%3A47.050&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5184&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
53205
json
trc.taboola.com/palmate-bg3co/trc/3/ 		20 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=14%3A39%3A47.087&route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&data=%7B%22id%22%3A315%2C%22ii%22%3A%22%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA%22%2C%22ui%22%3A%2245e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892%22%2C%22uifp%22%3A%2245e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892%22%2C%22lbt%22%3A1693906069385%2C%22vi%22%3A1694003985944%2C%22cv%22%3A%2220230904-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%22%2C%22vpi%22%3A%22%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4556%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A346%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9745480bd2be28800006175c4a79bc4044d655496e2221a912a45879d832787d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
418
date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
69020
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220034-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694003987.117305,VS0,VE418
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_705%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_705%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9dc4406241092ceae74cb2efbbc8b9d756da6698dd6b2f041f01be07a3632fab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_705%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
972156
edge-cache-tag
461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
1196
req-referer
https://www.turfomania.fr/
content-length
108508
x-request-id
8c570a9bff1010dd2d8f6f04a659e845
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200065-IAD, cache-iad-kiad7000057-IAD, cache-iad-kiad7000077-IAD, cache-fra-etou8220034-FRA
last-modified
Thu, 10 Aug 2023 14:24:09 GMT
server
nginx
x-timer
S1694003987.178757,VS0,VE2
etag
"208b5e98b1735467f15b4f9869c3cbb9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
1742350
edge-cache-tag
461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
241
expiration
expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ibctamil.com/
content-length
77796
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200159-IAD, cache-iad-kcgs7200159-IAD, cache-lga21978-LGA, cache-iad-kjyo7100056-IAD, cache-fra-etou8220034-FRA
last-modified
Thu, 10 Aug 2023 20:02:04 GMT
server
nginx
x-timer
S1694003987.178458,VS0,VE2
etag
"71e7328a598628fe3e7dc8b93d19f889"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 0, 1
f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a409d74793cb8e9cb28b1fd92311d6c82d4a4b15f2301b5a63daa0057cf9aa77

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age
2576529
edge-cache-tag
413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
158
expiration
expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.9tv.co.il/
content-length
13658
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200103-IAD, cache-iad-kiad7000057-IAD, cache-lga21930-LGA, cache-iad-kjyo7100165-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 16 Jul 2023 08:21:22 GMT
server
nginx
x-timer
S1694003987.178484,VS0,VE0
etag
"98191e2eef5b9be911ac38d0d3a74348"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 390, 2
a71d19d6d69a442f32e9b865e179a371.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a71d19d6d69a442f32e9b865e179a371.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
414e46abcb4c362646d340bf7d431ef9c0346f8b2636e8d80b28fde64c4832ba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a71d19d6d69a442f32e9b865e179a371.png
age
3487069
edge-cache-tag
437747415411460778181372016885891650588,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
437747415411460778181372016885891650588,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
238
expiration
expiry-date="Wed, 02 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://canadamirror.com/
content-length
11488
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100150-IAD, cache-iad-kjyo7100101-IAD, cache-sna10736-LGB, cache-iad-kcgs7200025-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 02 Jul 2023 16:47:09 GMT
server
nginx
x-timer
S1694003987.178475,VS0,VE1
etag
"879a4f7b6a7e2adec6521b00d245b527"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 7, 1
eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44c9e4d6cc84fe235db0800274090c3335ecc1fcb54bbbebc324c278bb50c197

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age
3799867
edge-cache-tag
486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
315
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
35954
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000071-IAD, cache-iad-kjyo7100118-IAD, cache-sna10735-LGB, cache-iad-kcgs7200136-IAD, cache-fra-etou8220034-FRA
last-modified
Sat, 15 Jul 2023 22:28:28 GMT
server
nginx
x-timer
S1694003987.244769,VS0,VE1
etag
"f9d7aab2dcdde7833ec39551e6347199"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 25, 1
e5cd1439806ffe139e39474ce2d76534.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e361396300428cd3c7d4f259de28cd0c1b706d3fcd6a5e484efaf51a51fb87f0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5cd1439806ffe139e39474ce2d76534.jpg
age
3083832
edge-cache-tag
371149999047074580014513752138842485437,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
371149999047074580014513752138842485437,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
85
expiration
expiry-date="Thu, 03 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.com/
content-length
26020
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200137-IAD, cache-iad-kiad7000100-IAD, cache-chi-klot8100098-CHI, cache-iad-kiad7000169-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 03 Jul 2023 06:23:41 GMT
server
nginx
x-timer
S1694003987.244766,VS0,VE1
etag
"c7e57f0ab462fea0a7b18dfc573bbc2d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 10674, 1
nYim6X6SYHYMpRj.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d52df9fabaed1fef20e9bcacbdafdaa0d0f6d07ef28c580fe47c0f14a0053ad3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
age
2758010
edge-cache-tag
338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
465
expiration
expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.footmercato.net/
content-length
9756
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000025-IAD, cache-iad-kiad7000054-IAD, cache-chi-kigq8000128-CHI, cache-iad-kiad7000058-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 16 Jul 2023 08:09:25 GMT
server
nginx
x-timer
S1694003987.376106,VS0,VE1
etag
"0adc8ec46c2767904c6ee865def1f1ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 286, 1
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
2508753
edge-cache-tag
461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
210
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.autoplus.fr/
content-length
89246
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200145-IAD, cache-iad-kjyo7100071-IAD, cache-sna10725-LGB, cache-iad-kjyo7100170-IAD, cache-fra-etou8220034-FRA
last-modified
Mon, 10 Jul 2023 13:45:40 GMT
server
nginx
x-timer
S1694003987.384162,VS0,VE0
etag
"ecebe3f0b20bc86f86907281770c8cb6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 4, 2
eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age
1419626
edge-cache-tag
486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
480
expiration
expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
42778
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-lga21931-LGA, cache-iad-kjyo7100053-IAD, cache-fra-etou8220034-FRA
last-modified
Fri, 18 Aug 2023 15:33:27 GMT
server
nginx
x-timer
S1694003987.419586,VS0,VE1
etag
"0a2c75440724365af393e298015be867"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1345, 1
f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ddae47187a17644dbe7e02cdf7089521d014d35e172c5c068b16213702bd5c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age
2576528
edge-cache-tag
413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
321
expiration
expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
31858
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200103-IAD, cache-iad-kiad7000057-IAD, cache-sna10739-LGB, cache-iad-kiad7000139-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 16 Jul 2023 08:21:22 GMT
server
nginx
x-timer
S1694003987.419578,VS0,VE4
etag
"98191e2eef5b9be911ac38d0d3a74348"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 113, 1
a71d19d6d69a442f32e9b865e179a371.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a71d19d6d69a442f32e9b865e179a371.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ad6631e15dfd0f63d6dd8fefc5dda86f11dbb37e51307034cc7a7f5980b5493e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a71d19d6d69a442f32e9b865e179a371.png
age
5113811
edge-cache-tag
437747415411460778181372016885891650588,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
437747415411460778181372016885891650588,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
297
expiration
expiry-date="Wed, 02 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.southplattesentinel.com/
content-length
28240
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200094-IAD, cache-iad-kjyo7100065-IAD, cache-chi-kigq8000159-CHI, cache-iad-kiad7000108-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 02 Jul 2023 16:10:31 GMT
server
nginx
x-timer
S1694003987.440332,VS0,VE1
etag
"716862c6f7d9f64bde89ee920e9e5865"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 6, 1, 207, 1
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&rid=esp&cc=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e38dda9fb07db867bf96cae4d27be4848439fbffe05d9016dbb3e81dad3b4afc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-3plemQ1GnrTCVenXtQ8Kwp44LfI"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 06 Sep 2023 12:39:47 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.bg3.co
location
/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6692
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoESjO4DjO5ZKdh5Aa0eo9R3EYabmN0wZV8Cwi%2FosWNL3xASL7I0lARj8jLdtDoARfG5VEyIBuCII6KeqUgqZgYUK1FZVqmeiOyC63CdxduyrLVRf5E1KL7gosVgxdc%2BMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8026c6d8b8cc83b4-MXP
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7a35e8431ed5a87ee3170de77087e5423f1526902bda716b52603d202fb69347

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7a35e8431ed5a87ee3170de77087e5423f1526902bda716b52603d202fb69347

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-200.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=11, ak_p; desc="1694003987667_1600468676_110772015_1089_1048_31_113_146";dur=1
content-length
122286
expires
Thu, 05 Sep 2024 12:39:47 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-200.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=8, ak_p; desc="1694003987810_1600468676_110772017_769_1081_31_0_146";dur=1
content-length
211
expires
Thu, 05 Sep 2024 12:39:47 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-200.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1694003987810_1600468676_110772016_504_1049_31_0_146";dur=1
content-length
18371
expires
Wed, 06 Sep 2023 13:39:47 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQwMDM5ODczNjAsInBhY2tldElkIjoiMDAwMEE3MDEtZTIwMGFjYzktODgwMi00Y2M0LThkYWItMDlhMWY3YjEyNzY5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2JhYnljaGFuZy1odWEtaHVhLWRlLWJhYnktY2h1YW4tbW8teGlvbmctc2hhLXF1bi1yZW4tbWVpLWdlLXRpYW4uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=7735.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
67996
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10339
x-xss-protection
0
server
sffe
etag
"6b0a8d436e5c7ad3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
syncframe
gum.criteo.com/ Frame 973C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:47 GMT
server
Kestrel
server-processing-duration-in-ticks
293989
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 06 Sep 2023 12:39:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
impress
ad.vidverto.io/delivery/ 		53 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&referrer=&async=1&uid=4091965599&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
67374076a3908d2dcaf0297dc9615fd17336cb6c25ec6c0a6338a969b9f76423

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
truncated
/ Frame 9CCF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b744affebfb8d8075c74d66dd9ee9898d59518eef8acb0c25ee4c48fd04d331

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9CCF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQv0GK3TOJuruQ1lptuRe-dGBIVJgWFqZofa8ucJL61xuOOmPmomnsFLIf7WRR8w93jbvW807YQf48_tLic5WR0JIGur7ytGTJouBaCixszBrQNf81HpzglBFAyhqJT01q1I8HHxU5t3kRD-XqCwoAcvU7QTSYTH-EcLM3XUaem_IPvYBqQTMSJQjI9VaXlB4gwTs1aiz89TlEbNcZA_sUBt5kXaOW-uBsDVOGnbfdcY5Gr4ep1p18yGM68DGgFmOOqPdGohDEuo2g_HWaON9J04yKAriflPFdmTKoHm7M1b4O34YX453S6xqWIFRhY1LmZIfg&sai=AMfl-YT_r-La0Q4_zmalzHRMYYQs2kMvRXD5JEmTWYt04_zbY8-W21qSdFg79LV4Os-EF01teLEx8PIjqqUX_gwvAgUQgKn53-5GlCpKgjacOqLoTwCTbnhsGNnh96ghq9DlDRMm7ljtFzSze2-Hqys&sig=Cg0ArKJSzEsRVy-ZZNHCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:39:48 GMT
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6682979504169366&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:48 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.06346815014742213&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:47 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1683044143%2Firgy9c0uaofrwbzl5cts.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 		792 KB
793 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1683044143%2Firgy9c0uaofrwbzl5cts.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
ddeeebadeea81c49fbd6446dbc7419d6e6fd363526d4089494a229122a11447f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=604800
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 06 Sep 2023 12:39:47 GMT
age
2595346
x-cache
HIT, HIT
Content-Range
bytes 0-811010/811011
server-timing
cld-akam;mitm=f;dur=217;cpu=55;start=2023-08-07T11:44:01.278Z;desc=miss,rtt;dur=0,cloudinary;dur=145;start=2023-08-07T11:44:01.332Z
Content-Length
811011
x-backend-name
fastlyshield--shield_cache_iad_kjyo7100167_IAD
x-served-by
cache-iad-kjyo7100167-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 11 Jun 2023 10:52:29 GMT
server
Cloudinary
x-timer
S1694003988.668703,VS0,VE1
etag
"590a9a4fbe4580d1adb8e78e872158c1"
vary
/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1683044143%2Firgy9c0uaofrwbzl5cts.mp4
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
23, 0
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:47:09 GMT
age
67958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57751
x-xss-protection
0
server
sffe
etag
"df3f5bf96724b1a9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:47:09 GMT
block.jpg
delivery.adrecover.com/ 		631 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1694003987588
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 05 Sep 2024 12:39:47 GMT
date
Wed, 06 Sep 2023 12:39:47 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (frc/4CC2)
age
1734263
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
next-up-widget.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36e0d542a26e9291d9a13b1686f8acf7f4499e4b386a7e9387e5e04ad46e4210

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Uj6rnUgvjwYcuHvxp5KuHTjsxEE90fU5
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:47 GMT
x-amz-request-id
YQN8GD9NKG5R3KPE
age
97899
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
HUzG8PTtgYGGG7SJVQ7E+qSOxkkvodV8lcx+TbaskvJ+eyp3kylIDqa4/f0Dr6K2BTOPXvMCcJU=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:28:08 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003988.690029,VS0,VE0
etag
"9668a4b280e1c3ec93ab1607871c6e9c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
14
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
898
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A2529%7D%22%2C%22eventTime%22%3A1694003987687%7D&tim=14%3A39%3A47.687&id=1510&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2218%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A39%3A47.700&id=3502&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Sep 2023 11:52:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Sep 2023 12:39:48 GMT
spa-detector.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db94893653c53b70e0c63bd0b7c24b0cbf802b844f6613001062c7c0725d5b65

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
E.5k2hvExY0HvLe0iU0yoGD_raVTUlHD
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:47 GMT
x-amz-request-id
K2SYPGNMJRJQ3V36
age
97893
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
R5nRigxbCRqhvOm2gH56uv4ZPFP5yJ8je7VAkoWB/faPa7bMXAsOlNtlgLmSymXCUgx9zZNt0WY=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 09:28:15 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003988.750089,VS0,VE0
etag
"658119ffa9cdad090a44b659ec9886c8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5711
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A39%3A47.711&id=7006&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1694003987713%7D&tim=14%3A39%3A47.713&id=1697&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A39%3A47.715&id=1387&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=bdb743fd5af955b04ac65e1e040496de&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003986_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1694003987717%7D&tim=14%3A39%3A47.717&id=8681&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A39%3A47.724&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=821&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60724
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A39%3A47.771&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=1087&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
65005
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQwMDM5ODc4MzQsInBhY2tldElkIjoiMDAwMEE3MDEtZTIwMGFjYzktODgwMi00Y2M0LThkYWItMDlhMWY3YjEyNzY5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2JhYnljaGFuZy1odWEtaHVhLWRlLWJhYnktY2h1YW4tbW8teGlvbmctc2hhLXF1bi1yZW4tbWVpLWdlLXRpYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=8217.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQwMDM5ODc4NDksInBhY2tldElkIjoiMDAwMEE3MDEtZTIwMGFjYzktODgwMi00Y2M0LThkYWItMDlhMWY3YjEyNzY5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2JhYnljaGFuZy1odWEtaHVhLWRlLWJhYnktY2h1YW4tbW8teGlvbmctc2hhLXF1bi1yZW4tbWVpLWdlLXRpYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=8224.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQwMDM5ODc4NTIsInBhY2tldElkIjoiMDAwMEE3MDEtZTIwMGFjYzktODgwMi00Y2M0LThkYWItMDlhMWY3YjEyNzY5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2JhYnljaGFuZy1odWEtaHVhLWRlLWJhYnktY2h1YW4tbW8teGlvbmctc2hhLXF1bi1yZW4tbWVpLWdlLXRpYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=8227.600002288818
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		920 B
533 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1523095062415793&correlator=3947130996590481&eid=31076480&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&arp=1&abxe=1&dt=1694003987861&lmt=1693996787&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1361012700.1694003986&ga_sid=1694003986&ga_hid=1099694063&ga_fc=false&dlt=1694003985160&idt=1026&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_5_0_pv%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
fdeac9787d8c0f1c5c63f5a18f0679a15ecb99182fc375b5f74d3fa6d7f006da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
428
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 19:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
61414
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13570
x-xss-protection
0
server
cafe
etag
8322348364393239614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Sep 2024 19:36:13 GMT
/
onetag-sys.com/usync/ Frame 0032 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
717f5bc2f61bcb0a23dfa75083abfa8211a3c9d79ab2f7a9414ab843e31aee7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1405
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
moxplayer.css
ad.vidverto.io/js/moxplayer/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-cbf7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 06 Sep 2023 13:39:47 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125515
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:39:48 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 06 Sep 2023 13:39:47 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 17:10:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6442c381-edf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 06 Sep 2023 13:39:47 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4dd0d73d5ecadb5b80d3e5a901564b14a90d3436e11f860795ab53098f24b1b7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 12:02:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64ec8cd7-15d84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 06 Sep 2023 13:39:47 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 06 Sep 2023 13:39:48 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		318 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
098edf6f2f040b09a7f932e1824aa3295784a54fd3adf7d53daaf7398052a075

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
gzip
last-modified
Sun, 13 Aug 2023 19:44:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64d93286-4f6c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 06 Sep 2023 13:39:48 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D9af41ca9-4f83-4c5d-822e-ea5e8d26e095%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=9af41ca9-4f83-4c5d-822e-ea5e8d26e095&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=9af41ca9-4f83-4c5d-822e-ea5e8d26e095&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:50 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=9af41ca9-4f83-4c5d-822e-ea5e8d26e095&p_id=23
date
Wed, 06 Sep 2023 12:39:49 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=9af41ca9-4f83-4c5d-822e-ea5e8d26e095&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=9af41ca9-4f83-4c5d-822e-ea5e8d26e095&gdpr=0&gdpr_consent=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-EDLSRng1gTZB3if4x9cvpMUUqMOhgkE5sz093Q&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&p_id=15
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:50 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&p_id=15
date
Wed, 06 Sep 2023 12:39:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
json
gum.criteo.com/sid/ Frame 973C 		417 B
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fdb5c9ca794dd4c7377556b10889c33be4ea625a163fb038f2675cfed1735cb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2244413
expires
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Wed, 13 Sep 2023 12:39:48 GMT
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&tvi2=-2&tvi48=10143&tvi50=10367&lti=deflated&ri=aa90befeac3ed81676658200da1b8737&sd=v2_0e613788feb69354ca80073b857004a2_45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892_1694003986_1694003987_CNawjgYQ2YJdGJj8hdSmMSABKAEwKziy0A1Au4gQSIru3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&pi=/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&wi=-4244389505595948603&pt=text&vi=1694003985944&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1694003987948%7D&tim=14%3A39%3A47.948&id=6352&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
2a98ab7ff8164a733795e04c11855458.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a98ab7ff8164a733795e04c11855458.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0cf03767a5f7fbbb053aecdddab02934093660092b3632eb240ac8217c4c503

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a98ab7ff8164a733795e04c11855458.png
age
2264482
edge-cache-tag
570505452571089158789494023227819054081,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
570505452571089158789494023227819054081,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
757
expiration
expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ibctamil.com/
content-length
25766
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000064-IAD, cache-iad-kcgs7200030-IAD, cache-lax10665-LGB, cache-iad-kiad7000069-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 25 Jul 2023 13:25:33 GMT
server
nginx
x-timer
S1694003988.056092,VS0,VE5
etag
"fa579365cd42002ec079983864a7464d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 7, 1
77c46c6b8c2f70b6452a32dae3cd3200.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/77c46c6b8c2f70b6452a32dae3cd3200.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7b144f52c4b80de46f05d6d67db843a194defbb862b58d6ce1e0cac2451cbfc5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/77c46c6b8c2f70b6452a32dae3cd3200.jpg
age
1908196
edge-cache-tag
544425259838089121093965335705108278617,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
544425259838089121093965335705108278617,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
245
expiration
expiry-date="Wed, 30 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://die-auto-seite.de/
content-length
41924
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200173-IAD, cache-iad-kiad7000130-IAD, cache-sna10724-LGB, cache-iad-kcgs7200105-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 30 Jul 2023 20:19:56 GMT
server
nginx
x-timer
S1694003988.055843,VS0,VE3
etag
"fe1ea1115854cdc78eb8fc4a61858cde"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 5, 1
f3dfc3928883145cfce1980d3287e6c8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3dfc3928883145cfce1980d3287e6c8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab7b0e34ff100b69874009ae95a902e12341c7153b7c2189014a33a031c8430f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3dfc3928883145cfce1980d3287e6c8.jpg
age
3860272
edge-cache-tag
481661454649057562498571776999756631246,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
481661454649057562498571776999756631246,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
225
expiration
expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.freenet.de/
content-length
30296
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200140-IAD, cache-iad-kjyo7100037-IAD, cache-sna10741-LGB, cache-iad-kiad7000094-IAD, cache-fra-etou8220034-FRA
last-modified
Thu, 13 Jul 2023 14:19:24 GMT
server
nginx
x-timer
S1694003988.055650,VS0,VE1
etag
"437a78e4660d15c3799d36f76f281019"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 8, 1
c7c4b18f-8f4f-4f19-97bf-1407dc69d891__MiLoeBft.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c7c4b18f-8f4f-4f19-97bf-1407dc69d891__MiLoeBft.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e90b5fa14fbbf1733a3003f2f3863857c1088062ecc72a9d3c611b9e9295e4c7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c7c4b18f-8f4f-4f19-97bf-1407dc69d891__MiLoeBft.jpg
age
849042
edge-cache-tag
623981130260430897290527351837852872561,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
623981130260430897290527351837852872561,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
119
expiration
expiry-date="Sat, 09 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fcinter1908.it/
content-length
95380
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100112-IAD, cache-iad-kjyo7100112-IAD, cache-lga21983-LGA, cache-iad-kjyo7100032-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 09 Aug 2023 16:53:01 GMT
server
nginx
x-timer
S1694003988.055428,VS0,VE2
etag
"4d36b836f6bfabfc96ea891b7a57a12a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 15, 1
3bc2a47f28c5d2f361ce5e5d3ce1106a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3bc2a47f28c5d2f361ce5e5d3ce1106a.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0eec0a1c04b5faafbc0eb1df1bd2c70d975f16dc34dffbc71549024b46916a29

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3bc2a47f28c5d2f361ce5e5d3ce1106a.jpg
age
2561924
edge-cache-tag
449300709653034125830193480976180326717,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
449300709653034125830193480976180326717,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
261
expiration
expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.desafiomundial.com/
content-length
56752
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000126-IAD, cache-iad-kcgs7200027-IAD, cache-chi-kigq8000051-CHI, cache-iad-kcgs7200130-IAD, cache-fra-etou8220034-FRA
last-modified
Tue, 18 Jul 2023 06:08:41 GMT
server
nginx
x-timer
S1694003988.056107,VS0,VE2
etag
"9901de5abb5d9359f4fd3c7089bd2062"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 1, 1
3582c31c-ceea-4d50-b73e-ee5d4854ed86__dnUX1SeN.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/3582c31c-ceea-4d50-b73e-ee5d4854ed86__dnUX1SeN.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3fad5a5dd07be2f87a9fd5122649adfbf8bbf188582c718fbc00c743cc09362d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/3582c31c-ceea-4d50-b73e-ee5d4854ed86__dnUX1SeN.jpg
age
580629
edge-cache-tag
449141969475674617978752459509472973669,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
449141969475674617978752459509472973669,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
159
expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://haushalt-tipps.com/
content-length
32486
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000143-IAD, cache-iad-kcgs7200042-IAD, cache-lga21950-LGA, cache-iad-kjyo7100113-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 13 Aug 2023 11:23:11 GMT
server
nginx
x-timer
S1694003988.056335,VS0,VE2
etag
"d1afe4a6911e52615951509e2cbf73fa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4, 1
c7a71b0b9ab0365fbabecec7080dc93b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
887692f860423797ae7d8f9503ef4b3a311099c37a1256309f0f4d96f2bade5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
age
1980270
edge-cache-tag
480919811498816728279671218586071676573,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
480919811498816728279671218586071676573,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
229
expiration
expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.taste.com.au/
content-length
9208
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000126-IAD, cache-iad-kjyo7100071-IAD, cache-lax10638-LGB, cache-iad-kiad7000047-IAD, cache-fra-etou8220034-FRA
last-modified
Thu, 20 Jul 2023 02:08:12 GMT
server
nginx
x-timer
S1694003988.473175,VS0,VE2
etag
"562598fe80037f6933aaefdb345090ff"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 6, 1
de259ba15d93a59e829b923bf847a541.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de259ba15d93a59e829b923bf847a541.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9268a4ccc0f58e4922efb6a46e00e07f46fc0a17c28e5d85db0845e60fbd1be1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de259ba15d93a59e829b923bf847a541.png
age
3126002
edge-cache-tag
573932594473799381503710613741249156872,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
573932594473799381503710613741249156872,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
247
expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.derwesten.de/
content-length
134620
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200141-IAD, cache-iad-kjyo7100144-IAD, cache-chi-kigq8000041-CHI, cache-iad-kjyo7100050-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 12 Jul 2023 19:48:26 GMT
server
nginx
x-timer
S1694003988.473164,VS0,VE3
etag
"d1e76ce815232ab64d3eb8189906e416"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 7, 1
12dbedfb2ad5ed9f6fdad03567058d94.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12dbedfb2ad5ed9f6fdad03567058d94.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a4aa020db7a1b98f01198363ebcd03a86c1b31413a4a84421356828aeb6b0b69

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12dbedfb2ad5ed9f6fdad03567058d94.jpg
age
3737473
edge-cache-tag
425218526734943811588898177933740358873,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
425218526734943811588898177933740358873,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
304
expiration
expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ouest-france.fr/
content-length
26066
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100057-IAD, cache-iad-kjyo7100074-IAD, cache-chi-klot8100024-CHI, cache-iad-kiad7000064-IAD, cache-fra-etou8220034-FRA
last-modified
Wed, 19 Jul 2023 16:58:19 GMT
server
nginx
x-timer
S1694003988.473168,VS0,VE1
etag
"2446935fd82e803e3ff7711e04b9d1aa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 2, 1
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQwMDM5ODc4MzQsInBhY2tldElkIjoiMDAwMEE3MDEtZTIwMGFjYzktODgwMi00Y2M0LThkYWItMDlhMWY3YjEyNzY5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2JhYnljaGFuZy1odWEtaHVhLWRlLWJhYnktY2h1YW4tbW8teGlvbmctc2hhLXF1bi1yZW4tbWVpLWdlLXRpYW4uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=8336.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
st
imprammp.taboola.com/ Frame BCE1 		577 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&cmcv=&pix=undefined&cb=1694003987986&uv=3334&tms=1694003987986&abt=adxLoadDist5-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9398f89c-6f45-4cf9-828d-d02fe3a10d79&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15880272690a0fdf7156b05ea220c892d14ae24318588b4710c6afa71daf8fec

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 06 Sep 2023 12:39:48 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220034-FRA
x-timer
S1694003988.056848,VS0,VE9
sync
am-match.taboola.com/ Frame 6C58 		422 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4caf622c5d61991ad9822724ead4741638bc790cede2bdb739a87b194f8aca67

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 06 Sep 2023 12:39:48 GMT
machineid
3406
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694003988006&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1548&pt=-902115064&tz=120&viewable=true&ddast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vC!nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1470
x-cache
MISS
x-served-by
cache-fra-etou8220034-FRA
pragma
no-cache
server
nginx
x-timer
S1694003988.056535,VS0,VE118
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&cmcv=&pix=31589837&cb=1694003987986&uv=3334&tms=1694003987986&abt=adxLoadDist5-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1694003979625.6!ts:1694003987986&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-length
0
server
nginx
https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1683044143%2Firgy9c0uaofrwbzl5cts.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 		189 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1683044143%2Firgy9c0uaofrwbzl5cts.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=604800
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 06 Sep 2023 12:39:48 GMT
age
2595347
x-cache
HIT, HIT
Content-Range
bytes 0-811010/811011
server-timing
cld-akam;mitm=f;dur=217;cpu=55;start=2023-08-07T11:44:01.278Z;desc=miss,rtt;dur=0,cloudinary;dur=145;start=2023-08-07T11:44:01.332Z
Content-Length
811011
x-backend-name
fastlyshield--shield_cache_iad_kjyo7100167_IAD
x-served-by
cache-iad-kjyo7100167-IAD, cache-fra-etou8220034-FRA
last-modified
Sun, 11 Jun 2023 10:52:29 GMT
server
Cloudinary
x-timer
S1694003988.498795,VS0,VE1
etag
"590a9a4fbe4580d1adb8e78e872158c1"
vary
/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1683044143%2Firgy9c0uaofrwbzl5cts.mp4
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
23, 0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 2D03 		714 B
614 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
6001
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8026c6dd5e8c83b4-MXP
content-encoding
br
content-type
text/html
date
Wed, 06 Sep 2023 12:39:48 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UPUDEIuViKtJJgawylw27Ylyhhvt%2BsOHJbY2ekcwTWkZwA%2FPzKEWhwT5s028QDZi0vWqH7RkNiTY%2F4gKsY3%2BhJrpzkBQ9VPGhlhppYPbaO1sGuP1JluXSHv8rtf1IF83g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A512
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Sep 2023 12:39:49 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 06 Sep 2023 12:39:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a863c8e9-b758-32d6-aeea-a05489dddc9a?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-8bLE3I1E2oUtB4TjYTuIr.U6K6O4ikOckbRaE_Y-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Wed, 06 Sep 2023 12:39:50 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 13 Sep 2023 12:39:49 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:30 GMT
age
67998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32129
x-xss-protection
0
server
sffe
etag
"d5ab003501cb3fb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:30 GMT
nameframe.html
d-3017157876154211517.ampproject.net/2308242321000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-3017157876154211517.ampproject.net/2308242321000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230906
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d14370d8d574bf30a1d21b69e1e90caf8804d36cba5593740fe77176ce906e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31130
x-jsd-version
1.0.1804
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4531-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63a-Va6EQMUcqmQ+5irAM52SSw6C7Tc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8X5wwoJqB4UU3gAAsCxeGaOIZ0mo2PjkIwj5yxuJpyUYA0YWQTsoyulKRGOtNi8kHkAnuWGlqX9PAIgtyrEuYKvZaG4kC7BU7iTLe9I7p8afO46wYlBitBQJAi7UbmGiG2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8026c6e63aa35232-MXP
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
69
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
bid-request
a.teads.tv/hb/ 		2 KB
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3dc2167430813a9e3e0e8fc576a71667bacf62c31a747956b601949c0bc452e9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
433
expires
Wed, 06 Sep 2023 12:39:49 GMT
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8026c6e18a63babe-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebidjs
rtb.openx.net/openrtbb/ 		15 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4a888d2c93083d09f25c598cd8eaeb2aa7a7e66bcc4ec74cbf47ce8161ee90bf

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=79099864847&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f3e8d92fd4a698212364aef66e6d5b57030239e7bef444001a2d42064ac2df1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
c
prebid.a-mo.net/a/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 06 Sep 2023 12:39:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
hbjson
grid.bidswitch.net/ 		18 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.75.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-75-174.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3da694ad751f1f8b79b509f0db0068dbaadd4bbdc413424c4ea3288a46c3a450

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 06 Sep 2023 12:39:49 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
13741
pbjs
htlb.casalemedia.com/openrtb/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93e720e50ba0722600302b85aa2e1e271e3af6c5343e6d5738aac77a7248b054

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lB%2FmT6QbRk8aEye3KbE9BtgZELetbbZ6csgiZwFYVoI5%2BJnjhd7RVRg8xkKPufE58VpxC9e03HOIRy2gvibAD9%2FXZ%2B0CuOsRaEvY5Q1HYnEoWx%2Fg3nPMX6m9XHRTiiAP8%2FiF9CHa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8026c6e17f1c0208-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19590831a8ec270569fcf2fb23a9929868626e50cb56d4820bb92abbd214b7c2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QbAv14TA0nsEnOOc7ceNI93w6tsq4Gsuem%2B2Xc1ssIOM2usQifoIUlJ6xR6PM%2FWgL5hACWMuqcONDtChHcJn1OtHaVSUq%2B9xWCjp9goGFiWl6EyOcgW1sOoJfi6hADkBz3Qa6%2FM"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8026c6e17f200208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
830d7cfcf47642ce668da485d35f95bf47aee7812377b060eccbe2832c2b6b28
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
an-x-request-uuid
01754a0c-18e4-471b-a627-9c32e8f05baa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
92.104.24.181; 92.104.24.181; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7aa0a0674a9722328b7907a6b1caf70fe8374b88ecf7f1f807fa5ee298079da3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 06 Sep 2023 12:39:48 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
d190e5ee9a93fda75bc50b88fc5b432c58d548dd159dbcd735582457a15a260b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=94266cc5-d6dd-4a8d-b5d3-27bb7531b154%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8Cbaby%E5%94%B1%E3%80%8A%E7%95%AB%E7%95%AB%E7%9A%84baby%E3%80%8B%E7%A9%BF%E6%8A%B9%E8%83%B8%E7%B4%97%E8%A3%99%E4%BA%BA%E7%BE%8E%E6%AD%8C%E7%94%9C&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=c1dd1d1d-26aa-414d-bcbe-a668412a93ba&l_pb_bid_id=38c183a44e16eca&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c1dd1d1d-26aa-414d-bcbe-a668412a93ba&rp_maxbids=1&slots=1&rand=0.35164181671906336
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.45 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f6739ff8ecd4e27a3c740935879905d3ec308dd70fa0b81203fa5dc2dc410e27

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.98.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-98-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status
29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adreq
ads.servenobid.com/ 		981 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10009
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.60.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-60-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2524 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4e6e179a51d9332a0e36a1b221d83cdbf8151ae3ea6541031bc0c0e1b86d7e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7892
x-xss-protection
0
server
cafe
etag
15470366872441598997
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:49 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2D03 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
5dc9635c4b6ab7b0af2c16246c815907666dd266e45927855431d513dbd5a715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28990
x-xss-protection
0
server
cafe
etag
486 / 19606 / m202308310101 / config-hash: 15008231380658717738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:48 GMT
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
1164098
edge-cache-tag
461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
696
req-referer
https://www.newshub.co.nz/
content-length
7746
x-request-id
f00da37abc7fb987ab04b5aad08798f0
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100142-IAD, cache-iad-kiad7000088-IAD, cache-lax10624-LGB, cache-iad-kcgs7200049-IAD, cache-fra-etou8220034-FRA
last-modified
Thu, 10 Aug 2023 14:24:09 GMT
server
nginx
x-timer
S1694003989.884482,VS0,VE1
etag
"d0128170b80ae3f72d7f0bc017645d98"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92b6509860512f6d249439e8a2b559c5334d94187d276ea02b245d528e3870d1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age
1906212
edge-cache-tag
486431112865747330230722196242728132931,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
486431112865747330230722196242728132931,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
95
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.livedoor.com/
content-length
6140
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000027-IAD, cache-iad-kiad7000169-IAD, cache-lga21955-LGA, cache-iad-kcgs7200051-IAD, cache-fra-etou8220034-FRA
last-modified
Sat, 15 Jul 2023 22:51:17 GMT
server
nginx
x-timer
S1694003989.884084,VS0,VE1
etag
"d556883197025a9ed2665876d1876378"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 26, 1
a71d19d6d69a442f32e9b865e179a371.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a71d19d6d69a442f32e9b865e179a371.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a7facafe798ac576bfa5f04527fe5643cdcf7b44d85791436d250202c093b0d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a71d19d6d69a442f32e9b865e179a371.png
age
3893519
edge-cache-tag
437747415411460778181372016885891650588,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
437747415411460778181372016885891650588,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
109
req-referer
https://www.savannahnow.com/
content-length
3044
x-request-id
814da1efe08821d50ff53794fbc158f6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000152-IAD, cache-iad-kiad7000107-IAD, cache-chi-klot8100069-CHI, cache-iad-kiad7000156-IAD, cache-fra-etou8220034-FRA
last-modified
Sat, 01 Jul 2023 16:31:05 GMT
server
nginx
x-timer
S1694003989.884073,VS0,VE1
etag
"a37517d45d055abded62a094f8804f35"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 15, 1
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=-2&tvi48=10143&tvi50=10367&route=AM%3AIL%3AV&lti=deflated&bulkSize=20
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
109
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
69284
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220034-FRA
pragma
no-cache
server
nginx
x-timer
S1694003988.420898,VS0,VE109
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 7A22 		714 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
6001
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8026c6dfd9de83b4-MXP
content-encoding
br
content-type
text/html
date
Wed, 06 Sep 2023 12:39:48 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTm37CvvH5NunDeKxvhi6fMwA3JPF4v5gZNjqqvB69%2F9WnFPMKYMNMLHUnDv2pbYPhGyIeSkLdlQ6T1xMkDXJCZdcqa1TJhdVSWT2Ivu2BN6ii3cPuZjnqbNqf1CDpo2TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D294
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Sep 2023 12:39:49 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 06 Sep 2023 12:39:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
pd
google-bidout-d.openx.net/w/1.0/ Frame 1734 		572 B
800 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c2120aa7bc0a5cc7185a7607816e12ea56c52ac06a67708e6653012c18c18e56

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
374
content-type
text/html
date
Wed, 06 Sep 2023 12:39:49 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
img
sync.mathtag.com/sync/ Frame 0032 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x28 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:48 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x28 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 06 Sep 2023 12:39:47 GMT
/
onetag-sys.com/match/ Frame 0032
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LM7Q8JER-4-9T0D&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LM7Q8JER-4-9T0D&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LM7Q8JER-4-9T0D&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
/
onetag-sys.com/match/ Frame 0032
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2825018790679395221
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2825018790679395221
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
an-x-request-uuid
760af499-5c27-42f9-a886-cd58a461bafe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2825018790679395221
x-proxy-origin
92.104.24.181; 92.104.24.181; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0032 		42 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0032
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimqAxuCWL3Z-WVdl0eqZcavk7DQEFQI0oQ
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimqAxuCWL3Z-WVdl0eqZcavk7DQEFQI0oQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABimqAxuCWL3Z-WVdl0eqZcavk7DQEFQI0oQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 0032
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=5128187030614505374
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=5128187030614505374
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=5128187030614505374
date
Wed, 06 Sep 2023 12:39:48 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 0032 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 0032
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Sep 2023 12:39:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N2EWPTHKB0R7309ENG1C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 0032
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZGMzM4MjUtQTE0Qi00M0ExLUI3MDgtQzg1RTVDNTM0RUUz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=26F33825-A14B-43A1-B708-C85E5C534EE3
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=26F33825-A14B-43A1-B708-C85E5C534EE3
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=26F33825-A14B-43A1-B708-C85E5C534EE3
date
Wed, 06 Sep 2023 12:39:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 0032
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAXwq2gz892y2ec3kDAsAP4&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAXwq2gz892y2ec3kDAsAP4&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAXwq2gz892y2ec3kDAsAP4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 0032
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-IeQod0NE2uF5Lc0.e3rhuSd6CqHKGJXWQmUyx8g-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-IeQod0NE2uF5Lc0.e3rhuSd6CqHKGJXWQmUyx8g-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-IeQod0NE2uF5Lc0.e3rhuSd6CqHKGJXWQmUyx8g-~A
date
Wed, 06 Sep 2023 12:39:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 0032 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
onetag-sys.com/match/ Frame 0032
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&google_hm=YjRiODNkNWEtZmM3OC00YmY2LWE3OTgtZjE5YTRiNzc5NTdk
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIaGzBHwpCf63ObRFcRw7nw&google_cver=1&ssp=onetag&bsw_param=b4b83d5a-fc78-4bf6-a798-f19a4b77957d
  • https://onetag-sys.com/match/?int_id=30&uid=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 06 Sep 2023 12:39:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ad.mox.tv/delivery/v2/ Frame 0032
Redirect Chain
  • https://ad.mox.tv/delivery/sync?userid=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo&p_id=5
  • https://ad.mox.tv/delivery/v2/sync?userid=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo&p_id=5
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/v2/sync?userid=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo&p_id=5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
175.110.113.205 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-205.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.mox.tv/delivery/v2/sync?userid=LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo&p_id=5
date
Wed, 06 Sep 2023 12:39:49 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
194
content-type
text/html
googleanalytics.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		2 KB
967 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:46 GMT
age
67982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"13417016125ec007"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:46 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7333
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Sep 2023 10:37:36 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2ByT6%2FPSsoUJ2T4H2glvcwyRwDqPwlaWft8eluOOLveVGaGbUxjVwRx4qgJUqhqgELUL4NP%2BAc7Hk0BAfMujC%2By%2B78WUw1JUPajgPRrf08zau63EkKMj4eht7YiDbITRW9yfImBsAWBZ9rye%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
8026c6e63f0fbbef-FRA
gtag.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:34 GMT
age
67994
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"2053776e7f80c73d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:34 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_3_4/infra/ 		880 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693922380
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEQYM4MR0ZRP5J1
age
81481
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922381
x-amz-meta-mode
33188
content-length
147123
x-amz-id-2
EBlzWPD6iKqbOB4H1z5wHohK8Wh0TTibYEfCs5fBpD2xxbylSU0TWKUB2Q0mV8JFlBxT6dJUGQc=
x-served-by
cache-fra-eddf8230099-FRA
last-modified
Tue, 05 Sep 2023 13:59:42 GMT
server
AmazonS3-br
x-timer
S1694003988.473439,VS0,VE0
etag
"38ea6c5249cc72e909660623b02bf7b8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
82042
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_4/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693922399
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEY0CJZ5CP448HD
age
81481
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922400
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
gVazDaezCRHQYY8kPxJDod2jVIgirHImf1myU/cjbP0xNs8QizH4a+tId0Tt1JKOHSNppWVNwEE=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Tue, 05 Sep 2023 14:00:01 GMT
server
AmazonS3-br
x-timer
S1694003988.498795,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
92681
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 509F 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0a404d4a65524c3aefca587e9525cbc640805c0be1c7631aa1619472c38f2cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7910
x-xss-protection
0
server
cafe
etag
8512221806048050508
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:49 GMT
generic
match.adsrvr.org/track/cmf/ Frame BCE1 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&cmcv=&pix=undefined&cb=1694003987986&uv=3334&tms=1694003987986&abt=adxLoadDist5-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9398f89c-6f45-4cf9-828d-d02fe3a10d79&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892
pr-bh.ybp.yahoo.com/sync/taboola/ Frame BCE1 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&cmcv=&pix=undefined&cb=1694003987986&uv=3334&tms=1694003987986&abt=adxLoadDist5-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9398f89c-6f45-4cf9-828d-d02fe3a10d79&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.175.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-175-116.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 8D83 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&cmcv=&pix=undefined&cb=1694003987986&uv=3334&tms=1694003987986&abt=adxLoadDist5-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9398f89c-6f45-4cf9-828d-d02fe3a10d79&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Sep 2023 12:39:49 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ Frame 2D03 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 09:56:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
9769
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Sep 2024 09:56:59 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7A22 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ce726270d66899efe6499167ae27f8bfbe6c8c908c81b6a725f1fd98dc132e4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28989
x-xss-protection
0
server
cafe
etag
74 / 19606 / m202308310101 / config-hash: 15008231380658717738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:48 GMT
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1778857
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-etou8220034-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1694003989.904253,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
176816
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/ 		448 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693904460
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HYK8AJ9H52WB6KA4
age
99479
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693904472
x-amz-meta-mode
33188
content-length
86274
x-amz-id-2
t1lNyGed3NAQ57eXbmNV3qVCMiGjwwYQ92oCZvFfitu9WKbobo/2tqpNuGO2BTlGE6TqMOiZWNA=
x-served-by
cache-fra-eddf8230099-FRA
last-modified
Tue, 05 Sep 2023 09:01:13 GMT
server
AmazonS3-br
x-timer
S1694003989.921732,VS0,VE0
etag
"e792bcdfdedece52c8d382e55db7d6bd"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
38890
sync
am-match.taboola.com/ Frame 2430 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
15880272690a0fdf7156b05ea220c892d14ae24318588b4710c6afa71daf8fec

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 06 Sep 2023 12:39:48 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&cmcv=&pix=31579697&cb=1694003988763&uv=3334&tms=1694003988763&su=3&abt=adxLoadDist5-out_vC!nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Wed, 06 Sep 2023 12:39:49 GMT
via
1.1 6c19750e796252a348d1690986c10426.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FCO50-P1
age
2602277
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-etou8220034-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1694003989.281179,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
z8uBX5rs5yx079LlNzOhRt0m40lBcgssXUNlz-RDQ6Zqn78U46CZIg==
x-cache-hits
632280
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:48 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
3203
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1694003989.947163,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
40
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
15638
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Wed, 06 Sep 2023 12:39:48 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
11893
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694003989.947154,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
93
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
20684
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 06 Sep 2023 12:39:48 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
22346
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220034-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1694003989.947139,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
47
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
13618
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ Frame 7A22 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 09:56:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
9770
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Sep 2024 09:56:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2D03 		492 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1740722667376145&correlator=2471366685315733&eid=31076398%2C31076474&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694003988899&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=bkkv813c98un&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qNGbb2NZKBWcpt3R0kH2SIYLZ1733ufXcOyzPQy126AHf6Lo9J5vkq7Swz6jrp-dLE4DfnqngUvCifBUDSEswHEtPQKKo-ueLTwLjzCqu1OYW_MnN7QtAQdtM26KpLKkxjRwAh93Q9Mbb42tVRfS_IyRuTw2GM5u9fSmg&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=303067411.1694003989&ga_sid=1694003989&ga_hid=1167899516&ga_fc=false&dlt=1694003988205&idt=671&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
9d054aeb66b3f6357d6e9cd4caa3f9452586393a09c25867f4f70cb85752bb9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2D03 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f57635be1ff1dd03006902842b90cac34f4960ad3bb09c0341ce66c9f23c1b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11741
x-xss-protection
0
container.html
a2efcd6d92f8c72da0402e7aedaff86e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB18 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a2efcd6d92f8c72da0402e7aedaff86e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:49 GMT
expires
Thu, 05 Sep 2024 12:39:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 6C58 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6C58 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.175.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-175-116.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 6C58 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.83.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-83-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 06 Sep 2023 12:39:49 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f8976756fa4615ea059fb7d74a726ab8ec00c7267b3fdc298222057fc8a5a732

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=94266cc5-d6dd-4a8d-b5d3-27bb7531b154%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8Cbaby%E5%94%B1%E3%80%8A%E7%95%AB%E7%95%AB%E7%9A%84baby%E3%80%8B%E7%A9%BF%E6%8A%B9%E8%83%B8%E7%B4%97%E8%A3%99%E4%BA%BA%E7%BE%8E%E6%AD%8C%E7%94%9C&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=4f15be43-7ffb-4678-9b83-5a9a9ef6b579&l_pb_bid_id=574df71f88eacf9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4f15be43-7ffb-4678-9b83-5a9a9ef6b579&rp_maxbids=1&slots=1&rand=0.6337067741459799
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.45 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e2f23562d61e03fab22531ee2a105c9ccbc6568980dd98e6a0ed697daa1873c6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.98.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-98-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a116220b9a9ce591808be588c314e923075890cf19e6599c952c2d48539a139

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z9GGf8Aqg%2BXSTpiBk7Y7SaSTqzUe2rg965HKalq%2FobgTCsEyD%2FT46pz6icnOfwFWMehw8CrLpJJ27V3JeBS%2FGunHvnJP6UJPfa2wVERvFeLFAMqi74kHJ9KWwUd5dz1RYad9IOt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8026c6e44aa10208-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0615a2b759f699319d17f1cb6e6908155c123d27d3e3caa013d9e1938a650803

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KK%2FKb%2B0SRAggl8ESlwnWEqy%2FnYAP%2Fojkdrk7gSiR1pq7oxvHFzaIUj7kZ8Umds7H1ELQjrXu5CmJ63SrfTB3bUpc4cZ0G%2Bf6wA%2BldmvbwAiav5bGOcB%2FKQ2c0g4fyllhMopBmGo3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8026c6e44aa40208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0615a2b759f699319d17f1cb6e6908155c123d27d3e3caa013d9e1938a650803

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBhOuHNRQXjq%2BLk7vBYWGu%2F9v3kloE32XM9gj1ocfRAAhqksCD%2FBAtMKtoyCVSz%2FP2Q4Rnnpjpj2T%2Fgpi9S9dpL3LbV9zcmA8T8nFFUYBndTuxusVTYe4sX%2F%2BMNjJa5KjsQIVW9h"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8026c6e44aa50208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44ebee3b9116cb0adb51da2239ec48807b956c75a0cc7c59f30a1a6dede10cbb

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 06 Sep 2023 12:39:49 GMT
adreq
ads.servenobid.com/ 		981 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10948
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.60.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-60-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 06 Sep 2023 12:39:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
3
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d71087864680e6be972df84bd1e7cb50033c4856227ef82f1403e028282f0e96

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 06 Sep 2023 12:39:49 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=1169662086&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f6ac16a68c394818b96de5f16021ac8088ff5b44c5ec7a5e4385678fdc418786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7a76c46638f95708e0bb2ce03a583be463402cdd273e0f4fbfe9ab5ef5281acf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
an-x-request-uuid
897808b5-7d1d-4c5d-a242-bf5d2d6420b2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
92.104.24.181; 92.104.24.181; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.75.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-75-174.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c7352d47a83787b5554a492d3747ff944766ae3dfdeb5c742c72d304cbba6b86

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 06 Sep 2023 12:39:49 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
9359
/
prebid.smilewanted.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8026c6e4c865babe-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
generic
match.adsrvr.org/track/cmf/ Frame 2430 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 2430
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RZCNM.hE2oQBmuzD3H9ZDPc4tB.Y1ZPlknox0g--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RZCNM.hE2oQBmuzD3H9ZDPc4tB.Y1ZPlknox0g--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
57641

Redirect headers

date
Wed, 06 Sep 2023 12:39:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RZCNM.hE2oQBmuzD3H9ZDPc4tB.Y1ZPlknox0g--~A
content-length
0
usync.html
eus.rubiconproject.com/ Frame 2DBD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Sep 2023 12:39:49 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-50.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvYmFieWNoYW5nLWh1YS1odWEtZGUtYmFieS1jaHVhbi1tby14aW9uZy1zaGEtcXVuLXJlbi1tZWktZ2UtdGlhbi5odG1s.json
cdn.adpushup.com/42753/ 		555 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvYmFieWNoYW5nLWh1YS1odWEtZGUtYmFieS1jaHVhbi1tby14aW9uZy1zaGEtcXVuLXJlbi1tZWktZ2UtdGlhbi5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-200.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Wed, 06 Sep 2023 12:39:49 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=89, ak_p; desc="1694003989280_1600468676_110772492_9387_974_38_0_219";dur=1
content-length
555
expires
Wed, 06 Sep 2023 13:39:49 GMT
sd
eu-u.openx.net/w/1.0/ Frame 1734
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4126843277910630446
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4126843277910630446
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4126843277910630446
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1734
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8b57a9e4-3f8e-c306-33dd-e60d87def8c8
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8b57a9e4-3f8e-c306-33dd-e60d87def8c8&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8b57a9e4-3f8e-c306-33dd-e60d87def8c8&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Sep 2023 12:39:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MSFZGS4MTPBHAS1ACP4R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 06 Sep 2023 12:39:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PD8CWKVRY94Q3H9NST7G
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8b57a9e4-3f8e-c306-33dd-e60d87def8c8&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 1734 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d381d599-2324-78fc-f3d3-649aefed3328&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1734 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmZlZTA2NTMtZWE1My0yNjU4LWU2MzMtM2UyMzI1MGZmZDQ4
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1734
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEITZN6uLikZXVX4vmjc5Yno&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEITZN6uLikZXVX4vmjc5Yno&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEITZN6uLikZXVX4vmjc5Yno&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2D03 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 12:39:49 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F4F4 		603 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1970043339420932615&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3389&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=670009431&ga_hid=1099694063&dt=1694003988588&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&bdt=3428&dtd=28&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7A22 		492 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1577254494266146&correlator=1324047417794513&eid=31077098%2C31077366%2C31077617%2C20222283&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694003989477&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=67k5txjf77e2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qNGbb2NZKBWcpt3R0kH2SIYLZ1733ufXcOyzPQy126AHf6Lo9J5vkq7Swz6jrp-dLE4DfnqngUvCifBUDSEswHEtPQKKo-ueLTwLjzCqu1OYW_MnN7QtAQdtM26KpLKkxjRwAh93Q9Mbb42tVRfS_IyRuTw2GM5u9fSmg&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1820188419.1694003989&ga_sid=1694003989&ga_hid=629415891&ga_fc=false&dlt=1694003988514&idt=893&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
cb1ceef98fa2ac672235b331fb3a3ef695384f97a19f1a5e983ea85919ad7cf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7A22 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
19d0fc8cbad4484b9867c192567befc7fdd9945fe88ea19ab5bdaf288be5b668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11750
x-xss-protection
0
container.html
59bb09cd39c83dd241c255c34c1f4719.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 17CD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://59bb09cd39c83dd241c255c34c1f4719.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:49 GMT
expires
Thu, 05 Sep 2024 12:39:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		263 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d17931f348c967a2a275b03583aec9173a25ddc47312e22e4319fa31f6023c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89306
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 06 Sep 2023 12:39:49 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-50.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
prebid-request
onetag-sys.com/ 		15 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
usync.js
eus.rubiconproject.com/ Frame 8D83 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a81df12eec9252f6dbb1dc8159a85a8f21218f7cd7f022cd702a4951ff13bb1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 20:43:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29058
Connection
keep-alive
Content-Length
10124
Expires
Wed, 06 Sep 2023 20:44:07 GMT
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230099-FRA
date
Wed, 06 Sep 2023 12:39:49 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=baby%E5%94%B1%E3%80%8A%E7%95%AB%E7%95%AB%E7%9A%84baby%E3%80%8B%20%E7%A9%BF%E6%8A%B9%E8%83%B8%E7%B4%97%E8%A3%99%E4%BA%BA%E7%BE%8E%E6%AD%8C%E7%94%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-NTz6VoVpGmsq7B0eIINYiw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.03394200709323503&gjid=0.08843012751460555&_r=1&a=9431&z=0.37832766714777777&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2524 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4dd6d3fb96e9f10b174a4681a7a6d585e81ea7bf92424b4096c358ebeeb27193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51037
x-xss-protection
0
server
cafe
etag
13846336400485905126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:49 GMT
usync.js
eus.rubiconproject.com/ Frame D294 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a81df12eec9252f6dbb1dc8159a85a8f21218f7cd7f022cd702a4951ff13bb1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 20:43:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29058
Connection
keep-alive
Content-Length
10124
Expires
Wed, 06 Sep 2023 20:44:07 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:49 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 06 Sep 2023 13:39:49 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:50 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame 1755 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
20451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 06:58:59 GMT
expires
Thu, 05 Sep 2024 06:58:59 GMT
last-modified
Wed, 30 Aug 2023 15:21:00 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Sep 2023 12:39:50 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D36C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 11:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 06 Sep 2023 12:47:40 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=i3Xut0Niw0CLCnwnrGkMxTYwCFkNFW%2BSjgEYmLFDJH24u%2FikB7E0e5NgGEJLa613lvxz0AaVKouuiTAdVf3Ifv05R8rD14io364n5XUXSD%2FeV02jTrzuw4uXXB7xf7eyXjYHsteLnSo4CsV%2B0KjhYaIpgOlfgQ5lZyV5b3zM%2FMXBSCGmRbWBvTqkbxyH0aMisOd6xpG%2FjZyouo%2B9fVRyE6m7o1rOA5%2FJxNCt4SwSj2GR23GPgrUU0cYAeB3LtdZzfFwAizFc%2BC%2BM2tIygGWO3HYCpKTs1AaoR%2Br64C%2B%2FvNOsVJPtNJFOwhk6JQZTvuZzuepCqGBGdBPDSZuHf3YRHZGZo6%2FfRPy%2BkqQFC4T0rCt39SqMjpyZbQ3YoHQtWUC2Oui16T1Vt5eiwg7axd6%2Fe40vb6gGTty2G3M0NFLWs%2FVVEVHn6uH0fGqDZz6%2BvoRxMEg780G5Cjak1wcDq4eJ0N4qiUctuPlXGny8TT0zKO4tVhmE9ooQeugisU0DtLBp6xiGdKXOhNNG7f9AEEV47SbZBekTHnT%2F9MFqOElwwulQWm8i6yblLEo6z7rEPh9r
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame A512 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a81df12eec9252f6dbb1dc8159a85a8f21218f7cd7f022cd702a4951ff13bb1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 20:43:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29057
Connection
keep-alive
Content-Length
10124
Expires
Wed, 06 Sep 2023 20:44:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 509F 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
456df2365d34880a70f6d13e7e5fcfce71299bcc47f787ee2b40d683ce8e7811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51036
x-xss-protection
0
server
cafe
etag
16972772825619434939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:50 GMT
usync.js
eus.rubiconproject.com/ Frame 2DBD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a81df12eec9252f6dbb1dc8159a85a8f21218f7cd7f022cd702a4951ff13bb1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 20:43:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29057
Connection
keep-alive
Content-Length
10124
Expires
Wed, 06 Sep 2023 20:44:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7A22 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 12:39:50 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:39:50 GMT
cache-control
no-store
server
nginx
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9iYWJ5Y2hhbmctaHVhLWh1YS1kZS1iYWJ5LWNodWFuLW1vLXhpb25nLXNoYS1xdW4tcmVuLW1laS1nZS10aWFuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS1lMjAwYWNjOS04ODAyLTRjYzQtOGRhYi0wOWExZjdiMTI3NjkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYTJiZmJiMTctODk1ZS00YzUzLWI1OTQtMzE4NTczMGQyNTlmIiwidGltZU9mQXVjdGlvbiI6MTY5NDAwMzk4ODE0NiwiYmlkcyI6W3siY3BtIjowLjA0LCJhZElkIjoiOTcxMmU0MjE3N2Q0NWM4Iiwib3JpZ2luYWxDcG0iOjAuMDQsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwNCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NjM1LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDAwMzk4OTU5MX0seyJjcG0iOjAuMDk3MDA1NjQyOTUwNTM0ODIsImFkSWQiOiI5OWUxMGFmYmVmMjRiODgiLCJvcmlnaW5hbENwbSI6MC4wOTcwMDU2NDI5NTA1MzQ4MiwiYmlkZGVyIjoiY3JpdGVvIiwicmV2ZW51ZSI6MC4wMDAwOTcwMDU2NDI5NTA1MzQ4MiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6Nzg0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDAwMzk4OTc1M30seyJjcG0iOjAuMDYsImFkSWQiOiIxMDAxMzY1ZGIwODViYTZmIiwib3JpZ2luYWxDcG0iOjAuMDYsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA1OTk5OTk5OTk5OTk5OTk5NSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6ODEwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDAwMzk4OTc2MH0seyJjcG0iOjAuMDI0NDAzNSwiYWRJZCI6IjEwMTZlZjY2MThjYTZiMDciLCJvcmlnaW5hbENwbSI6MC4wMjg3MTAwMDAwMDAwMDAwMDMsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDAyNDQwMzUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjEyNDQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDAzOTkwMjIxfV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImNyaXRlbyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiOTllMTBhZmJlZjI0Yjg4IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA5NzAwNTY0Mjk1MDUzNDgyfV0sImNvdW50cnkiOiJDSCJ9&c_b=10599.70000076294
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:50 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9iYWJ5Y2hhbmctaHVhLWh1YS1kZS1iYWJ5LWNodWFuLW1vLXhpb25nLXNoYS1xdW4tcmVuLW1laS1nZS10aWFuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS1lMjAwYWNjOS04ODAyLTRjYzQtOGRhYi0wOWExZjdiMTI3NjkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6Ijg2ZGNlZmZhLWNlYzAtNGQ3MS04OTQwLTU5NzQyY2VlZTBhMiIsInRpbWVPZkF1Y3Rpb24iOjE2OTQwMDM5ODgwOTEsImJpZHMiOlt7ImNwbSI6MC4wMSwiYWRJZCI6Ijg5M2MyYzQzZWVjNzE5MiIsIm9yaWdpbmFsQ3BtIjowLjAxLCJiaWRkZXIiOiJvcGVueCIsInJldmVudWUiOjAuMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjgzNiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQwMDM5ODg5Mzh9LHsiY3BtIjowLjA0LCJhZElkIjoiOTBhMjI2NDJiYzJmNGRiIiwib3JpZ2luYWxDcG0iOjAuMDQsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwNCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6ODczLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDAwMzk4ODk4MX0seyJjcG0iOjAuMDQsImFkSWQiOiI5MWYxMGIwZWEzYTcyMWMiLCJvcmlnaW5hbENwbSI6MC4wNCwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo4NzQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDAzOTg4OTgyfSx7ImNwbSI6MC4xLCJhZElkIjoiOTJlMTFmNDMyMTcyZGFmIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjEwNTEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDAzOTg5MTUwfSx7ImNwbSI6MC4xLCJhZElkIjoiOTM3ZWJkZmQyYzJjODJiIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjEwNTIsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDAzOTg5MTUxfSx7ImNwbSI6MC4xLCJhZElkIjoiOTRjYzEwOTJhNzY0YzZjIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjEwNTMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDAzOTg5MTUyfSx7ImNwbSI6MC4xLCJhZElkIjoiOTUyYjUwZmQzM2ZiOTdiIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjEwNTQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDAzOTg5MTUzfSx7ImNwbSI6MC4wNiwiYWRJZCI6Ijk2YmYxM2U0YjBhN2YxMSIsIm9yaWdpbmFsQ3BtIjowLjA2LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNTk5OTk5OTk5OTk5OTk5OTUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjEyMzYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDAzOTg5MzY3fSx7ImNwbSI6MC4xOTUzODU5MDMxMjAwNDA5LCJhZElkIjoiOTg3NjQyYjgwMDc3OTkiLCJvcmlnaW5hbENwbSI6MC4xOTUzODU5MDMxMjAwNDA5LCJiaWRkZXIiOiJjcml0ZW8iLCJyZXZlbnVlIjowLjAwMDE5NTM4NTkwMzEyMDA0MDksImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjE2NDcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MDAzOTg5NzUwfSx7ImNwbSI6MC4wNTQ0NjgsImFkSWQiOiIxMDIzNjU4NzcwZDI2MzE4Iiwib3JpZ2luYWxDcG0iOjAuMDY0MDgsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDA1NDQ2OCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MjEyMiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQwMDM5OTAyMjh9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiY3JpdGVvIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI5ODc2NDJiODAwNzc5OSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxOTUzODU5MDMxMjAwNDA5fV0sImNvdW50cnkiOiJDSCJ9&c_b=10606.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:50 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
480_650.mp4
cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/ 		628 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 06 Sep 2023 12:39:50 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 8D83 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LM7Q8JIZ-1V-GWGK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-115.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:17:17 GMT
via
1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
1355
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
9nFSjvU8fjb5pc0wYOxPIWoAjcrHxrGGx_ReOqqQEytTdljWUoC2Cg==
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1523095062415793&correlator=1678200325080938&eid=31076480&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&arp=1&abxe=1&dt=1694003990452&lmt=1693996790&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGslzxBvyhJk08AdAkCv6Vyo17UkoKJ51PrIGnXNNcJkS&ga_vid=1361012700.1694003986&ga_sid=1694003986&ga_hid=1099694063&ga_fc=false&ga_cid=amp-NTz6VoVpGmsq7B0eIINYiw&dlt=1694003985160&idt=1026&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.09%26hb_ap_adid%3D99e10afbef24b88%26hb_ap_bidder%3Dcriteo%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
020e941d6a65b816e5d9af0384a8b8d5558e3665d0baeea96e88e1c18799cde0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
google-lineitem-id
5221734848
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138441557728
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1523095062415793&correlator=1035682743782510&eid=31076480&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&arp=1&abxe=1&dt=1694003990482&lmt=1693996790&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGslzxBvyhJk08AdAkCv6Vyo17UkoKJ51PrIGnXNNcJkS&ga_vid=1361012700.1694003986&ga_sid=1694003986&ga_hid=1099694063&ga_fc=false&ga_cid=amp-NTz6VoVpGmsq7B0eIINYiw&dlt=1694003985160&idt=1026&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.19%26hb_ap_adid%3D987642b8007799%26hb_ap_bidder%3Dcriteo%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c&adks=3805778231&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
f204856a7becb2c3449b21811b57dcd93c0a27b1c581a71f2703c3d1a661c1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11968
x-xss-protection
0
google-lineitem-id
5221339633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138441548914
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame D294
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM7Q8JIZ-1V-GWGK
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM7Q8JIZ-1V-GWGK
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Wed, 06 Sep 2023 12:39:51 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694003990667&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1548&pt=1395884210&tz=120&viewable=true&ddast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 06 Sep 2023 12:39:50 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1428
x-cache
MISS
x-served-by
cache-fra-etou8220034-FRA
pragma
no-cache
server
nginx
x-timer
S1694003991.685665,VS0,VE66
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E4C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2435
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 11:59:15 GMT
expires
Thu, 05 Sep 2024 11:59:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F424 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
39e1573135bfedd0dc289a39f473acd240dcdb72bc39a9430927cc9d54cde1eb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R-msVHthLRd6at-0YWjEjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-R-msVHthLRd6at-0YWjEjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:51 GMT
expires
Wed, 06 Sep 2023 12:39:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dcm
s.amazon-adsystem.com/ Frame 8D83
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Sep 2023 12:39:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WFNSS9NXW0V2G879D9WA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 06 Sep 2023 12:39:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6MMNJJWPVE7HEBNGFKNR
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 8D83
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM7Q8JIZ-1V-GWGK&gdpr=1&us_privacy=1---
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM7Q8JIZ-1V-GWGK&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BE756E43AD1F411484647836E4908AB0 Ref B: ZRHEDGE1919 Ref C: 2023-09-06T12:39:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEsAoxceP6GZn4cDbiIw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM7Q8JIZ-1V-GWGK&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8D83
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE03UThKSVotMVYtR1dHSw==&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEE_4LJiw_9lmOtirwUmkcJ0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE03UThKSVotMVYtR1dHSw==&google_push=&gdpr=1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE03UThKSVotMVYtR1dHSw==&google_push=&gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE03UThKSVotMVYtR1dHSw==&google_push=&gdpr=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8D83
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEN3LOChWA_nUC-9-d76Deig&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEN3LOChWA_nUC-9-d76Deig&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEN3LOChWA_nUC-9-d76Deig&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 8D83 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 8D83
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/r8HkFCOw2fgtU48GQu9nJ8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HeNe2SlE2oI0b8dNF9mzYIDE8apPGgy4AWk4Hg--~A
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HeNe2SlE2oI0b8dNF9mzYIDE8apPGgy4AWk4Hg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 06 Sep 2023 12:39:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HeNe2SlE2oI0b8dNF9mzYIDE8apPGgy4AWk4Hg--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8D83
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ExNzFmNDRkNTU1NTM0YjU5ODFjZTA5ZmQ5ZTI2YzAzYTAzMzExMw&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ExNzFmNDRkNTU1NTM0YjU5ODFjZTA5ZmQ5ZTI2YzAzYTAzMzExMw&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ExNzFmNDRkNTU1NTM0YjU5ODFjZTA5ZmQ5ZTI2YzAzYTAzMzExMw&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8D83
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Sep 2023 12:39:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HMGA53CTVHNKYEPG5TEA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 06 Sep 2023 12:39:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JNE3H8C8VYWSPWQKTF0G
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 23:29:48 GMT
x-content-type-options
nosniff
age
393003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 23:29:48 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 04:05:52 GMT
x-content-type-options
nosniff
age
376439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 04:05:52 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ Frame 2524 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
fc1af2d52744c7e5938cea3070b254256ee781405497d7fcd859e6ed39e028cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133294
x-xss-protection
0
server
cafe
etag
4075116879287353347
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230831/r20190131/ Frame 2DF2 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
8520
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 10:17:51 GMT
etag
9878862242593084568
expires
Wed, 20 Sep 2023 10:17:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=9431&cid=amp-NTz6VoVpGmsq7B0eIINYiw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dr=&dt=baby%E5%94%B1%E3%80%8A%E7%95%AB%E7%95%AB%E7%9A%84baby%E3%80%8B%20%E7%A9%BF%E6%8A%B9%E8%83%B8%E7%B4%97%E8%A3%99%E4%BA%BA%E7%BE%8E%E6%AD%8C%E7%94%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1694003991&sct=1&seg=1&_et=2000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-NTz6VoVpGmsq7B0eIINYiw&aip=1&sid=1694003991&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=1099694063&cid=1361012700.1694003986&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694003991&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dt=baby%E5%94%B1%E3%80%8A%E7%95%AB%E7%95%AB%E7%9A%84baby%E3%80%8B%20%E7%A9%BF%E6%8A%B9%E8%83%B8%E7%B4%97%E8%A3%99%E4%BA%BA%E7%BE%8E%E6%AD%8C%E7%94%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/ 		96 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 06 Sep 2023 12:39:51 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame 4FB0 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
20452
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 06:58:59 GMT
expires
Thu, 05 Sep 2024 06:58:59 GMT
last-modified
Wed, 30 Aug 2023 15:21:00 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CB05 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 11:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 06 Sep 2023 12:47:40 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 12:39:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 238E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 11:59:15 GMT
expires
Thu, 05 Sep 2024 11:59:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 235C 		829 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
b8aafe7638bac88f29d4c8aa15c167f089c45194ae7187c42b0d0ff43add099b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HOe0qaQQE6aj2VXSftX0sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-HOe0qaQQE6aj2VXSftX0sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:51 GMT
expires
Wed, 06 Sep 2023 12:39:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ Frame 509F 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0c0cece56c4f3a345b6ae21348d08954dc3b0805a54ea8061615559fca2e7ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133293
x-xss-protection
0
server
cafe
etag
6580606648981030582
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 45A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvJScfobys9jzGevAtGVWCtqJnLU3VR4osx9597TNEO4o8NaH7mqgWu3249NrBxYw81ZqQ8BZQWq0rzlKEmV8bIKVRRJYDX_aShVn-aYXCMwWbfi7KJnHvnHS1jiuo_xwI7Ni4Ps5F_kLT0Ahnv9Z2ydK01qLCPolEPNYprRtZHW_C5E-DUGbznYQVnfbH_SDuRyN4lcWlWY4RWn7JBhQMJxyuPZrt3-qlxZQny0lZXm29odxYgzeGMIS1XIOA8O4IVXy8wX7hM9st--pNbKE6m2IW7s04WtY1zyscKZF_mr5XB1Mhr5eqlloUIRjcG1c&sai=AMfl-YSfznWRUBOmj6ZGecLIYRtscWNfArAwOSTlKHYuazl8V9HMs_sELaZhCQC6XIbTTzOr9B0mWxrQ1lB2fAXDp1RHiRpz3mcku9fhoHB84qr3bC1qzzwSF8aal9O2nA&sig=Cg0ArKJSzMD7Kc2lhnCyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-50.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
afr.php
ads.eu.criteo.com/delivery/r/ Frame AB21 		149 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
07ef7b727d3919e7f5409d42785f14883d1788e194ff9d893ff53ca418913c72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=yJB0iXJMLcggwAl4OrnK_ylaoWTRaDPSf6SLKpC-YJnQx185XmEYv54waZ1oLELfjDqKAaxY8X8dfZsR3ZXn_5Tjc5ZHK1h6xxxlfaKmaDxWeXqr61Sc5kn-oqBBZrEPeJpTlM8n4stemFjsG2j2J7XCkYRj8n0QUYV2SgIvzRYrwWmb4bJud4JbGuwH-zrFx783PvhQnDAx_deLfYAQ_pVMxTt0w7BF9pYWZAqvKNDHfwf-uP-wshNMp94"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
50281392
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 45A9 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:51 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9iYWJ5Y2hhbmctaHVhLWh1YS1kZS1iYWJ5LWNodWFuLW1vLXhpb25nLXNoYS1xdW4tcmVuLW1laS1nZS10aWFuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS1lMjAwYWNjOS04ODAyLTRjYzQtOGRhYi0wOWExZjdiMTI3NjkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJjcml0ZW8iLCJyZXZlbnVlIjowLjAwMDA5NzAwNTY0Mjk1MDUzNDgyLCJyZXNwb25zZVRpbWUiOjc4NCwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiY3JpdGVvIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAwOTcwMDU2NDI5NTA1MzQ4Miwid2lubmVyQWRVbml0SWQiOiI5OWUxMGFmYmVmMjRiODgiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzUsM10sInNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6Ijk3MHg5MCIsInByZWJpZEF1Y3Rpb25JZCI6ImEyYmZiYjE3LTg5NWUtNGM1My1iNTk0LTMxODU3MzBkMjU5ZiIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=11894.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
tpd
cat.fr3.eu.criteo.com/ Frame 45A9 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/tpd?dd=6zWIHl9WYlFrdXoyYWZ6V0hlNDlkQlMxTUI2SmJOSSUyRkolMkZ3aGxvQlBKazBhRFolMkJvJTJGZkRTZjN2bTh6TE5ZWkhJektDQXp5UWF0S2dXelBKS01zdlZZWUpjJTJCUmFpQkhRSVl3U1Z4MDlGRUNoSzNWOXRGT0Zrb3lDQ3ViJTJCWWg4ZGx0UU1pS3V5cUoyQXBmY3owSDQ0b1JWJTJCY1I2YlhBU2JuUURmdFJJNjQ0S09Gb3pYZWxzNFFBbmNLV0tjMFpLZEw1NFpFVHl0SVJmYVQlMkZSNkt6aEJ6JTJCcSUyQlV0SWxDTE9lU2RlbXdRbVAweEo0ZzZYRHIyWmlJZFliT2NSZHZ1RndhcmxzNHhBSyUyQmZLUHdneW5CU1dGWGVkYW1UVEVnTGNVNTVDYkdudFBjVFMzelklMkJPT2VtS3BUU1ZsRWl3Y3pQZkE4R3ZSUTVBWSUyQjFLZ2hmWkxUUWF2aE9vSk94QWtocEt6YU1DdTNTWDJ4bWJpRkJMeTRhYWRoWTkwdmclMkJnQlB3aE9Hc3IzZUVYY0ZVQ1pBMyUyQmtkTkJETXV1R0JIWkN0aDNqV1VHOUx5SWV4eSUyRkVwZ3U3cTJYQUxQd2s0OTJtbnJxJTJGZGlFS1B3MzdHMm1Wa254TEVGN2JLV05EMWNIV0J2SnozNzZOR2k3em5NYzJCU3JGd01Rc21iVEtMTSUyQnI3RXNyMnNRWFk5aGYzM0VLVGZnOXYwJTJGeDRlRUNZdyUzRCUzRA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
180056
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
view
securepubads.g.doubleclick.net/pcs/ Frame 17EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU6UuY_VUyD5PrL8ELwCRAdkpczHD2gPrVrNnmT8JsAvWIjKuyHmNRQCyXyI3rU3PpMj2Ft0ZAIH1Pl9tBNZw86cepP0qScQ4RxbP94lzyMQDCaiYeFWbCGSBdhIxom2NHczWa9nGjU25J7WWvdc9lYAbAs65WgOPIrJxoL0Vp9Je1931g7oKLuQKKJqLDC2LQ2oIgI5sEWK9L7SN4XRBFvaGs9UsMsqQ3QjbAdwYRANYKL4UmcjJHS1aDZ41kNrAX4yAxi44FuHnXn9Opnzc3R3Hc_6ccdTLBX8sZZ05SOK1fNYQcQ45hpOJ6SL3R_uJS&sai=AMfl-YRnUoPHVPQW1b8oEPGQHQgi9MzYkVINT6ruDXcE_yCmDDyQb-awciRytfC1G9VsIIf0l-a5rpVjetLXOe02MuzX20KsmGvI2tpMlUQQzO5PDK20m1NtNmmy493fVw&sig=Cg0ArKJSzCR8a7SOUklnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-50.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7741 		146 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
52bb7731c906135ebf7750065f353b3350076220298adb1eedef26deb7a023ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5mRPn3JMLcggwAl47JfhSs-ecPduRQ3ZovrDyRMv99EtJ-DOI7aiOZAHAzNLIaO3ffxg4DRyjY20rgobkphXZZxEUfMdTHY-kHW-Cr4TKn54CG6tKOAzPxn3aPXMoQ_55WK3uaKKbRra3VyDK3qTSKvTP5Ti4_sMsE0hfrWQqmQuLB6mfO3dIf0i4s1Yq-gE3F5b0en1p2Fz_-AnzrxtItuABw3cJFdJjByF77o_4-ja17VFautpLwVj3TA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
50728057
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 17EE 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:51 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9iYWJ5Y2hhbmctaHVhLWh1YS1kZS1iYWJ5LWNodWFuLW1vLXhpb25nLXNoYS1xdW4tcmVuLW1laS1nZS10aWFuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS1lMjAwYWNjOS04ODAyLTRjYzQtOGRhYi0wOWExZjdiMTI3NjkiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJjcml0ZW8iLCJyZXZlbnVlIjowLjAwMDE5NTM4NTkwMzEyMDA0MDksInJlc3BvbnNlVGltZSI6MTY0NywibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiY3JpdGVvIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAxOTUzODU5MDMxMjAwNDA5LCJ3aW5uZXJBZFVuaXRJZCI6Ijk4NzY0MmI4MDA3Nzk5IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiNzI4eDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6Ijg2ZGNlZmZhLWNlYzAtNGQ3MS04OTQwLTU5NzQyY2VlZTBhMiIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=11921.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
tpd
cat.fr3.eu.criteo.com/ Frame 17EE 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/tpd?dd=tVsLgV8lMkJpYmF5UnVuemNPSzdFOEdNMjR4TFZBYjU5QUZPZnVTc2tMN2F1NGtlRGNLMG80amw1TG53MnhSN3NpZ2x0S1Z6RSUyQjlSZUkyeUZ3cmZMNzJQMldlSXdNJTJGRXBFdE5aNiUyRjc2REkzalAlMkJvVlJMWjRRbE1HQlFOeEhxVWVqUyUyQmVLRk1aNTZ2RktiJTJCNkt1RHF2UzJaJTJCRDNEUENBUCUyRjF1amp4JTJCJTJGVXZ0NXpRZXhMYUpqVXJYYnpwd1p2MGZuWTc5TEJPNmxyQzJyb1VPeVN0NTkwOWVuUnZEdVUlMkI4ZHRyWjRaUURDVnZPbnVmVDRVU0g1SUZWNUlJa3liUjVjWVg2NlhRSU8yNU5HTzVlNHF0QW9zOEpBc0I1NCUyQmhtMmxiUXpJRU9BdHhQaWJHcldFRklTMGFqZHBwd3RZeE9lODZhQThVeVllU24lMkZ2djlreVIyc08lMkZKZHAwQTZZeHZSJTJCV3VlZXMlMkZyQzd2MTNadk9CTENjeUNTalhyUUswQ1hqazVFNjloZTN3NmhweHdpaSUyQnY1biUyRm8lMkZOSGY4TWNxV01xTEpGVTg2bGp2T3FObVA0Nk10WXYwa3VWTU1VMDJjemRzJTJCR0ElMkJaV0lpcWthMWpLazNMWE9zSnhDN3dVd29JVDhxd0RLTnZZYzBYWnB1aDVXYkFkOUowQU92YnA2eVhkZjZHcGFj
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
168534
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
pMyDf4GeKHSz1fFK4Dw5AHt16yYq9oyPvd25YR0f55eRQxqN5KggjwMt5yHvNsJh1vcdwOuP26cODL5BJwhPcDkAHQlOLzQJ%2B7Xu%2BbpH1YdkDSErsTVdsq7t9OdgZRpbayQi2AKN7zOQeOtsp2sa6CCXNZjXGu3lX0CM1esIWbINtKYHfmBIWIE%2B28I5IwC...
ad.vidverto.io/delivery/video/pod/ Frame 1755 		45 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/pMyDf4GeKHSz1fFK4Dw5AHt16yYq9oyPvd25YR0f55eRQxqN5KggjwMt5yHvNsJh1vcdwOuP26cODL5BJwhPcDkAHQlOLzQJ%2B7Xu%2BbpH1YdkDSErsTVdsq7t9OdgZRpbayQi2AKN7zOQeOtsp2sa6CCXNZjXGu3lX0CM1esIWbINtKYHfmBIWIE%2B28I5IwCT8hysiAP3jVIKw6NDkLZdnERL84bYpwqSXEGxOLNq21lbEqrlXqaRYol%2BTY535Q62kJhig%2BWO4WBXt0c7jTUsitUwBQj402DXsWQLmNXQy0LnrEs9jaq2%2Bnq1eYYaJTUWdPJnU2FAVGmXvuur09D5eccLZjWX6iUOOtwpy3TpvA8%2FHtiDGYyF%2BrbqU5XKWlrN%2B9ZNjPZMmG1kjq%2B7XYSqXYF7eynjoM5Op%2FQk8resKiVQTNKerW%2BKqltuNY3dPvukzHZMjonvtArm41OkviCf5JDlhLaiqi0tYIFgyIpK8R38GcHhOyvzVZxJ%2FCttj9jOu4jHUGRL2jobebobMBqm%2BxePYyET3j5UzIRACIbUu%2BvcdittxQq48mStqZmu%2B4MwhP2%2FDmLBriD%2FIb4PNse68Cl4uXNLKBt3bxsnmjcmqH9AjV1PyGGm7aJPpMpYc3%2BvTFBh0ok5ElAteBEqLJ3AUJfT%2Bq%2FhnptnXIvz1F3lZHY2a5O6990jY2Vpmvji12Vx7I10PSIHGGDMYaBAMksT4drWElo0vCGmYgYbG5CqQ9LMEYOUuriCEtLfNeEQ%2FOpy?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bac4cbae7e15fac1157e8c1cf0ecfc142a5261f7396c8b4f7b57c388bfb6dc75

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Wed, 06 Sep 2023 12:39:51 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
pixel;r=1853435179;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb092...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1853435179;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-306227218-1694003990433;pbc=94266cc5-d6dd-4a8d-b5d3-27bb7531b154;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694003991685;tzo=-120;ogl=;ses=05641db1-964d-45c1-b871-1ef1d68ad9fc;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/ 		152 KB
152 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16744448-

Response headers

Date
Wed, 06 Sep 2023 12:39:52 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16744448-16900083/16900084
Connection
keep-alive
Content-Length
155636
cookie.js
partner.googleadservices.com/gampad/ Frame 2524 		210 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
2c3d3c32b980d90d1d7446b2c53bbe7898f5969295b56c09d75737942b5fb004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4A07 		27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
8f695d0f805518f181367f59cc0bd6ba479fc4059ce5c5aae1ece58d27fcc3ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12499
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:52 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F424 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=1740722667376145&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame 4E4C 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 16:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
157214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 16:59:37 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 02 Jan 1970 00:00:00 GMT
server
nginx
etag
W/"15180-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Sep 2023 12:39:52 GMT
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame 238E 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 16:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
157214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 16:59:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 45A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpeOpoXYykZMYCX-98-4Vvq5WQXcgl4tOocWSSFAJW6CNy-lkzQApiXcD7rvfsAUgknZJgcJ_q50YPFhYgPZMH-LVmJ9M1Eg5CAxTMMZQUWsv_NUzQvmbnSIzXgW0gDNZ6d6rke2farzFx4fmtVZf6uGydgMr9tR-qEDFtVKNN_PaSzfdvzfH_IQUMzL6boZoVWHrfNQijw4Yw9K3f_C9mW7yLMTXAnZTCRyM0iOs8B6oE1BX443VNTOPT--x10hRF1mUON9BKRIhYaXjEcz8m4TJ5bU_0h1kmcSkKNwm7KTpaawKQkeeRIpWOF3h75tnBJw&sai=AMfl-YTq8-GTZMLD4YNQkEHoRuTG-4gQOjHYnEHSXNSFfOceCwJ-TLBZND8U-LY-ZP9FjryYTmNTyMSCmlkPXuh-ntlxcctrkAqXcYvDka4cMEXODIc3o9wAj7gvqsAILw&sig=Cg0ArKJSzPmdlzwM_8OWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:39:51 GMT
truncated
/ Frame 45A9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
375d53ebf5b501de46741e9b21043db76141db00d5216864d26b12840a3bb882

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 17EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqDnTCv3-hWuWQbQs1QoQZ6wxMdBu_or8uXDXDspuHBwFvu3cfzVZOOzTMTLn2K80y3YLj9rXjcZLKWFtmWwbxxL6xXoHNiyUrXQhsY_K9b0fFCR3L9yBoVCkSzwV_JDHHNA96RY1weQI-OdHHjs-71124E_TbDjACI_4jfORZoyqbtbLFmQbF4ijzAq11G8NFEHX1sFEQ1BQyXLGii-BqakNBy86xUZXUdtc6_f2JoRGEOnt_JdmLyBf1JGbT9YB0jPXwOqmLk5akIzj_9e12AGj9AG92KJh2FCg8Wh_n6Y0c2xESiMg0SRY1RdHM1Dkt7BQ&sai=AMfl-YSTsgoy_wUqNScYU49aA1KAue-vIuznCbDrHd39zqcqhkQpyh9PwBsmhbQ4KN--44tfau3zzrgTuviKmY2_Uraq1qsZbtOtEdwKJSAjnFziUkBwbGOZUfn4q1PnNw&sig=Cg0ArKJSzBiryEMp9I0DEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 06 Sep 2023 12:39:52 GMT
truncated
/ Frame 17EE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dcf06849ba0687f90f86395497c63d2bb77ca83e322af918ed6129f62efe373

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 235C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=1577254494266146&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 1755 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm7q8kl9&c=7881238733515&slotId=3940619366757.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.69.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iq-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 509F 		210 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
099c9b4ec6dbe719afd66f0bbc8f3c6966caeaf94b7c638a43034141a476a07c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7EDB 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
324c101fecfd75d271b3cf9b7721edb46144edff952f686479ee01239d151ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16334
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:52 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 1755 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3851872730080629&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FzV249LaqCUO8QoCRR0DEsQ%3A1694007587%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F1001D50-5466-4282-9BF3-5E4F269D4CEA&a3p=EhkKCnB1YmNpZC5vcmcYlYiG1KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKH-hdSmMUgAUgIIZBIZCgp1aWRhcGkuY29tGKH-hdSmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lRVU16Y1hkSmNXcFNkM1Z3UW1GNGVXazRiMEV4VVQwOUluMD0Ywo6G1KYxSAASGwoMaWQ1LXN5bmMuY29tGJqLhtSmMUgAUgIIag..&nel=0&eid=44731964%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44796352%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dt=1694003992094&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&scor=4339875482503945&ged=ve4_td7_tt0_pd7_la7000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1755 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3851872730080629&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FzV249LaqCUO8QoCRR0DEsQ%3A1694007587%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F1001D50-5466-4282-9BF3-5E4F269D4CEA&a3p=EhkKCnB1YmNpZC5vcmcYlYiG1KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKH-hdSmMUgAUgIIZBIZCgp1aWRhcGkuY29tGKH-hdSmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lRVU16Y1hkSmNXcFNkM1Z3UW1GNGVXazRiMEV4VVQwOUluMD0Ywo6G1KYxSAASGwoMaWQ1LXN5bmMuY29tGJqLhtSmMUgAUgIIag..&nel=0&eid=44731964%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44796352%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dt=1694003992100&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&scor=4339875482503945&ged=ve4_td7_tt0_pd7_la7000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx3.adform.net/adx/ Frame 1755 		65 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/live/ Frame 1755 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3851872730080629&cust_params=mt_fln%3D1.8&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FzV249LaqCUO8QoCRR0DEsQ%3A1694007587%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F1001D50-5466-4282-9BF3-5E4F269D4CEA&a3p=EhkKCnB1YmNpZC5vcmcYlYiG1KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKH-hdSmMUgAUgIIZBIZCgp1aWRhcGkuY29tGKH-hdSmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lRVU16Y1hkSmNXcFNkM1Z3UW1GNGVXazRiMEV4VVQwOUluMD0Ywo6G1KYxSAASGwoMaWQ1LXN5bmMuY29tGJqLhtSmMUgAUgIIag..&nel=0&eid=44731964%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44796352%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dt=1694003992104&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&scor=4339875482503945&ged=ve4_td7_tt0_pd7_la7000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1755 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3851872730080629&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FzV249LaqCUO8QoCRR0DEsQ%3A1694007587%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F1001D50-5466-4282-9BF3-5E4F269D4CEA&a3p=EhkKCnB1YmNpZC5vcmcYlYiG1KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKH-hdSmMUgAUgIIZBIZCgp1aWRhcGkuY29tGKH-hdSmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lRVU16Y1hkSmNXcFNkM1Z3UW1GNGVXazRiMEV4VVQwOUluMD0Ywo6G1KYxSAASGwoMaWQ1LXN5bmMuY29tGJqLhtSmMUgAUgIIag..&nel=0&eid=44731964%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44796352%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dt=1694003992107&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&scor=4339875482503945&ged=ve4_td7_tt0_pd7_la7000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 1755 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3851872730080629&cust_params=mt_fln%3D1.3&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FzV249LaqCUO8QoCRR0DEsQ%3A1694007587%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F1001D50-5466-4282-9BF3-5E4F269D4CEA&a3p=EhkKCnB1YmNpZC5vcmcYlYiG1KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKH-hdSmMUgAUgIIZBIZCgp1aWRhcGkuY29tGKH-hdSmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lRVU16Y1hkSmNXcFNkM1Z3UW1GNGVXazRiMEV4VVQwOUluMD0Ywo6G1KYxSAASGwoMaWQ1LXN5bmMuY29tGJqLhtSmMUgAUgIIag..&nel=0&eid=44731964%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44796352%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dt=1694003992109&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&scor=4339875482503945&ged=ve4_td7_tt0_pd7_la7000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1755 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3851872730080629&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FzV249LaqCUO8QoCRR0DEsQ%3A1694007587%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F1001D50-5466-4282-9BF3-5E4F269D4CEA&a3p=EhkKCnB1YmNpZC5vcmcYlYiG1KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKH-hdSmMUgAUgIIZBIZCgp1aWRhcGkuY29tGKH-hdSmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lRVU16Y1hkSmNXcFNkM1Z3UW1GNGVXazRiMEV4VVQwOUluMD0Ywo6G1KYxSAASGwoMaWQ1LXN5bmMuY29tGJqLhtSmMUgAUgIIag..&nel=0&eid=44731964%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44796352%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dt=1694003992113&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&scor=4339875482503945&ged=ve4_td7_tt0_pd7_la7000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame AB21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame AB21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AB21 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 31 Aug 2024 12:39:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame AB21 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 31 Aug 2024 12:39:52 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame AB21 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=XqtOp168Y8ROU4eA4dlK6OEksedoFNc0zuI0qXRg13ovfRvfcBBhbbhHBjwRlTD15rGXM5io691eUkywydNM1GymZqkqqAeR8qNz9LOxV8Mw3yLx-HZCoRz74wzRp5twuW19KuWEYtLngYhbaZpu1Q2M8iUeA6AX18ftXVP0vJfP7elE0EMWjsO-rnE_r0o8DpVHG-fwWtIYTgdIi4UH4fcNQ0MiwG768TngOmE1K0wuB_EEuoCe2pbHTBfbVTzpTytiUN7wRi7S88hOXJwX6hX6cCWWR6owJEuDsYKMqSmhcYP_wQLg5t2VETDt4T1MYpd6qwvFwhuuxAAuehDbMZbu8hXLfCSVI4w8VSRyWpR7iScYz1K2BDKji8jVK4clHMKtj8qLgFfWzIVI5LZ5uoNYGCZcMUkp-AOyAOmluh-pfP97gzatFhuMhgTR2epVYuiEwk_ekFx2E6uEfJrfh-_4vHXY-iCobM4cAJOAzf6d8TH-3meRsfL9ke-M9IuSVN6KeAb3lGLfafbtgAGa7zrwxictwa4RFZV0_ujuokFIvpX0fYVvjIH5ITOmwJLdI6vB5r0YBMtQuIKcirp7l4VRA60
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1844534
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7741 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7741 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7741 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 31 Aug 2024 12:39:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7741 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 31 Aug 2024 12:39:52 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7741 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WgvDatE8BhPtoAeWkMNGH_WePgQeauZ9kH38sENkk2cQX8oTdfJkD3Ai7gg78Gl3x7Ifo1anIUJaDTYqx5sSp20YRwW1oYJMjuFWPWCN3lCkh5m2BPeA8-mLncStJDaZ9fosBPYgsJlNvSHb9-MSZ1eRnMr7N_pU9RVo-iQocObvD_3HhGaCJ0mIzV6s_r0DhRcVHjQMPOlbR87QcOLP7TZXcBmUdssmYraMrNriTnzK7Lgmj5cdRkD5GS1bbVKp0BYkVei0Vcg0VQZIk5aeDdXDGvkpDgqGJKLVyp-sJ2rM_xskmb7wc7lpIFX--cOUqCGXELKLKcgu34utP0Bcg0LkYtzaCGCBLbOVxUXkwnHPG4CPMsAWH0hxPERqYKlH6YLfZOypFo3abu2F7W6ujLnRYnwAWVvfSK9MYTUW2--0Dvg7Fqs4eKs3ZY7w0lpS96d_hJQ4vbk52nMx0IPWRPkoFamb2QfgUBSjqY14U-hCqdgnDCcYJBjtXmWfiaK-gbg1DP15oqoTl1Jy9mjL4xyqutj-Ea-nR_tUiaZn8N2v0Y-KMEtElIZnmS65rbVs3Wi5Lv0hXjZa43uPPK1VXH4JQYY
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1883411
expires
Mon, 26 Jul 1997 05:00:00 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 728D 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
24eb1bc1beb436cdd920616aa3e1d898982a8f0dfc4b50572959ca90271f0210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 06 Sep 2023 12:39:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2188757
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AB21 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1615834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7XwQO1mM%2BQLHedoVdHPXs%2Bo%2BsvrjG83rJSgVzu0alZDOYUPb8RzZ8nswmQS5wmtPNztXJPRL2rRyy%2Bsxl5KTVbVH579pcl%2B%2BrT3%2Bge2JVVvRP6nBvVdNACXB0mSQgbQNgT7WTN1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8026c6fa8d000f76-MXP
expires
Mon, 26 Aug 2024 12:39:52 GMT
animejs.js
static.criteo.net/animejs/ Frame AB21 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
csi
csi.gstatic.com/ Frame 1755 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lm7q8lns&c=7881238733515&slotId=3940619366757.5&ghmsh_eids=44731964%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44796352%2C44797559%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.69.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iq-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A07 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D1f0EFSemF9HCj4C8RugpIG30yf9Qq2XKDMJtW4mjFKra2KlW0aN1VPqdlkC3nXlqhhUmUHLYelBQ3CO2pKJK4SMgjgpq5GaIU_CvMU9KzdaXRoMU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A07 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3554362989667833066&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4A07 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 4A07 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 09:57:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
9764
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 09:57:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 4A07 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:24:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
69352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 17:24:00 GMT
l
www.google.com/ads/measurement/ Frame 4A07 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5x5rXpJ6AV0YixY2ocw5uS8OXW7bBr7idPml-6L4udrTSOaawY3L_J_DZUzGeIs1XjffrAdH72KyfhP4USQEl1SpyjA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A07 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:52 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 0D8D 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317b48b3de46dfb7245fe3621b8&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
24eb1bc1beb436cdd920616aa3e1d898982a8f0dfc4b50572959ca90271f0210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 06 Sep 2023 12:39:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1667380
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7741 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1615834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rrbLj6BuSeXEM6blZj%2B4tyyHIjoltM%2FfYWJR4DqSvzTrkX9tVFRXi%2B6tcTcIJ40yRg7X49dTXxN0ge70kNTsAULop3UyuKW22qJ2egI29wbPoIB7c9CLGFCWlHV5GcJLHa%2B7zn4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8026c6fa8d010f76-MXP
expires
Mon, 26 Aug 2024 12:39:52 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BEB9 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNVsUkNJAJUu9aztNiBPWqSR1Vo4KI3rmB7iDKoRMiPJ5ksjQpCgjhLIIAqMCKOiBBYMzif62UXFmsx0lW1YxM_jVhp6bA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
animejs.js
static.criteo.net/animejs/ Frame 7741 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7741 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F27e396689d854f96bffb4f1c353d44d6_digicomp_logo_white_criteobanner_cta_square.png&v=3&w=196&s=CcNGVQjmUCeFltGa1N8rkbDa
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a7f6bf3d4e79e967e0b1b70de5e46a16da84b04fc505eedca6da03127901953c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
10545
expires
Tue, 06 Aug 2024 04:31:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7741 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FSTORYT.jpg&v=3&w=800&s=G4PjTxY3FHnnadUu6p92BySe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2e108b13f9db2acc5baf4873111d47587fcfc08fac49592a736d7846993ff25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
16322
expires
Sun, 10 Sep 2023 09:08:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7741 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FNDSG.jpg&v=3&w=800&s=TaWPEW_YhAYqZ3Ad26u1sTdN&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3a3b6228c8b0ca57f754c5044f9ac8a6dbb8ae04dbcd96f0daad569bcccbaabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
14514
expires
Sun, 10 Sep 2023 08:49:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7741 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FJAVA01.jpg&v=3&w=800&s=08j_x8FTZTKd1YY5IT2Xt8fD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d817c9d5e373b77777d55c671007c32d9f22f1c4998e4f680542fc860583ba06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
9706
expires
Sun, 10 Sep 2023 10:21:58 GMT
all
csm.eu.criteo.net/ Frame 7741 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=5mRPn3JMLcggwAl47JfhSs-ecPduRQ3ZovrDyRMv99EtJ-DOI7aiOZAHAzNLIaO3ffxg4DRyjY20rgobkphXZZxEUfMdTHY-kHW-Cr4TKn54CG6tKOAzPxn3aPXMoQ_55WK3uaKKbRra3VyDK3qTSKvTP5Ti4_sMsE0hfrWQqmQuLB6mfO3dIf0i4s1Yq-gE3F5b0en1p2Fz_-AnzrxtItuABw3cJFdJjByF77o_4-ja17VFautpLwVj3TA&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7741 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7741 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame AB21 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FSTORYT.jpg&v=3&w=800&s=G4PjTxY3FHnnadUu6p92BySe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2e108b13f9db2acc5baf4873111d47587fcfc08fac49592a736d7846993ff25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
16322
expires
Sun, 10 Sep 2023 09:08:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame AB21 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F27e396689d854f96bffb4f1c353d44d6_digicomp_logo_white_criteobanner_cta_square.png&v=3&w=256&s=mLFT_ZJxWVAvg7oKoC-HfG0U
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9cdc95a5a7530f63cb0596d39d3d085c03bbba9e887dece7aead9d82d96855f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
15110
expires
Tue, 06 Aug 2024 04:31:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame AB21 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FTOG.jpg&v=3&w=800&s=ZyjiUiBalBexgHbGb6Bx_PSK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ad3eada0ebd5b34b6b1ae6e0939cadd21d2e024979b93fac9cbedb3074ab9464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
21652
expires
Sun, 10 Sep 2023 10:09:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame AB21 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FIS27T.jpg&v=3&w=800&s=8BE_5zSeIY-17XaHwe_XjmOQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1b3d020dcd904949bce5b8b8b288d5d0a98a1995a09ba336344730caf8f51997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
10700
expires
Sun, 10 Sep 2023 08:42:19 GMT
all
csm.eu.criteo.net/ Frame AB21 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=yJB0iXJMLcggwAl4OrnK_ylaoWTRaDPSf6SLKpC-YJnQx185XmEYv54waZ1oLELfjDqKAaxY8X8dfZsR3ZXn_5Tjc5ZHK1h6xxxlfaKmaDxWeXqr61Sc5kn-oqBBZrEPeJpTlM8n4stemFjsG2j2J7XCkYRj8n0QUYV2SgIvzRYrwWmb4bJud4JbGuwH-zrFx783PvhQnDAx_deLfYAQ_pVMxTt0w7BF9pYWZAqvKNDHfwf-uP-wshNMp94&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AB21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame AB21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:52 GMT
pixel
cm.g.doubleclick.net/ Frame BEB9 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNVsUkNJAJUu9aztNiBPWqSR1Vo4KI3rmB7iDKoRMiPJ5ksjQpCgjhLIIAqMCKOiBBYMzif62UXFmsx0lW1YxM_jVhp6bA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BEB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1&C=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNVsUkNJAJUu9aztNiBPWqSR1Vo4KI3rmB7iDKoRMiPJ5ksjQpCgjhLIIAqMCKOiBBYMzif62UXFmsx0lW1YxM_jVhp6bA
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN0Nyd7RRrBLYVGGW9zI32oFaYe%2BcoYLZi%2FdXqQwf3jHPaqUYY9gxszKzyrtgwmkzZla9kGmudoNSKaEpU9FuGJw1O%2BP%2FhkB30Lo8z6H2xl5dnEmtJFWAc%2BTxqUGvYBc%2F45dVsPvbRVm2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8026c6fd193b24c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHjv%2BYaME9hkjLMFzcMnghZBCpUvVXTCSxtTLl5YIhGHYb9IuLw0OueGC1gAExrJh9Y0MaknqgVqSAwTjo5ccB9GvPNL42yR0YEiKC14s2RshdAkLZ%2B2LaL7KHKvSWRvDg4L%2BelZgUBXZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1&C=1
cache-control
no-cache
cf-ray
8026c6fb69070208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame BEB9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPhzGJePj38mET-tZMVd.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1&google_hm=2
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNVsUkNJAJUu9aztNiBPWqSR1Vo4KI3rmB7iDKoRMiPJ5ksjQpCgjhLIIAqMCKOiBBYMzif62UXFmsx0lW1YxM_jVhp6bA
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDO13WAL7%2FS%2F5NSQjb2I2Exf7fgzqh8sVTtncDtPBG7GBxZnJQB1lsEk0fFKLmG95RCUc2GxBxQnyme5HqOv42sb8U%2BWJiFCv8Jwwt%2B5VzdwqjYEko96r52XF%2FFAnxns3UczV%2B2GqH0GOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8026c7009fb824c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJXvrDM2773Uv8RrnzBCrco&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8C80 		129 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
12817bd556af0b34d5e822e20cc5665384767e9fd6bc8f32aea8a5ba3871098a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=UpBYpXJMLcggwAl4jvYZt6SAi2r9DgU0QTHWt5BOVRkCnVF3V97U_qDECDYyo6VHprzI-iN2CFiBJFx_8gSJUWeidm_V5Cd_eLmsN3NqzHZ3sGDYsFWiqawqMjkOQ_vr8Za7fw8hNx7hw1y-W-Kj1nk5aTAao-h25vHxbtMvOa5rWt1TFGgjpMM2oZXdFh-UYOlZnXvDIMHV1zhf2kxqL6bLYe0xlSmZM0XbZ8bFf0YeG6a99TuwIUArFzHoMgJl2VnwSw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
59382770
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 7EDB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 09:57:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
9764
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 09:57:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 16D7 		1 KB
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
13385
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Thu, 07 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/ Frame 7EDB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:24:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
69352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 17:24:00 GMT
l
www.google.com/ads/measurement/ Frame 7EDB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM5Sl-xF41VYyachDAbX_HagVufsma6YYPsVNY3WeLBLV1fLwPXyQzIIkvtYCpb6Zt9JKRq1xTG5kZwozDjI7rMjfr5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7EDB 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 12:39:52 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DB09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_cm&google_hm=ay1xUkFNLW5nMWdUWkIzaWY0eDljdnBNVVVxTVBuRjBtR...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
606805
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame DB09 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-EDLSRng1gTZB3if4x9cvpMUUqMOhgkE5sz093Q&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.83.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-83-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DB09
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2825018790679395221
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2825018790679395221
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3409719
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
an-x-request-uuid
39bd2489-9a01-4bbe-b2cb-8695f04cd08e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2825018790679395221
x-proxy-origin
92.104.24.181; 92.104.24.181; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
secure.adnxs.com/ Frame DB09 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-quLed3g1gTZB3if4x9cvpMUUqMPfo5Q2xJdBZw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
an-x-request-uuid
d2f98f9e-0730-481a-a740-7e3a5a5b9b34
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
92.104.24.181; 92.104.24.181; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame DB09 		53 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-GW6V93g1gTZB3if4x9cvpMUUqMND5YqNADUEIA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 06 Sep 2023 12:39:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 06 Sep 2023 12:39:52 GMT
tap.php
pixel.rubiconproject.com/ Frame DB09 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-OgceAXg1gTZB3if4x9cvpMUUqMMLGrMJV1gBYg&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame DB09 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-JBJvy3g1gTZB3if4x9cvpMUUqMO-FtiK5HUeDA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.15.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-15-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
/
rtb-csync.smartadserver.com/redir/ Frame DB09 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-YwutPHg1gTZB3if4x9cvpMUUqMOZKO_J17rSbg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DB09 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-rfsvoHg1gTZB3if4x9cvpMUUqMOkT7WUTM4HCQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
57845
um
criteo-sync.teads.tv/ Frame DB09 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-YWiL33g1gTZB3if4x9cvpMUUqMOCt5FmKE4Kvg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 12:39:53 GMT
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame DB09 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-HsvSRXg1gTZB3if4x9cvpMUUqMPEa8dYCRvqxw&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame DB09 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DL8U-Xg1gTZB3if4x9cvpMUUqMODTDzmtSLpiA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame DB09 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Fk5r6Xg1gTZB3if4x9cvpMUUqMOlv2424H_y5g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
last-modified
Thu, 27 Jul 2023 14:20:27 GMT
server
nginx
accept-ranges
bytes
etag
"64c27d2b-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame DB09 		0
0
rum
r.casalemedia.com/ Frame DB09 		43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xM0f0ng1gTZB3if4x9cvpMUUqMNGpTidZBymNQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBH98J2OZHeHk2UHC0yG93C6YN58gfMXCbY8xl2%2Fvt4qTc6pmsXppI1GQ7iLxTky48T7jDt2PN8CWOBYm4%2B4VxlbKjOinJLBwRhghQHASNGYMaIB8roIsPRg%2FtG9%2BpEHidWM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8026c6fd1bbc0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
ibs:dpid=28645&dpuuid=b56B-mdXDumTf-c0kmHp018efPg1I0Vm
dpm.demdex.net/ Frame DB09
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=b56B-mdXDumTf-c0kmHp018efPg1I0Vm
0
0
match
ad.360yield.com/ Frame DB09 		0
0
sync
matching.ivitrack.com/ Frame DB09 		0
0
push
exchange.mediavine.com/usersync/ Frame DB09 		0
0
cookie-sync
sync.outbrain.com/ Frame DB09 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame DB09 		42 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-rPNH8Xg1gTZB3if4x9cvpMUUqMOKB3KM99VaEA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 06 Sep 2023 12:39:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame DB09 		0
0
m
ad.yieldlab.net/ Frame DB09 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame DB09 		0
0
put
e1.emxdgt.com/ Frame DB09 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-EJsDVHg1gTZB3if4x9cvpMUUqMPrR22gVOaR7Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.190.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-190-66.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
server
awselb/2.0
generate_204
tpc.googlesyndication.com/ Frame 238E 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?A8yoBA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3FEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_cm&google_hm=ay1xUkFNLW5nMWdUWkIzaWY0eDljdnBNVVVxTVBuRjBtR...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
582619
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_gid=CAESEAhPYPDChrY6mWkWIGWm97I&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3FEF 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-EDLSRng1gTZB3if4x9cvpMUUqMOhgkE5sz093Q&expires=30
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.83.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-83-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3FEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2825018790679395221
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2825018790679395221
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
982216
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
an-x-request-uuid
7b39c3c9-c066-455c-b9ec-e0993c90462a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2825018790679395221
x-proxy-origin
92.104.24.181; 92.104.24.181; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
secure.adnxs.com/ Frame 3FEF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-quLed3g1gTZB3if4x9cvpMUUqMPfo5Q2xJdBZw
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
an-x-request-uuid
167c0394-ead3-43c5-92f5-9c6eb7608f53
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
92.104.24.181; 92.104.24.181; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 3FEF 		53 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-GW6V93g1gTZB3if4x9cvpMUUqMND5YqNADUEIA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 06 Sep 2023 12:39:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 06 Sep 2023 12:39:52 GMT
tap.php
pixel.rubiconproject.com/ Frame 3FEF 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-OgceAXg1gTZB3if4x9cvpMUUqMMLGrMJV1gBYg&expires=30
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 3FEF 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-JBJvy3g1gTZB3if4x9cvpMUUqMO-FtiK5HUeDA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.15.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-15-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 3FEF 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-YwutPHg1gTZB3if4x9cvpMUUqMOZKO_J17rSbg
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3FEF 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-rfsvoHg1gTZB3if4x9cvpMUUqMOkT7WUTM4HCQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
57845
um
criteo-sync.teads.tv/ Frame 3FEF 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-YWiL33g1gTZB3if4x9cvpMUUqMOCt5FmKE4Kvg
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 12:39:53 GMT
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 3FEF 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-HsvSRXg1gTZB3if4x9cvpMUUqMPEa8dYCRvqxw&dongle=013b
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3FEF 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DL8U-Xg1gTZB3if4x9cvpMUUqMODTDzmtSLpiA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 3FEF 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Fk5r6Xg1gTZB3if4x9cvpMUUqMOlv2424H_y5g
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
last-modified
Thu, 27 Jul 2023 14:20:27 GMT
server
nginx
accept-ranges
bytes
etag
"64c27d2b-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 3FEF 		0
0
rum
r.casalemedia.com/ Frame 3FEF 		43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xM0f0ng1gTZB3if4x9cvpMUUqMNGpTidZBymNQ
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUIuOFd1F4OKc2Pt8OxOQxHW8%2BY6OUr%2BRMqyLHShWPGb9wkouAN1W%2FadQ9XAxTeifKhh4eOFNmtE9FoqLjUzHQMW9F%2F2IaFNgpg%2BhgQF5vCIazJEJJLwarvn7KqeGFteOgVF"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8026c6fd1bbd0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
ibs:dpid=28645&dpuuid=R6uTpm3aQc8lcToPXTCUYd38onwceQ-n
dpm.demdex.net/ Frame 3FEF
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=R6uTpm3aQc8lcToPXTCUYd38onwceQ-n
0
0
match
ad.360yield.com/ Frame 3FEF 		0
0
sync
matching.ivitrack.com/ Frame 3FEF 		0
0
push
exchange.mediavine.com/usersync/ Frame 3FEF 		0
0
cookie-sync
sync.outbrain.com/ Frame 3FEF 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3FEF 		42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-rPNH8Xg1gTZB3if4x9cvpMUUqMOKB3KM99VaEA
Requested by
Host: widget.nl3.eu.criteo.com
URL: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64f87317da787aa1dccac5a0f2a06d2c&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 06 Sep 2023 12:39:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 3FEF 		0
0
m
ad.yieldlab.net/ Frame 3FEF 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 3FEF 		0
0
put
e1.emxdgt.com/ Frame 3FEF 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A07 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3390324457247&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A07 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3390324457247&version=m202307240101&ct=77&x=1&cor=3554362989667833000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4A07 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYezm5haGrLnpzsId93zV4-CGOEEjptJSsd-knVM_9PvmOyVk_TM1uQn7u5xdNc2wTuWmDBxQLPk1nixrvqez9ajwfWZudGnXEC1njWIe5q6jl4suc0SzuF3Uv0AfBhdGpPhf1rTtCyh7XH33HebSpXyvJkycqdb5kNe_0VA2kPsGusuk&cry=1&dbm_d=AKAmf-DGrEvFYaGUiizUGot-IzcXkQHVC7kTzw_bmBbgLI7EtUreVwr20ocLf-tgIx2x7lD8qNWUe1yvAhByj9173govRigKemWspXrMb17k7ons33Tj_ZkMnXHSidjc9aMrmyxwpV4fDhaKYTrku-iIrIfeTumxEYjtp8jHQ4KjkdpX-XQPnRKMTcVG_UQPKjro-DhsM7Fc-JA_3AcmNP1mOkItqi96X4xIwIiw35iN9sbZoY7em74WqdYcRDLbXxHyq1D_0bvT7ucM3DdrPzW-ZkpU6VDhZDcK4dIHeUAMStnzZQ5-HxlX0xECTOqhxyJzL6RsqWO-MlesX4CPbeJnGjWw-jIYbyNii1TdVtYGP1NMgsgbw3GfNhDYHlLXSn6ZwxRpvxnEQrj3bpDt21wP9J88kxdvslHe_6DZKouvoZLR9B1rkI9CrQhE78LJ2fMiI8Vx3SdzZRN1T5ANc9gFIv8_-YVjcZTTR2mLywSBBG7Tg64bVHSiEDweWtiERm4X7QwmREoChlPL2sXyKcl-06X-uBB6--rxmKKG53Vm9fKxSJAKMsTuoOoRGzbxZfEMjyoSGloUS7ikxsbFYdx5nkcwCOPxnoyBUcU4pIXSpJya9gSbJvRyaXceugYqJrQKv6GZreQ-RJVOuCtNKqsSR9b_xFOI4P45oCCsIQRxZIHNECNeeQFrfjXNVEpJEOGZWFNDGdjaTjds5F_B_VwhLGGDVDD7r81p8N-6Zd2e_LreHDmpQKjNU4wsj_-Gsf3rA28gnN9kWVnZzusx1CHcaG6fHNeLaRsLkQ0y7elrZ3htUCsEtFwXiWpirSlbPIeN4b7ojW9DyXxG5EGk4V_zFvt20nBEBtT5IniL4ieAPbrt9SDgmNK4yLFGEK_VQ5r3fLlkrUeJEFnzvfNDhkWe3pLGMEjXEFyFz8LTsmzspGA2obTpwhO4gU-meFbop9dpEFQWVvKgwZFOvY7VTy1OkQrZ8wtt0EHGXD_k9ZOD0vH4K6Qt6fIzDVWrAILWHmw8mkVK0MiYGr_HtwRUJljVakben4XpgD1sMR3KtEApeS-m_hfZPf-f3mCMfL0Chppfc9SLMvPMSu-nX8Ql7dK4hCWxe9KbaIXdhaNR9qK-FaalVvlEX1AGEH1fgkSR0nXD_pTjBMVLQ2_k1IN4M2oUuxuMaU-I6f2C-Tm5nmaFIixf3zlx_Jqg7opL0aH_TyvarfGxOiovjRHb6gDy3yh9YMFO5_-TJ8nek7Q6kl9Gcr4u_G4LPlyjbLc_trCfJJxb6GNfUlbxpSzBnYT9Zc2GOHwUmDnsotluQIUIw_-PONRhwTXoPbP5d67CYlJxy3cb_jnBOajvnqU7gkkN5pRihhUaT9BQ5pIhzcbOjF9O5R_eBMqTloHBuUPDzyK_F3IviJvvYvhvgcH4k_KWwZR7JhFovKsO1XmAXo_IE2pf7tQ8xc33yRa7LiCJxzblVx2_Glwgrue7PUpyAxeXXeymzYs_HOHzO3Gl-qZ7lH8qeSWoaJX0122OjN4zHNGyI_7Wy4erFWNUGIN2pqO4LiBmL8Y73Q4DioGzcF70UbMPi7MlAQ9yYC6fvrrD3HhNIvpL54_YRkOKhofqkf5TsJywKOgsUYfbh8SkFIVMeekmVG4gvRUUZIzJr5i47MciYfdEVAQpP426l_LCyXBil3jB5inNhdnOFf8xaP6aUZomR0B5Vcu_4eEJrDYLWTWLgKBB8T9J3e9Baq2ffutIiywHAaqwJTfbmgbDJGjlSFZbQkpINOaMFha_dRbhpmPCDcLvWBTfuYYhUVFatwSC4CuddJarG6lLUKxjGVCMXWd5t1CvVMZUSm33BLO8IN1g3nWbh9pjBOo96sZFO94PKxXlOYn0JQJCjVgSXmCoP7KQye-oMvXOZUZzID0uC5Gcz5S6r2bVB2xW7th34LFkr-7PVsw13QB0XOsuxT5dj2g9ZiXN9IdVedGj-Q0sLtiHLPTNQQ6gvVDp2uqDA4_n-vOjkyNR1f9wedqhH9SsHtBiQLvsmSUO1Vc-SGaqEvghxk7OnjKtNUwEW9LQ4uBec1lAaE201LQ6TtCqSKFLGasefot9ReV0eK2gnasQBXNOUmaiH27G9ad8qcTz1rIE-DIXpBSbjKbkgjw1qUEtfqt4og8oLD411R7uYJWFNQ3Y9NLDBGl178za86eP30DYGQ8MtZ_WfoupUeOY4KeiGzcuaxQanXFKziw1LaVntiHdrrCPMZ6hfNvU94dMcsSurlvVO55oundI9aTma9fRL9jW4uBy-ztK5XJ4ePi-B51DkCghgiDVsGIYdi-8u6-TvWkiGdMQRiUShsdfZShiNvZEgg8i0ox50F4ks178X0ZizIgZSXHEQTiowqIUQV6uPmQnhrYzr8ULaMBMp7AjcU1Hl4w11NUO3Utyl0R1jJpudGrS4BfvpIRi1TsODdS7QKv0Qn9fMerkRvgTavydwLwBBL9J9nYY7qy6w6N0832XTGESyVjDQkgVc3-7_h3X13u7FZuEl6vLBrDHCI71olQukFha3OhDFTOrl0k-napZDMiXCUVxviqUGHYEEfHSyzRGKmcf11UiVbOc00xt-tJC7kDDPUpLZZ3bJ5LjvayQv8M_qmG3EdezHgScNTc8zYt4bLcrPssbnNObzYdoYc0U8ONBuQfzp7Wc7lA1901buYA61FeDAq_f7fvn1aNHjMwuSwNtmKyIRZlCXOUPe8U2Ufure9_-sUm8eRIAW53QkNewDkg8NkVPJWBG1bjv8Tc2_fckt6oAk1XznwRXb6FEDFkQOLS3fIZcinUF2i1HwJuRHuubjXPDUicv6V_2fjCtC7X2TNNfAIFBbXsMmCy0Ldew3nXgaGZNuP4Rmmr_E9Yyv886yJEdeqadgmf5R1ZgJlQiBEHqtH6JmVr35PFAennRVInIiAqNIjbPO2hxwWOE8jWe0DnvC4bayQQTaIMAwcOsw1giWGWUIB_QGOCUiQYV62uUWw0wN2a1AciVYHjOLAKDmJhCw1FY_Ef3NFpOUlwHxf2cmRJ8LR4wUJITSJs94pXBzg-VItKoUbc8SbzGPHlvujApjSqUK5kbWmjXBgzvS3QqvX9ZNDGqyFik2aTdPry-Q5P9SfpSiA0jeH9y6fqcFKJd6eKM4eUVg7BPD0uR1R0o7dZqxAriQEg94i6qlS3-YP6ZJqnjQwasi2ja_bWszlsrHBLSPfofOWGCIfebSJttTc7SJQHonzpc1xkk5jJaj7iv4-Ibaujh0ZIAxAx9gvLIgQS_L9Ei1UtTtFUGik_0Si4zeaWc_wFboVjLCJIQYfu-8hp-V0exRCOFbi03czg5rM5kAVycSYnr4zu3ZUwXCxfHncqiyqc6UD_zwNpbFZE2lWgjtSCx_aM9qY1774pqN-pEqXnq5-VUmQ_R56rqJbDCxNSqdvbD_QBltM-uNzHv9JQ79nGtzBR_tzV9CNKD5BDyg4B7ET3eTimhT8DcrPOZz_6guqjAhMcm8DAXvuKFWUG1CFNZlaRUyyDwJPyVtC52OPj0A4Ji0l8iAfS8mUvGBED-uUjOE6oCEJGpWecPRQmVhIU4LkXX78WYZ-b2gjVvYqYcF1BHra9zUSP3aCLmaWz7gKuwC1HfBbW1baxYiqrlEf1ojcCU7a-9YM6bFwZ5qSgHj-yOMcut9W8LJckcZpirMP7m8k1ST6rs8JRCHW9b3F7M5z-NN9NsTUovE145VEitkaXV7RU9xTeI9WV-4qOQ9ljek2F1quBromejRHM05bx-bB57F_hRwv1VgM_4up8rdAF1qACLhUP-jKwLfaS2-XRBMhhIjcSeIXjV5Df4HKSPaiXaImnlOCn-fgNiac2Ho2EnTb_PFZrONNeabjT4loYy71ioZjTg9V4&cid=CAQSOwBpAlJW-NWyK74IUkEceXwi_6wFjZpu2_42gyYZRyfmLVu94dftx-gL0iCZLe6cEWg1gbqz_wI65L4qGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3554362989667833000&adk=4022746785&idt=271&cac=0&dtd=34
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
dd1424b85605b02abc3c308f71fc023a794b594f69589ae3282699748cf310a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11935
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8C80 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:53 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8C80 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:53 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8C80 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 31 Aug 2024 12:39:53 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8C80 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 31 Aug 2024 12:39:53 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 8C80 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WPRQ8B0rqOpHnIth6-Awl8Qw4fi8VcuvruiGnADHf0GSWaZoGL6MAeCp7WUvqC61CFQo0lTbNJrBbceXkHtzUByuBxTl5dNU6h1x8K4WiFonkG-R-jCRDCO13JeyLwOxeuHj33OyS3i4uhberyncskU0aSZyvxUpLfq8u7JF9PWUP0ehag0lFAcRgxHNg0iAexrrEoSUAG1yJqgzBiJ4nYme1aK1nYsXbZB5-y0v6uaVFE1kHc5BigHZ2GHrfn_Ab2W_QhdwjyGGxhZA3GbM2jrduOzxqp99kebtcGpiMzinZUiyJ9ek0nkhIi70lK6aP76JAx2WnABtv_tyQ-MD3iwizsE8jgGTJeV6P2APfuVEBu9-PuHb3gGxBaEpuU0bZjCzWlXNpRMhL_FIGolaxTwwYs3reUb0B8So8IITWwIeIFtzCI1vdzmnFSi_7VUUwmRmUFLWuMO_CCIlTpyBoiTwcWDPmyexjzwdtMCtWjYmCCpWWm03ELhIVflirh9GS7ulZbWDLtOXx6FsjdX9HSlohdv3iauds7bjmZP4XTuHoBCd
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2044557
expires
Mon, 26 Jul 1997 05:00:00 GMT
csi
csi.gstatic.com/ Frame 1755 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lm7q8lxl&c=7881238733515&slotId=3940619366757.5&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.69.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iq-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 1755 		0
0
csi
csi.gstatic.com/ Frame 1755 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lm7q8mih&c=7881238733515&slotId=3940619366757.5&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.69.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iq-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 1755 		0
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 1755 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 17EE 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLbBFRZqQrI_362VuM3GUYolVrOmv8aMfC8-ANi5HnR8ZZx_v1JmAd2D_vzyrjUnq-OACrobg4Rtggi1y9r-5T5qPK3xq8y1BHggLhfPSolRQmYNJB9u8AoaU9Ors0&sig=Cg0ArKJSzN42UPOhxBegEAE&id=lidar2&mcvt=1185&p=60,236,310,964&mtos=1185,1185,1185,1185,1185&tos=1185,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3805778231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694003991534&rpt=413&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 45A9 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuE1qpGzOr1YeqOIqc0IxVroFHVjWZWnc8TBELAtrbhsnhyzdHXu2Vy6JkFN9nWWUqt38vr4Ct6kJlPURvSvWqKV32t_Q42JEvqp2iWr45PidJDLWWbE6GjqY_kvbFh&sig=Cg0ArKJSzOh_IMjEgeq8EAE&id=lidar2&mcvt=1191&p=1110,315,1200,1285&mtos=1191,1191,1191,1191,1191&tos=1191,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694003991506&rpt=413&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://onetag-sys.com/usync/?tag=img
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=&gdpr_consent=
date
Wed, 06 Sep 2023 12:39:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 1755 		0
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 1755 		0
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8C80 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1615835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWVuSbygWrC5XKtcnXCgo7Euw5c8578Q1pfOqxi62yMBmgOuqfQED5oNsciMCXL2Gz5Px%2Fh0gI6g9%2BlezI%2B9DcW5VlsZKmFuIzGyN%2F46mYPUSFycQdtYN0DFJhIwMRAHzrkYgKLd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8026c6fda9070f76-MXP
expires
Mon, 26 Aug 2024 12:39:53 GMT
animejs.js
static.criteo.net/animejs/ Frame 8C80 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:53 GMT
dpixel
cms.quantserve.com/ Frame 16D7 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHOEKOH1uUQDcjt8-mFd3zg&google_cver=1&google_push=AXcoOmSBrqsPuBmPNWVIQZsZDhXMbDfs0eL_fhrb2UKZRl3y_voy9FTIAhgEmJMyNYWfI_gHl4WoVk_5rAqJSLRYas6FgFVsiC0Fd2Q9tpLfIqHAFh78GjB52k5vJ02T4QQ5d8G5PvRWSiI-pSIlMrPl8De0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ping_match.gif
pm.w55c.net/ Frame 16D7 		0
0
pixel
cm.g.doubleclick.net/ Frame 16D7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMvDRV_2L3jOZ59CmEBi4GI&google_cver=1&google_push=AXcoOmQNMtkPuNdaUWR8_k9e-dfJhH2pcJy75S4fADalrhRYqozBFZfWduBQTv-JJVWmOR43-ierlBtNTXjTC6KMUb4CyNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQNMtkPuNdaUWR8_k9e-dfJhH2pcJy75S4fADalrhRYqozBFZfWduBQTv-JJVWmOR43-ierlBtNTXjTC6KMUb4CyNgmOrIE1AjyPKQXlvZw8jx4ThGPXms7_jEXO6Lap...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQNMtkPuNdaUWR8_k9e-dfJhH2pcJy75S4fADalrhRYqozBFZfWduBQTv-JJVWmOR43-ierlBtNTXjTC6KMUb4CyNgmOrIE1AjyPKQXlvZw8jx4ThGPXms7_jEXO6Lap0AFlwoxJzjsrz7dD9QSHQeO&google_hm=eS01UHdsMVhSRTJwRnRsT0VCVlJacVh1bUFLR0xmaVplOX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQNMtkPuNdaUWR8_k9e-dfJhH2pcJy75S4fADalrhRYqozBFZfWduBQTv-JJVWmOR43-ierlBtNTXjTC6KMUb4CyNgmOrIE1AjyPKQXlvZw8jx4ThGPXms7_jEXO6Lap0AFlwoxJzjsrz7dD9QSHQeO&google_hm=eS01UHdsMVhSRTJwRnRsT0VCVlJacVh1bUFLR0xmaVplOX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 16D7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSKr4...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_push=AXcoOmSKr47YCh8fJAtOf_vdpUdH_z1ii0ZtSfQ05RdE4UN1SAsu0WRdCEWiQ_kRiiflA4o-6eGCE65uvO00...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_push=AXcoOmSKr47YCh8fJAtOf_vdpUdH_z1ii0ZtSfQ05RdE4UN1SAsu0WRdCEWiQ_kRiiflA4o-6eGCE65uvO00x9V22JSNS8Uc1Ny94JNWoeD9v4jd1qAe4egIrm8Q06OpeXYz_9cKK3gS2DN-9m4yx24qSQYG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:52 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_push=AXcoOmSKr47YCh8fJAtOf_vdpUdH_z1ii0ZtSfQ05RdE4UN1SAsu0WRdCEWiQ_kRiiflA4o-6eGCE65uvO00x9V22JSNS8Uc1Ny94JNWoeD9v4jd1qAe4egIrm8Q06OpeXYz_9cKK3gS2DN-9m4yx24qSQYG
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
838314
content-length
0
expires
Wed, 06 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 16D7
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBbA5OninnAQegugSKsIrcs&google_cver=1&google_push=AXcoOmS6KF_RajTssSULlr6SRRRHAYkr5YcKCJp6cwubJPg0wrpEfUG8UHLgdjSWDu5b3OgNXPwBWH5Wbtrp2bTT7NNGTF9gXdsot...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmS6KF_RajTssSULlr6SRRRHAYkr5YcKCJp6cwubJPg0wrpEfUG8UHLgdjSWDu5b3OgNXPwBWH5Wbtrp2bTT7NNGTF9gXdsotmjyNoOuvxSQg4VbsmdpUtjTVfafkpZWAy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmS6KF_RajTssSULlr6SRRRHAYkr5YcKCJp6cwubJPg0wrpEfUG8UHLgdjSWDu5b3OgNXPwBWH5Wbtrp2bTT7NNGTF9gXdsotmjyNoOuvxSQg4VbsmdpUtjTVfafkpZWAyhlqVY4p6yGZVdFhO3EhhE&google_hm=DNdfpYqiwdIVpygtPPQJkg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmS6KF_RajTssSULlr6SRRRHAYkr5YcKCJp6cwubJPg0wrpEfUG8UHLgdjSWDu5b3OgNXPwBWH5Wbtrp2bTT7NNGTF9gXdsotmjyNoOuvxSQg4VbsmdpUtjTVfafkpZWAyhlqVY4p6yGZVdFhO3EhhE&google_hm=DNdfpYqiwdIVpygtPPQJkg==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
/
b1sync.zemanta.com/usersync/googleadx/ Frame 16D7 		0
0
sync
sync.srv.stackadapt.com/ Frame 16D7 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 16D7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3fyZqYWw8o3bz6VoZHPUo62tvQRAbLGL0u4XYNkYmsgP9ePZ0twzrz0pY5B5qzFQo0-34
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4A07 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYezm5haGrLnpzsId93zV4-CGOEEjptJSsd-knVM_9PvmOyVk_TM1uQn7u5xdNc2wTuWmDBxQLPk1nixrvqez9ajwfWZudGnXEC1njWIe5q6jl4suc0SzuF3Uv0AfBhdGpPhf1rTtCyh7XH33HebSpXyvJkycqdb5kNe_0VA2kPsGusuk&cry=1&dbm_d=AKAmf-DGrEvFYaGUiizUGot-IzcXkQHVC7kTzw_bmBbgLI7EtUreVwr20ocLf-tgIx2x7lD8qNWUe1yvAhByj9173govRigKemWspXrMb17k7ons33Tj_ZkMnXHSidjc9aMrmyxwpV4fDhaKYTrku-iIrIfeTumxEYjtp8jHQ4KjkdpX-XQPnRKMTcVG_UQPKjro-DhsM7Fc-JA_3AcmNP1mOkItqi96X4xIwIiw35iN9sbZoY7em74WqdYcRDLbXxHyq1D_0bvT7ucM3DdrPzW-ZkpU6VDhZDcK4dIHeUAMStnzZQ5-HxlX0xECTOqhxyJzL6RsqWO-MlesX4CPbeJnGjWw-jIYbyNii1TdVtYGP1NMgsgbw3GfNhDYHlLXSn6ZwxRpvxnEQrj3bpDt21wP9J88kxdvslHe_6DZKouvoZLR9B1rkI9CrQhE78LJ2fMiI8Vx3SdzZRN1T5ANc9gFIv8_-YVjcZTTR2mLywSBBG7Tg64bVHSiEDweWtiERm4X7QwmREoChlPL2sXyKcl-06X-uBB6--rxmKKG53Vm9fKxSJAKMsTuoOoRGzbxZfEMjyoSGloUS7ikxsbFYdx5nkcwCOPxnoyBUcU4pIXSpJya9gSbJvRyaXceugYqJrQKv6GZreQ-RJVOuCtNKqsSR9b_xFOI4P45oCCsIQRxZIHNECNeeQFrfjXNVEpJEOGZWFNDGdjaTjds5F_B_VwhLGGDVDD7r81p8N-6Zd2e_LreHDmpQKjNU4wsj_-Gsf3rA28gnN9kWVnZzusx1CHcaG6fHNeLaRsLkQ0y7elrZ3htUCsEtFwXiWpirSlbPIeN4b7ojW9DyXxG5EGk4V_zFvt20nBEBtT5IniL4ieAPbrt9SDgmNK4yLFGEK_VQ5r3fLlkrUeJEFnzvfNDhkWe3pLGMEjXEFyFz8LTsmzspGA2obTpwhO4gU-meFbop9dpEFQWVvKgwZFOvY7VTy1OkQrZ8wtt0EHGXD_k9ZOD0vH4K6Qt6fIzDVWrAILWHmw8mkVK0MiYGr_HtwRUJljVakben4XpgD1sMR3KtEApeS-m_hfZPf-f3mCMfL0Chppfc9SLMvPMSu-nX8Ql7dK4hCWxe9KbaIXdhaNR9qK-FaalVvlEX1AGEH1fgkSR0nXD_pTjBMVLQ2_k1IN4M2oUuxuMaU-I6f2C-Tm5nmaFIixf3zlx_Jqg7opL0aH_TyvarfGxOiovjRHb6gDy3yh9YMFO5_-TJ8nek7Q6kl9Gcr4u_G4LPlyjbLc_trCfJJxb6GNfUlbxpSzBnYT9Zc2GOHwUmDnsotluQIUIw_-PONRhwTXoPbP5d67CYlJxy3cb_jnBOajvnqU7gkkN5pRihhUaT9BQ5pIhzcbOjF9O5R_eBMqTloHBuUPDzyK_F3IviJvvYvhvgcH4k_KWwZR7JhFovKsO1XmAXo_IE2pf7tQ8xc33yRa7LiCJxzblVx2_Glwgrue7PUpyAxeXXeymzYs_HOHzO3Gl-qZ7lH8qeSWoaJX0122OjN4zHNGyI_7Wy4erFWNUGIN2pqO4LiBmL8Y73Q4DioGzcF70UbMPi7MlAQ9yYC6fvrrD3HhNIvpL54_YRkOKhofqkf5TsJywKOgsUYfbh8SkFIVMeekmVG4gvRUUZIzJr5i47MciYfdEVAQpP426l_LCyXBil3jB5inNhdnOFf8xaP6aUZomR0B5Vcu_4eEJrDYLWTWLgKBB8T9J3e9Baq2ffutIiywHAaqwJTfbmgbDJGjlSFZbQkpINOaMFha_dRbhpmPCDcLvWBTfuYYhUVFatwSC4CuddJarG6lLUKxjGVCMXWd5t1CvVMZUSm33BLO8IN1g3nWbh9pjBOo96sZFO94PKxXlOYn0JQJCjVgSXmCoP7KQye-oMvXOZUZzID0uC5Gcz5S6r2bVB2xW7th34LFkr-7PVsw13QB0XOsuxT5dj2g9ZiXN9IdVedGj-Q0sLtiHLPTNQQ6gvVDp2uqDA4_n-vOjkyNR1f9wedqhH9SsHtBiQLvsmSUO1Vc-SGaqEvghxk7OnjKtNUwEW9LQ4uBec1lAaE201LQ6TtCqSKFLGasefot9ReV0eK2gnasQBXNOUmaiH27G9ad8qcTz1rIE-DIXpBSbjKbkgjw1qUEtfqt4og8oLD411R7uYJWFNQ3Y9NLDBGl178za86eP30DYGQ8MtZ_WfoupUeOY4KeiGzcuaxQanXFKziw1LaVntiHdrrCPMZ6hfNvU94dMcsSurlvVO55oundI9aTma9fRL9jW4uBy-ztK5XJ4ePi-B51DkCghgiDVsGIYdi-8u6-TvWkiGdMQRiUShsdfZShiNvZEgg8i0ox50F4ks178X0ZizIgZSXHEQTiowqIUQV6uPmQnhrYzr8ULaMBMp7AjcU1Hl4w11NUO3Utyl0R1jJpudGrS4BfvpIRi1TsODdS7QKv0Qn9fMerkRvgTavydwLwBBL9J9nYY7qy6w6N0832XTGESyVjDQkgVc3-7_h3X13u7FZuEl6vLBrDHCI71olQukFha3OhDFTOrl0k-napZDMiXCUVxviqUGHYEEfHSyzRGKmcf11UiVbOc00xt-tJC7kDDPUpLZZ3bJ5LjvayQv8M_qmG3EdezHgScNTc8zYt4bLcrPssbnNObzYdoYc0U8ONBuQfzp7Wc7lA1901buYA61FeDAq_f7fvn1aNHjMwuSwNtmKyIRZlCXOUPe8U2Ufure9_-sUm8eRIAW53QkNewDkg8NkVPJWBG1bjv8Tc2_fckt6oAk1XznwRXb6FEDFkQOLS3fIZcinUF2i1HwJuRHuubjXPDUicv6V_2fjCtC7X2TNNfAIFBbXsMmCy0Ldew3nXgaGZNuP4Rmmr_E9Yyv886yJEdeqadgmf5R1ZgJlQiBEHqtH6JmVr35PFAennRVInIiAqNIjbPO2hxwWOE8jWe0DnvC4bayQQTaIMAwcOsw1giWGWUIB_QGOCUiQYV62uUWw0wN2a1AciVYHjOLAKDmJhCw1FY_Ef3NFpOUlwHxf2cmRJ8LR4wUJITSJs94pXBzg-VItKoUbc8SbzGPHlvujApjSqUK5kbWmjXBgzvS3QqvX9ZNDGqyFik2aTdPry-Q5P9SfpSiA0jeH9y6fqcFKJd6eKM4eUVg7BPD0uR1R0o7dZqxAriQEg94i6qlS3-YP6ZJqnjQwasi2ja_bWszlsrHBLSPfofOWGCIfebSJttTc7SJQHonzpc1xkk5jJaj7iv4-Ibaujh0ZIAxAx9gvLIgQS_L9Ei1UtTtFUGik_0Si4zeaWc_wFboVjLCJIQYfu-8hp-V0exRCOFbi03czg5rM5kAVycSYnr4zu3ZUwXCxfHncqiyqc6UD_zwNpbFZE2lWgjtSCx_aM9qY1774pqN-pEqXnq5-VUmQ_R56rqJbDCxNSqdvbD_QBltM-uNzHv9JQ79nGtzBR_tzV9CNKD5BDyg4B7ET3eTimhT8DcrPOZz_6guqjAhMcm8DAXvuKFWUG1CFNZlaRUyyDwJPyVtC52OPj0A4Ji0l8iAfS8mUvGBED-uUjOE6oCEJGpWecPRQmVhIU4LkXX78WYZ-b2gjVvYqYcF1BHra9zUSP3aCLmaWz7gKuwC1HfBbW1baxYiqrlEf1ojcCU7a-9YM6bFwZ5qSgHj-yOMcut9W8LJckcZpirMP7m8k1ST6rs8JRCHW9b3F7M5z-NN9NsTUovE145VEitkaXV7RU9xTeI9WV-4qOQ9ljek2F1quBromejRHM05bx-bB57F_hRwv1VgM_4up8rdAF1qACLhUP-jKwLfaS2-XRBMhhIjcSeIXjV5Df4HKSPaiXaImnlOCn-fgNiac2Ho2EnTb_PFZrONNeabjT4loYy71ioZjTg9V4&cid=CAQSOwBpAlJW-NWyK74IUkEceXwi_6wFjZpu2_42gyYZRyfmLVu94dftx-gL0iCZLe6cEWg1gbqz_wI65L4qGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=3554362989667833000&adk=4022746785&idt=271&cac=0&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:22:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
289045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Sep 2024 04:22:28 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 1755 		0
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 1755 		0
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 1755 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
img
imageproxy.eu.criteo.net/img/ Frame 8C80 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F7a34ef86a86540a5adebf22d382f4e90_digicomp_logo_white_criteobanner_cta_horizontal.png&v=3&w=668&s=au0c9b1x0oCP3O56QVhEJrC-
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
14927
expires
Tue, 06 Aug 2024 05:25:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 8C80 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FPDFDRU.jpg&v=3&w=400&s=OFt-doyddY8XQvCKGw4kVxOO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2e108b13f9db2acc5baf4873111d47587fcfc08fac49592a736d7846993ff25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
16322
expires
Sun, 10 Sep 2023 08:54:40 GMT
all
csm.eu.criteo.net/ Frame 8C80 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=UpBYpXJMLcggwAl4jvYZt6SAi2r9DgU0QTHWt5BOVRkCnVF3V97U_qDECDYyo6VHprzI-iN2CFiBJFx_8gSJUWeidm_V5Cd_eLmsN3NqzHZ3sGDYsFWiqawqMjkOQ_vr8Za7fw8hNx7hw1y-W-Kj1nk5aTAao-h25vHxbtMvOa5rWt1TFGgjpMM2oZXdFh-UYOlZnXvDIMHV1zhf2kxqL6bLYe0xlSmZM0XbZ8bFf0YeG6a99TuwIUArFzHoMgJl2VnwSw&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8C80 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8C80 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 12:39:53 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 06 Sep 2023 12:39:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
204453
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
211326
expires
0
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
379843d80a0fed0e7a491a70cb3a4644cbeb842088d7dac495a5a98a7a73b245

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 06 Oct 2023 12:39:53 GMT
/
csync.smilewanted.com/ Frame 4707 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8026c6febd2cbabe-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 06 Sep 2023 12:39:53 GMT
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame C57F 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 06 Sep 2023 12:39:53 GMT
checksync.php
contextual.media.net/ Frame 8230 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4023b78b720b3f304b3bf74af452b308c3eb5acb2310530e3b9963b50203e5b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8471
content-type
text/html; charset=UTF-8
date
Wed, 06 Sep 2023 12:39:53 GMT
expires
Fri, 08 Sep 2023 12:39:53 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
adpushup-d.openx.net/w/1.0/ Frame FAB2 		504 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
236dc832d95b825ee65ccd10aa1b9179939a2cea896ca5450116d83d57bc5671

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Wed, 06 Sep 2023 12:39:53 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame B422 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Sep 2023 12:39:53 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 80E5 		0
0
sync.html
public.servenobid.com/ Frame 8EFA 		0
0
/
onetag-sys.com/usync/ Frame BD28 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1694003988273
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
3b5471f1e522aef47b4323d2fb270021c37c9d940ee132a85b729070e8b25b26
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1150
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 679A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 06 Sep 2023 12:39:52 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame DFC0 		0
0
8w7qrx09r0fs
hal9000.redintelligence.net/zone/ Frame 4A07 		0
0
truncated
/ Frame 7EDB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f533c3d1cac6c67cc0f2c2e9750c236fe41e9f324a62816ba5e8c1c210edd102

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame 880F 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
20454
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 06:58:59 GMT
expires
Thu, 05 Sep 2024 06:58:59 GMT
last-modified
Wed, 30 Aug 2023 15:21:00 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4EC9 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 11:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 06 Sep 2023 12:47:40 GMT
current
openx2-match.dotomi.com/match/bounce/ Frame FAB2 		0
0
dds
rtb.openx.net/sync/ Frame FAB2
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=DNdfpYqiwdIVpygtPPQJkg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4746b3dd-b388-eab5-c204-726f10bafe61
pr-bh.ybp.yahoo.com/sync/openx/ Frame FAB2 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4746b3dd-b388-eab5-c204-726f10bafe61?gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.175.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-175-116.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame FAB2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=b4b83d5a-fc78-4bf6-a798-f19a4b77957d&gdpr=0&gdpr_consent=&us_privacy=
date
Wed, 06 Sep 2023 12:39:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cm-notify
creativecdn.com/ Frame FAB2 		0
0
sd
us-u.openx.net/w/1.0/ Frame FAB2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=gF5UioFZA4qbW1CE01wf04VeB9ebU1fT113B5ZeS
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=gF5UioFZA4qbW1CE01wf04VeB9ebU1fT113B5ZeS
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=gF5UioFZA4qbW1CE01wf04VeB9ebU1fT113B5ZeS
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4E4C 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SJp0kA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usync.js
eus.rubiconproject.com/ Frame B422 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a81df12eec9252f6dbb1dc8159a85a8f21218f7cd7f022cd702a4951ff13bb1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 20:43:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29054
Connection
keep-alive
Content-Length
10124
Expires
Wed, 06 Sep 2023 20:44:07 GMT
480_650.mp4
cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/ 		364 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 06 Sep 2023 12:39:53 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
all
csm.eu.criteo.net/ Frame 7741 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=5mRPn3JMLcggwAl47JfhSs-ecPduRQ3ZovrDyRMv99EtJ-DOI7aiOZAHAzNLIaO3ffxg4DRyjY20rgobkphXZZxEUfMdTHY-kHW-Cr4TKn54CG6tKOAzPxn3aPXMoQ_55WK3uaKKbRra3VyDK3qTSKvTP5Ti4_sMsE0hfrWQqmQuLB6mfO3dIf0i4s1Yq-gE3F5b0en1p2Fz_-AnzrxtItuABw3cJFdJjByF77o_4-ja17VFautpLwVj3TA&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame AB21 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=yJB0iXJMLcggwAl4OrnK_ylaoWTRaDPSf6SLKpC-YJnQx185XmEYv54waZ1oLELfjDqKAaxY8X8dfZsR3ZXn_5Tjc5ZHK1h6xxxlfaKmaDxWeXqr61Sc5kn-oqBBZrEPeJpTlM8n4stemFjsG2j2J7XCkYRj8n0QUYV2SgIvzRYrwWmb4bJud4JbGuwH-zrFx783PvhQnDAx_deLfYAQ_pVMxTt0w7BF9pYWZAqvKNDHfwf-uP-wshNMp94&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:39:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 3FEF
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=edZFomzkC092HOLuGzOIWONrM-0lkxiX
0
0
usermatch.gif
beacon.krxd.net/ Frame DB09
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XHJmtggpWvq-5-RvLfT2fDEpxcs_VbDy
0
0
img
sync.mathtag.com/sync/ Frame BD28 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694003988273
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x5 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:53 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x5 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 06 Sep 2023 12:39:52 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame BD28 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694003988273
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BD28 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=FLpkXEIAXwtfnuKij_EyG4_Yrw91EIOHzUIqnHDgcko
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694003988273
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame BD28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694003988273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame BD28 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694003988273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame BD28 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694003988273
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame BD28 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694003988273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame BD28 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1694003988273
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.83.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-83-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
log
c21lg-d.media.net/ Frame 8230 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D9B2 		1 KB
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
13386
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Thu, 07 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1D15 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
270614
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 09:29:40 GMT
expires
Mon, 02 Sep 2024 09:29:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 4707 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
431180
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8026c7035bf1babe-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694003994092&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1548&pt=1395884210&tz=120&viewable=true&ddast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
8974c7de3825a8cd4f7a46cb779898056bf499a52259aeacd574995bb508a311

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
content-encoding
gzip
server
nginx
machineid
1461
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 4A07 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aec32e01c152f5e661a5f6b967b606edc9854024539ef97141a7be1201d634d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 7EDB 		0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHO15GHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSbAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0ut6iatMuP2S9TE0hrXe6bTvvuVdLkcAmPpJ5Ne3ZmbHXvuK7MPJRCABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=-XDIp-XVDbw&uach_m=[UACH]&cid=CAQSOwBpAlJWI5pOX3cVSflxo3efbd-Az-TXyll4FCq_GeoYBVn_wvt8C0c5zzcK7zXcaygSq2qkdC0FXTD4GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 06 Sep 2023 12:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 7EDB 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k5uAFobWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQF3P4ZEGVleHJT6rknBYAABIAAAoKQVFVQkR3RVBEdw&wp=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996792&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003990105&bpp=1260&bdt=2849&idt=1905&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=1&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=384994766&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3900575574&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077329%2C31077523%2C31077587&oid=2&pvsid=1732263194466471&tmod=1189024079&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e6cqfae6a27w&fsb=1&dtd=1931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
176089
server
Kestrel
content-length
0
cs
s.thebrighttag.com/ Frame DB09
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=mviAvYeC8vNlZfno5eQTepx5_17Zupwd
0
0
cs
s.thebrighttag.com/ Frame 3FEF
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vFisLo1cYCNqzWDs_u2DBXpXFmelim5O
0
0
ping_match.gif
pm.w55c.net/ Frame D9B2 		0
0
gp_match
um.simpli.fi/ Frame D9B2 		0
0
google
match.adsrvr.org/track/cmf/ Frame D9B2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOPHwBiCfczqH-LrqO9A4gA&google_cver=1&google_push=AXcoOmQVmPfXU8fsZX42WpId5TWs-uRKjME71kJ1TnrppmengWsdvTA3RY0rVbe8eeCcBiFVXS8BhcbAlPulGBwKgLXAa-I89xgt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D9B2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR3vl...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_push=AXcoOmR3vladox9rx9bDOFoBFm2F38L5T_OCHHsH9UDTUXpTnqzvICHrLsyAC3xaKWIm62AJ2u7C6PgJOarE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_push=AXcoOmR3vladox9rx9bDOFoBFm2F38L5T_OCHHsH9UDTUXpTnqzvICHrLsyAC3xaKWIm62AJ2u7C6PgJOarExNV5xv2_4Kj33VYg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-qRAM-ng1gTZB3if4x9cvpMUUqMPnF0mFC8f0NA&google_push=AXcoOmR3vladox9rx9bDOFoBFm2F38L5T_OCHHsH9UDTUXpTnqzvICHrLsyAC3xaKWIm62AJ2u7C6PgJOarExNV5xv2_4Kj33VYg
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
602374
content-length
0
expires
Wed, 06 Sep 2023 00:00:00 GMT
sync
sync.srv.stackadapt.com/ Frame D9B2 		0
0
ebda
match.360yield.com/match/ Frame D9B2 		0
0
pub
cs.chocolateplatform.com/ Frame D9B2 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame D9B2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPebIMRP_XJGenPw50zppqpHkR4Sms9f9bi4X6u2bK4Uq2VIPy5r8POJqqEOX35AR-rPJ6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693996791&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694003989742&bpp=1291&bdt=2467&idt=1956&shv=r20230831&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D40b835a4ab5e1202%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MaJgitKn0NEn-dFjuOmFprJPHkpFw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&correlator=7881238733515&frm=23&ife=1&pv=2&ga_vid=1361012700.1694003986&ga_sid=1694003992&ga_hid=77332031&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1315&biw=1600&bih=1200&isw=336&ish=280&ifk=2323461953&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31077329%2C42531706&oid=2&pvsid=361240757849435&tmod=630492856&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hlv9yfog0wr8&btvi=1&fsb=1&dtd=1969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 7A22 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=1577254494266146&bg=!DA-lD0DNAAYHwnCgJ8I7ADQBe5WfOBJ2S7bH1273_CHZOIU14id0VOC6HVVQ-CKBHeaCIU9k6Td-qjt5ITtYnfZ-mWAIAgAABJJSAAAACmgBBwoAHgSQM6YFRbDRqnNHomJDfFfFmVOkDQraUKOmt0FqPZkCwR4uYqJphadvWJcHPhXLGZCEjCke3wnyIdiWjP1DYuvxOgtzeutQuDG43mHiTRklHOognpRqDKs6wf36Bqj-Qyi3YmcjiA_d4Bvxju8_eRY78tR68U1zmmMiDSu83nLoTipHIM0R2oERrY2iqClcqkE5g1u6a6V5VDSTUKaUKUAXQzYIkOuysKIypRIzteG-rxnav0wYPVDHZJ8qLj4Ccip-8xYxJwsJejtfpLB-eM1IrvMioe3vdiZJY5qTz3S3nkkhCb5dTbQGiHzvrrYsASwml_eyMEkmUeO8-rwpZn80bAyZIFgE6jsOt_hUnoHlhCq7t6xM7inv4rYHCn2WphT82TbUfWmDXECkEKHCUChYiELjKLpSMfOInjfsAXNwvSPgvl6g3PNa9mI74bfnpGwDUUQK3VMX-FQkBc4AfHBm4-C68-wKZnMtWz2FedFDoQf1PgJL1BudoI0IspPBD6kz7gzZeQ-zbROReC9mCnCM9MCODKXq3yl62kOjTrk9n1VqilPDb2yXpGh10vPlHD6uQXH2LEiPMZt23uz650TqBtSVIkVSYHXE78ydAHM1kXL_nWl6GF0r8EEBoIh8RAgrA40RLKVAOi4KuzM-RWZtgkU1zjOg_fe-k4fzpCuNorLuMe4PShS38aRKL3Bhiczt_5RZQ9i6O9-oZmvd6z_8hgIGaGEak0vUA456UjJ09U3oKlWg36lovl5jTtSHv16Wx_DFGZqJEtvmUEMwqhXyAzSKMN1b-6RuHOC75pPDmUOw0TYRgxuqGch4sRiJ043zJt0gwYeDJ4i9tMcohCOBA50qWukWppnMwe9_0DDbiNP890ybPUlBowXZ7tfyr2-pMRiPecp8k-hkeiV3f0MH6qkNwYoblCHMC5kmJAKXcydxBOr_Iga1O9uUWvIHLEZpS5tc22rTpU_KP9zWkTmHTQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2524 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8d9f3813710bddb662bc528796e7d5b74ea431d7e0572e10a6ef2f545172b9fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11755
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 880F 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2095086108554121&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3976201203&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FzV249LaqCUO8QoCRR0DEsQ%3A1694007587%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=4ECB4B3B-A3D7-479D-9C15-1495990DF24E&a3p=EhkKCnB1YmNpZC5vcmcYlYiG1KYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKH-hdSmMUgAUgIIZBIZCgp1aWRhcGkuY29tGKH-hdSmMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lRVU16Y1hkSmNXcFNkM1Z3UW1GNGVXazRiMEV4VVQwOUluMD0Ywo6G1KYxSAASGwoMaWQ1LXN5bmMuY29tGJqLhtSmMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782090%2C44782991%2C44788275%2C44796352%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dt=1694003994427&cookie=ID%3D40b835a4ab5e1202-226f0e1e68de0038%3AT%3D1694003986%3ART%3D1694003992%3AS%3DALNI_MZ-GwsjwRWQsvczyWYhYr6eOYWCcw&gpic=UID%3D00000c6f573beb1a%3AT%3D1694003986%3ART%3D1694003986%3AS%3DALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw&scor=3336996025320674&ged=ve4_td9_tt2_pd9_la9000_er1172.240.1173.960_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame 1D15 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 16:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
157217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 16:59:37 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame C7A7 		0
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8026c7059f23babe-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 06 Sep 2023 12:39:54 GMT
server
cloudflare
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2524 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 12:39:54 GMT
/
onetag-sys.com/usync/ Frame 78FB 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
6800b03b7608460021e446cca3fd48b601c5797a7835907d0ca5f1b3da41672b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1168
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame D03A 		0
0
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 6C99 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7EDB 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulgHEn5pomcqaB2xmIRYL93zI38uIMSXyQRgSeKb170OSBt4trLySgDKIqBKWWFUKQGuzvpVuPANFRFYl3ot4xLh18LEjDCkaeMUc&sig=Cg0ArKJSzE3eP2b3MVnOEAE&id=lidar2&mcvt=1029&p=0,0,280,336&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694003992040&rpt=1482&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rmpssp
sync.1rx.io/usersync2/ Frame 6D3E 		0
0
all
csm.eu.criteo.net/ Frame 8C80 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=UpBYpXJMLcggwAl4jvYZt6SAi2r9DgU0QTHWt5BOVRkCnVF3V97U_qDECDYyo6VHprzI-iN2CFiBJFx_8gSJUWeidm_V5Cd_eLmsN3NqzHZ3sGDYsFWiqawqMjkOQ_vr8Za7fw8hNx7hw1y-W-Kj1nk5aTAao-h25vHxbtMvOa5rWt1TFGgjpMM2oZXdFh-UYOlZnXvDIMHV1zhf2kxqL6bLYe0xlSmZM0XbZ8bFf0YeG6a99TuwIUArFzHoMgJl2VnwSw&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:39:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0724 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2439
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 11:59:15 GMT
expires
Thu, 05 Sep 2024 11:59:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DD7C 		829 B
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
770d1afea464224b576faa62418dc477bee6c08b8d6f6eb107bd24aa973bd9a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fjoqCLJpsTLVoGQDMDmAvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-fjoqCLJpsTLVoGQDMDmAvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:54 GMT
expires
Wed, 06 Sep 2023 12:39:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
csi
csi.gstatic.com/ Frame 880F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm7q8n9d&c=7881238733515&slotId=3940619366757.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.69.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iq-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame 78FB 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x10 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 06 Sep 2023 12:39:54 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x10 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Wed, 06 Sep 2023 12:39:53 GMT
generic
match.adsrvr.org/track/cmf/ Frame 78FB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 78FB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 78FB 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=d-WgW9fGblhYx2pcKBGTFOhrwI-eLtWWocuCygAqp-Y
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 78FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame 78FB 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 78FB 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
d-WgW9fGblhYx2pcKBGTFOhrwI-eLtWWocuCygAqp-Y&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 78FB 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/d-WgW9fGblhYx2pcKBGTFOhrwI-eLtWWocuCygAqp-Y&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
8026c706e8f3babe-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
match
ads.betweendigital.com/ Frame 7312 		0
0
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
smwt256.gif
us.ck-ie.com/ Frame 7E4A 		0
0
4126843277910630446
csync.smilewanted.com/set_partner_userid_get/adform/ Frame C4C1
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4126843277910630446
0
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/4126843277910630446
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8026c7082ad8babe-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 06 Sep 2023 12:39:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 06 Sep 2023 12:39:54 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/4126843277910630446
server
nginx
user-matching
ads.stickyadstv.com/ Frame 0FFE 		0
0
v1
match.sharethrough.com/universal/ Frame 470F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.15.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-15-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Wed, 06 Sep 2023 12:39:54 GMT
smw888.gif
us.ck-ie.com/ Frame 6DB3 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DD7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230831&jk=361240757849435&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 509F 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a22b9a2b7ac58e555d8dd55a48246056db9d178c65b63296df8ae8d7c4cad193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11553
x-xss-protection
0
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame 0724 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 16:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
157218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 16:59:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2D03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=1740722667376145&bg=!ZmWlZSrNAAYHwnCgJ8I7ADQBe5WfOM_HPItlprM5BTmbVIFYFSo5c53OJpTFQ6_Mgp__-Jt_zj8T-Kn1PugWCO8d1TJ5AgAACHxSAAAAamgBB5kCyp8SVYl9TfId2dS5wos6iEmB45KeTm3rZrBctIEvvEDzGjGWAWPNNQJfvSinU_fWD55_8B9Hi0nRdbDMyACRdtyCYCvU4tCCGpdajrUgNu2ETSYbEhHsBzM-WWCzji9m35KuZ3X7sVtmD92Z0T08ouHYLsPKrE7QGX5VDOOSl1gu-T5SrSayenUph2oNSou4zESqyw9U9ilhnWm7G1ehfQfDNcb-PHiR4_9iLOjkqcHjZAeThMkTZVfMn6eRT0CDV2ZYXdSaR9_Msof0pz_pXmIa1RM78_vm1f1RXZboLk9tIVtuYwOIP1EKffvTkvy3edjpfkTU8XEWNNnq55NY4PPoWjyMCRZdM_KQz83omz1QbI247M1yhU35EB8RbZVtqDBSlymsJ3RVQH81N27JTuDoPASeWQnTCJNsVuTR4E5v_ueENPkKgaRujH9dQ8aNAAvLt-nbuTk2u3stpAnXLcgZnhnU9T9a5oX60sqjuk6_eVx2yJBMZfJSezfFadv4fW2_Vz5XG0FH5slr0X5Kc3tx1R-6-KVF6cE_xazIxpi0x2-y3WXvCRx4x32Tek-t1l3ZIybUwkrLBXdzOF5iVMWKcokWg48G6B_Wuz_nCThAyIWUINn3exvEOZ4GJ1opL60D_X7w3kCzTk-Fs1eN6W49ZkOSNxQ_s10nwwh1mVp8zpPcfbgnZ-sJnbe0ao8ykDv0xepmqMEmKD8Vdgrsc2jbAJvXkmAlFBRcTb0nFwJjroZpD8SJ6WETHytkOViWjR7N2QLeJpuzINuG9gO1xmmoyJL3wgW4kfyiC-8vH5oKdsRBnJCBphwpbiRVtDIftLlQfNXYCMZegmz7chq-4dRlpthOJiITvWQQSLFNYNgrs41RSqxdcaUrIw7KheQWiI6EURKgUmsyBZe49Zp1MbGKIfkxVmURrZ2sDDaBRYTl4xQFcIf1_P4vCw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/babychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a58556405590179a3c95d67fb32e503117b50aa99ee9b02ca08717f518deb05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11718
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=baby%E5%94%B1%E3%80%8A%E7%95%AB%E7%95%AB%E7%9A%84baby%E3%80%8B%20%E7%A9%BF%E6%8A%B9%E8%83%B8%E7%B4%97%E8%A3%99%E4%BA%BA%E7%BE%8E%E6%AD%8C%E7%94%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-NTz6VoVpGmsq7B0eIINYiw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=15444&dns=14&tcp=4796&rrt=0&srt=719&pdt=1&clt=5565&dit=5565&a=9431&z=0.3491784342585962&gtm=45De1110&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 19:30:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61786
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=9431&cid=amp-NTz6VoVpGmsq7B0eIINYiw&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dr=&dt=baby%E5%94%B1%E3%80%8A%E7%95%AB%E7%95%AB%E7%9A%84baby%E3%80%8B%20%E7%A9%BF%E6%8A%B9%E8%83%B8%E7%B4%97%E8%A3%99%E4%BA%BA%E7%BE%8E%E6%AD%8C%E7%94%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1694003991&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=15444&epn.domain_lookup_time=14&epn.tcp_connect_time=4796&epn.redirect_time=0&epn.server_response_time=719&epn.page_download_time=1&epn.content_download_time=5565&epn.dom_interactive_time=5565
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 77E7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:54 GMT
server
Kestrel
server-processing-duration-in-ticks
668688
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 509F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 12:39:55 GMT
480_650.mp4
cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/zV249LaqCUO8QoCRR0DEsQ:1694007587/1327/video/1811/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=622592-

Response headers

Date
Wed, 06 Sep 2023 12:39:55 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 622592-16900083/16900084
Connection
keep-alive
Content-Length
16277492
json
gum.criteo.com/sid/ Frame 77E7 		433 B
554 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=AA8p_F9HU1o0dU1VNlRPdHNWRGdKNDc0VE1LWGtqZDJGZzd6U0txU0ZqV0s0SGY0aUtYQXpaQkVMJTJCbUVDSThUY2VhVEhHZlZnSmtrVzQ0Yk1QdnM4YUR0ejNvcHdUc1k0c1RDbGttbjFwejNBdEJIVnZLQWNRY2E3TmFSN2pKZVN3MlhwNGhWN2RQcUs0U1oyeVpyc2djRjRVQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f35fa68f6874456682fd7b7157eced947e3e6c27852f2e244b71bc41ac88e533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
942756
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D15 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmEf-GHP4ZOjPNMvJgAeEkLxYAAAAADgB4AQC&bg=!_P-l_7DNAAYHwnCgJ8I7ADQBe5WfOJ4GjWoSRoQxUOG_It-AisC-IiCDFTFKbK6BqyxrdR_6DiGx-LTNwqWg5K8a6kwLAgAAAkZSAAAADGgBBwoAPEJXOme02a34oC7gd1I-JH8EU-9Os4PrTzM0TgQRiY2xBaOkOUKOHHuv9odzVlz-gnxnNRJ-CClUcFo_R5kDA5Aypda5ZRga_OjYRWdhOn5x6N3Bq1szqRpH979fWlxH_EaJSvNzoIIAMvjf2dyHYH7zaYINiPSuZyqPnkE4wzu3UXuI3u_dmkj_xtS9JEEY3mTZ42AXDcEX_lAD-p-M9fQU9LDMnLDp_CzgM5Rk_lidSG4srs0R6QUC5rA3R02BpEgqyE2uXlH9j8yX2AQGmnBDS9uk9H9kylysRbMFiRSUqdcL01VFWEI9TmuIAGhKbOclq6xNyIyQR09d5Vm9BETUnshZtal4X0hKVSNbSVuH8SUVUmv0BtkfzyEoPFYkllepfausCCi2Xcff_CJp-kqvcN4dtxzEIKltVaQVvywbM0l3_Yz9H4VvP7Z0jS0pn0gEegx6Qw86_QJ0zAkD_mQWy3aTpezcKay5Nqctopt9671RcYzRGPo7LpcFvx-2UQIw9Kw7838NY5Fl1Di1ixvMWmbugpNW8cd1awZXt-ahFEx_VJGzsPmBV299D5ZiBu_3ECkqTzfGD8frIlLtZLeHxZnexqwTky4rswuVA3DEWCRVu50salWPlAXIE3-Nchp8b9NrwQqfpWPdCDVqNQSD-CfOBEWdyHc1MkyikbDAC5pDTkp_vkgxQPGWTB4b7tYTeYKmLo6y9Lb9DwPImRxYLijeHaPbLgggVV7WOEygXHb3nhgBWtLTInoWPv82eAkLtXI-wVMsv2k8jc9c-wxwZdQeCMFoNz3RBzf2yGf0JLiuvWVXl-epX9ysM8B8HUKYK2C6hfVReHIwZajyGcuZn8sqiIbPikejD4gvsjZVKYEuf21I2mRhBUQc04RKpFMbJZnBpIbN9Q6Z_0j3McjSElDwTZiCf0EcIVGiNEIikrQ2sW0NXKOOeCdB74RJ-M2u9tOrOekEOEHtmtC1_xRLkI0CpHOJYYjtI-KKLwgv1yg8_WeYWp0cvK___-NZJCrisn3Uq6czw7UcdTVMzGTFti60i7rWL92lG9GSMlHyiiWbtMpxFn1kCYPdIeN21ihOK7SVBpwO3a8GBYOYU-K-tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 12:39:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D2CF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 11:59:15 GMT
expires
Thu, 05 Sep 2024 11:59:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0887 		829 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
d50e6c4a13e9bd1e1e3b5ee410aa072b3f3faa71495a122be03a1762f178c70f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H41cBfu6pvLQd2pDT2IJ-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-H41cBfu6pvLQd2pDT2IJ-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:55 GMT
expires
Wed, 06 Sep 2023 12:39:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi2=-2&tvi48=10143&tvi50=10367&route=IL%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
71
date
Wed, 06 Sep 2023 12:39:55 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
69176
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220034-FRA
pragma
no-cache
server
nginx
x-timer
S1694003995.354092,VS0,VE71
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
csi
csi.gstatic.com/ Frame 880F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lm7q8nqz&c=7881238733515&slotId=3940619366757.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782090%2C44782991%2C44788275%2C44796352%2C44797559%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.69.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iq-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A07 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3390324457247&version=m202307240101&ct=77&x=1&cor=3554362989667833000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 22EE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 11:59:15 GMT
expires
Thu, 05 Sep 2024 11:59:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 416E 		829 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
6d5fc0b875581145811768362acc8e4f8da3c8ead0dd401f8173e7521de43f7a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1ydFlcBn8cq3Qn4_21h48Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-1ydFlcBn8cq3Qn4_21h48Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Sep 2023 12:39:55 GMT
expires
Wed, 06 Sep 2023 12:39:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 0887 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230831&jk=1732263194466471&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame D2CF 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 16:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
157218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 16:59:37 GMT
generate_204
tpc.googlesyndication.com/ Frame 0724 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Wa2MTQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 416E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=1523095062415793&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame 22EE 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 16:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
157219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 16:59:37 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=1099694063&cid=1361012700.1694003986&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1694003991&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fbabychang-hua-hua-de-baby-chuan-mo-xiong-sha-qun-ren-mei-ge-tian.html&dt=baby%E5%94%B1%E3%80%8A%E7%95%AB%E7%95%AB%E7%9A%84baby%E3%80%8B%20%E7%A9%BF%E6%8A%B9%E8%83%B8%E7%B4%97%E8%A3%99%E4%BA%BA%E7%BE%8E%E6%AD%8C%E7%94%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2524 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230831&jk=361240757849435&bg=!wMOlw4zNAAYHwnCgJ8I7ADQBe5WfOLTzvNniTDNKLjY2n9bLf1EcLb2CPKfJAZ9yUzt_FUs8hRRxkpKvUh_AO_0PnG0sAgAAAlJSAAAACWgBB5kCwBhdzT47bMTLxZIohroS2_L0EznKt0dNupNlCAPyZ8xS5egnQ8fRlRzt1Otp6Hc5g2fTkwQXcd9PZVV30ugQaEq6KrrJ6Z6HtNQvs_mKFJGnO4bg3CZd2MAitMNklMVZARq0qa4zcRbjGxqDm0UA5pFX-L-vff3mnYxOJ1eImqOTrpdWGeHHj8cWI0Qmt4uHdAghXYu6moGk0YRtX2edIymu9SJ3of3Xf7YA82v6uZLK7b53krBoTnkgeiqVjomuWLwUuAHNJPg6V8gZVXVK6UGa0MiV800i5SCoyUdI8Z2cKJXBOnfIgd-ZMc2aLSC3hU3i0ZoBbLY3fEHnr-34C5SwkdKX9bv1xtlhfFnIyy7IiS6hEGtOmp6ODQHyePL01Nah893vpwlEedKIEAFEOMxGTkQ5DgO0HnODcpBMc0pc03jZomfXCy3Ta2Ajj87y4fJpfaLhKkAyjqWcqDjRrrQT_kNUuBztU7xIPXeM0QSIblcaPdKJ0YGsblnkYHHpweHq9pmHdN-J4Vv49TNKb2D1bQRtrJJqWFcHZrvGEwYV6PHIgfmD31dIx0Ieis9F1nEHFw4dc91Rl7IQ_ZapNpkLyLPbUSiJdYAttESbKacdTfXGQzZTFaQMsPOQkAx2hWzaCb0jL543CUx-fdQTLYQixgk49U94eBaoxhUC7ii-T8p6TRdjq82Q-cC9Ks10ld2ySgmNbFPCp6wrc6qU8GiaCoo-TDv8VWoQAJPd5XpIPzIfaBhpsXpUksaiuIIBG5oaHPdIBxDFKsOB8C2AuACjiFWRYZzV9O-vIsVbCfUBlhJLB1NqlCMLEw82A5GK8nN4woKmHB2HVF-cvfQjK_3qsu-PYm-LmZWQFmdyoCfOhQLVE7iIwdv3qgQ7BNT2jwc2BNMTg2YSNkkSVKeWQQNeO0sDWrV0YiTcNJVcWDGi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D2CF 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tALT6A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 22EE 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?rThBIg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=1523095062415793&bg=!KSqlKmXNAAYHwnCgJ8I7ADQBe5WfOADfqCXN0N0-tLN7DkhVPulW3N1c58U-eCcZ4TwyPj5IDalB5eztpi4G9Ff9FV7SAgAAARNSAAAABWgBBwoATfCihTM_fqOR51BPU-gmxJKXALXL738Pm_eBXzOEu6stTfhsdRZvE9Cv-dFIYtI6utXni3faqPobnUwOp0x6xBa1FxT0-9b-nAA0LAvXmQKqfnjOItdkU_b6Wac7d3jsGtPNEznll8MsRvNlFXsRrtgfjwT1NeiCV4gk-M5TpVmt7lVl7hVWxtzx-4SwdW5sOmACn47xrQ9_-AgMoqMxZgCfIUczf876R5I8IfxLiRQzzjMovSDJvdBFshlPPIp3aooPxkD0YYszEPm1Bu3fTuTCWEMWYOL1IovgUfB9T4R4jCJkOePaUIjXKxfLuYsmCbPV_B5eWKkYH2qS7g1S4tOQj5XvYAjXYKyYYGD5DtORrJBwJc5owRCXf0bjjvGeZTh6WItRqUYuZ3JXLhgtbeNi6XWWi-cY9c8nruJOgDLGZiGu8g7tzVwITsZ5_xCgTx2uZG8YISZEfzfU6yBH_Od-zrgCGHJyl27QBTX5-iuc6eIZ8ZcfmoDl5SK5V3MPPrVNUzbXeqY3FaFyQ57cxw5tZjjVxbz9adqk5Dzi5CPuvVDxJN7OFzer8i-3G74mHzLWn5UEe93Yn3EaJGKt3cHs6uarcMXpd4FD_GLmg9Ona_Hp06i4CmXYtRh1FEdQjRMyf6HpJST13NavasJbm1kTfMsMAQJile0eCQPw2R-g9jAzJVvwKwY4l9iGAGbhNWeZMxxF2PLTdjrfRXjFwQhL5aMuXqx8ZAPhxW_Foe0ntPJuNRHXmCzCe4INXisZA8v0DwdZj5ySCZDiNjDf4G1mBKOxhBWaISKuYHBxoOOeoCH5Lnv6QGtJwGPbSS_VWrLNqweDJegBj0u6UTLEv2i4e-uopvG6lK1byFPedb8yWLBCOd4ABQ9WIE25t7WHaqjUz9-oTQSlT1WWUBGftcw7zXQjfQBTzN0qiQcANqG5-7HLbkxa04PXWNwOMJK0JMapS40Yiz-pN-UfiPJF-0sgr1_-gpxIThX89vKC3KSeLV4S0q5t7CVu9Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 509F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230831&jk=1732263194466471&bg=!FhWlFVrNAAYHwnCgJ8I7ADQBe5WfOIZrR_TLPTpCPiOSKdAJvxNczU06jVYHbNrFAunnA3_dT1f8pe7Q2a6qMRuKkeUQAgAAAVFSAAAACmgBBwoAd-GLW0IkTRfq57wcsHtxXA5q83NwT7ML_B00knqGioJtbm1FyvIGX2C3rOj2BdBB8CxmO3JCgybrSjEDURY9TSRzWb4v_h7b4Uud0lIIzxHVMSoN--y98r8JpJU_OmT1La3HGU-OVvAO23SlnaefTQ31GeplBFs3mQLBreevckJiLW0R_WoXBiQObd5FcDAugKWk81uF9BAIt1t1FfQHnlUkQlrZK00OF7IYsSejPrvh_EYhymSjLLm0o4F93i_NMEsRRzpaMs65ETfDhiI01v1wWJ92ccn-0iowGS8KPrpFUhkLx1mVi176Gp2wKLHIzmJvjaYRkt-VRJgq5-gW0ZCdVFcv-236ESC63SYT_fqYjBmccLRlH9SVJdqzNUbPPkcd_np5mLQSBZP-C_xhHTgIQXbPZpJxw23DqilNf8LKN9Xb13TnAKGZ_mb0huamgnktWMEMcO03KUW5kGTCa5t3jLGrE114_MLkGqLIBEhPcR4Oup6BBSh36y11XohGyYwqAGhyNCt8Lc6hh7sjEc-4us2wLCOOpiNA-NfkZUyNS9TX6Y186bFLIcQyZnjch6YMnwOoIaH2cSQ4XnEUA0jRGho4wEAA8mOvPiPtalQUI0yYdN1U56CSB11kqS8pZ5pALh-ZnkNs6ewojjKtiBUU2hIjbZDSi3wYjqy0dtVbDqYc-tZPxYBf1gTf1hxAAK80yEURlhwkRBgx4k6XIu2nx0kvB1HUX4Ba6o6Eo1UtWM2qPdT621mf636j8iPFZU8_lLsbAkYknB5I9Ihr5XaVAQ2--nfVh4icYbpODU56d29V5J_L8kTSErF7shIcvMLmiq_QNu96ism0xZEZw-4rKCq0oQhYP2iizEGI9F17ggWspSdhIpA-wu6YKBudSc-kW7Nb_eoHTUBKe4_ovqIu68xeQBr_PzpX8IqhoP95V3KtCXYv33OeVDgaan6-QViDwVZfV2bxFD3rDNNtjtc8rMtIBed7Tii-dBv3sC4PgOkmtibxRVPX6XmjHhpXHrrGUxsL5rmiNkhxEo2UfccSed7z1NeVQ3oLC_-LCBkXS05T5u75dI__-d4Z79MIj_7F_1BhQuTffdjE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694003997236&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1548&pt=1395884210&tz=120&viewable=true&ddast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0da3d00abc568b8cc9cb9fcf0d8dabdc01c36d6a15c277b1773ee48bead8053e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:39:57 GMT
content-encoding
gzip
server
nginx
machineid
1438
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
dqidmhJ559u5hZOhbQdxHzjY%2FYYVUekzhF164Dc7GzuB3iRR1%2FvVNte%2FUBWG%2B5SV1USkhEfk3yt5CNQqMIaxwAysP6nJhDhko34bsXkGB0cCFxTUbuqYGe9agotMrNwGGLIwz4e8S266Xh4f2A4az9cHe1T654UppkmKg2iKsiVYrx%2Bth0Eg32X7y5u...
ad.vidverto.io/delivery/v2/content/tracking/progress/1811/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1811/dqidmhJ559u5hZOhbQdxHzjY%2FYYVUekzhF164Dc7GzuB3iRR1%2FvVNte%2FUBWG%2B5SV1USkhEfk3yt5CNQqMIaxwAysP6nJhDhko34bsXkGB0cCFxTUbuqYGe9agotMrNwGGLIwz4e8S266Xh4f2A4az9cHe1T654UppkmKg2iKsiVYrx%2Bth0Eg32X7y5uZOc%2FDtgJuygVtehIYdGTNijQZmw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 12:39:57 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694004000245&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1548&pt=1395884210&tz=120&viewable=true&ddast=V8XHECLAYEOMqD3m8P0hAIcJQHvd8epCkAAABgYID-AElulsOZcblxy2am1Vq0sTnXwslw5BYZJjOXZ-EYjHzLISDJzXI4My43btnMtFqLNjbnWjgZjtwiw2Tm8iwcg5FvOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZaaDodPte9Xvf73SU-z1zj9yv8EofF-TE67D630PVwC10Pt8jlljgszrfG6HrY3Wq_W_j0231uzdHhVrzubsnL7la7nG6dyy16Oux2oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjkgmOXlNPktN38AAAAAAAEAAABAAgAB_bAEQIzx3on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY0irZHMFau6uAZGCzCKMAAAAAHChYdQemaQTVCyq_P__91sBuAIAEKCoFuj3nkV3UOItDAAAgMCYBXpY_H6zw67xu13m_________9_M_5l_NEI-KPZpgOhR7NX8AgIArPkFBABgo24AAN4IwAk6AbA6ATE7AAAAAHf-____9YDAyrbY7IbDmctiW25Wo43DOBjsNhPjajcYjBaW7VGfHy3FGyTb7LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDq5VpZLI41wrfcOEWLSe-tXK5XKxlu4lnZFw5V77hci16fUwXm2NmXE62SDAAbC-Sp0U6UcxMFs9yYxlNDMPJyjnaTCbDwWS03GyGK8PEM5mIJZqTRTqRXfaFlW2x2Q2HM5fFttysRhuHcTDYbSbG1W4wGC0s-9JqZRqZLM61wjdcuEXLiW-tXC4Xa9lu4hkZV86Vb7hci14f08XmmBmXk31jthwNBpvlcLZvzJajwWCzHM72HTrDd_U5G5VlleSjUo1Dk6ft5jQoXAaL96U-nYcFY8E67RydJuX1WdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV_isDg_Rofd5xa6Hm6h6-EWudwSh8X51hhdD7tb7XcLn367z605OtyK190tedndapfTrXO5RU-H3S40vc0WsURwukgnopfxdFH_UUNO5orBaC4ZzRXDxSoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94EhExx_____-MAAADIyKEHAABAvw8oCwAAAAAAgF9BDDaz3f4BqBBrtVrdbqzVagU0kNFqOBhO4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0da3d00abc568b8cc9cb9fcf0d8dabdc01c36d6a15c277b1773ee48bead8053e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Sep 2023 12:40:00 GMT
content-encoding
gzip
server
nginx
machineid
1455
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
all
csm.eu.criteo.net/ Frame 7741 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=5mRPn3JMLcggwAl47JfhSs-ecPduRQ3ZovrDyRMv99EtJ-DOI7aiOZAHAzNLIaO3ffxg4DRyjY20rgobkphXZZxEUfMdTHY-kHW-Cr4TKn54CG6tKOAzPxn3aPXMoQ_55WK3uaKKbRra3VyDK3qTSKvTP5Ti4_sMsE0hfrWQqmQuLB6mfO3dIf0i4s1Yq-gE3F5b0en1p2Fz_-AnzrxtItuABw3cJFdJjByF77o_4-ja17VFautpLwVj3TA&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfJoVYIxGzUETjZjpS9z9nEyOZe6NKFRABhz8Trqks4C1AcjmPzjrvNBNvGpErvzvbujUQPJnkBDjF-mRrDkpYQ76iM_vK6sRYgQYAeSyF2h6vZY1kfxrVfoxM5kOdJeLikWQuXYKhRdx0HYMnw5VjLbhViVh1XwnvZYK6w60ORdqjLYMSQmZcWmNEIo1jvvY8PRipJSXpwMgtOsBTT-nbq6v-ah2MAe8avKg_IBno9wljVQmThrJxBXSLl44RFAAdoupV-tUkYTFukPeB_uU_yr8V4yL-6AXQaC_a_gz9gl5Vx60KZ7wjoGRA6JHPCzRr_SmbsfrchgApA1-y4q5Rvi0i62oRyeZ9CLwS7kV9ksZy0jFMSaIQujlhZXqPcJjqfco-Sjsa-jcOW3G8QZ1R_0y5VI2PVstzS36-ldiCFQ2E3E5KzMeEjNmmcwkU9nC1xhZnabJiuS5OGFqB1r0sbDBYYS_G0d5l3lsxfF5U0WkhoGkSi8qRctBw2g9rrOq5op3k-38XFB2_-6A1gFqPGMG4lj7rkipkBdLJgFDE177zaJumfm98jzvsabydmSqQyW_uPEQ0jK8SGCa4iMA9KRqsxcEvKB2MaJAUnYisSSM-7CRkj4ZW7LfM2AWeD13iar46yTiDpUBECjMSJtGcFlzkP6GNdBvGxNotFOVatLPiMD85y3ZxBIXg59c3jtmTgFNLgBh_BgRquuJSeYtUjJMX1IpXWbj2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:40:00 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame AB21 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=yJB0iXJMLcggwAl4OrnK_ylaoWTRaDPSf6SLKpC-YJnQx185XmEYv54waZ1oLELfjDqKAaxY8X8dfZsR3ZXn_5Tjc5ZHK1h6xxxlfaKmaDxWeXqr61Sc5kn-oqBBZrEPeJpTlM8n4stemFjsG2j2J7XCkYRj8n0QUYV2SgIvzRYrwWmb4bJud4JbGuwH-zrFx783PvhQnDAx_deLfYAQ_pVMxTt0w7BF9pYWZAqvKNDHfwf-uP-wshNMp94&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CWIUt62xSq1VWignxQEiKRlT3CsFlCdsvjBpcjqoJoNI%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy6blEhoxO5kfYWbAZd_krWHVvCqTNIaVswBRjNElHh_JV-d9azhOw4--9kq8ZX9qj4mQaO8sr7Bi4FmjNfUn5o9SlGdqR_S4Vp9iYvLts5brJMWZtS8IcolqA952jbSeveDjkz_LRrU_vLrQNDHIvPtnrFVK0zgb432_8SsMepvte66uJomvMieCG7h9EUeQbLd1shl0r1OoHkmDvxdtdCKxC_entvr25QGIHWQEsZUsBX7dikW0ZaOkEzTfis1GOSwzBFh-AH-e9G9SwF_aC2yfEqZfaVoxjZ2cQTa5RafcnM_BL5KFRHwy7GgQ-lvBFbT6nWf_SJ-tBCQl6OM9cttLkJB6j57xMQQDM2sihtRDuOO41EZBiIwaOt1d8sdTAghIduzB-17-Frw8X0LWJQASMRHd0q1YjVFnsdN9ztuIYXZsuskn4kmn2IgHrCvW9NJqtn9y7MPVP4NaPXCz7S20E1sSe9AcqPfuXa8Fahr4OCYtPb7eCaampwkhYRw3Qr4Oa3u0pu_dKrBLxlRTCltd8C5x7xQbNpVUmEKfvpDe4QGPsMrobKpLp3w07ldGWT0yWTYjWN-fRECn16fJx88L0NfBe34kpJ1739G22CKU0sP2tu7AXjPIB3xr1rU4lo3gifoiafotDx78EoUphpfRbn6KHgIzfXzLcQBVFPxWVuRoeHBGzZsZzNJ2OQhJ7sU7XbuP3ZppoOB4jDVU-WOB6eQTo3mpZ9CvF0lMEmwxCyRn582rpTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:39:59 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 8C80 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=UpBYpXJMLcggwAl4jvYZt6SAi2r9DgU0QTHWt5BOVRkCnVF3V97U_qDECDYyo6VHprzI-iN2CFiBJFx_8gSJUWeidm_V5Cd_eLmsN3NqzHZ3sGDYsFWiqawqMjkOQ_vr8Za7fw8hNx7hw1y-W-Kj1nk5aTAao-h25vHxbtMvOa5rWt1TFGgjpMM2oZXdFh-UYOlZnXvDIMHV1zhf2kxqL6bLYe0xlSmZM0XbZ8bFf0YeG6a99TuwIUArFzHoMgJl2VnwSw&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPhzGAAC5rgD58ilAAz6dKXyiywVH55t6xVxJg&u=%7CdD2IcEC%2Fp7sZiiRk2K0Yf7eQ8BDAcdjdtQHpZb22WRo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnoku6MLo-hjXGcz9IB3oScpWrr3YoKh5-BcYlKeF_n_Z3lZ62sJsxRIYAHZT0EJDC0XzaQxPSIpFx2cT6o2jrzFaEr5OTkAjEnmDS_DBecqfOsFgDWVv9So1Nk97IjAVNmOmoPFWQPdPdHO7RGUpte9dZ54EuN2suRx8f-_ku3kUg2z47BUk5JtRXBN_wxH4y-9eAVg7r8vJqwBx110qDWyLEcYYEwa3GVLJNQl73EL-sUDz5_Sa_D2b5HXqaLw1Ykjqlg46d92CNyQo0gY1OdG26-Jfg4QJSu76Xyz6RuWGfRyg3JAsUeNZ5KvlR6mVfp2uehNEenf1phlRI4z7Y0XMOfTkEMCFn-M6kee9X9Yl241E-iCZEp4shsE05-gYTb2SgHv_s_4TW_tdXfer4ZI6iKHb9riOTbOYwzxBTT1zWy7bXxhdWvXrUG3ISEKIUY_LlDookvxVSM3T73Qe0bvMN4XhCxxISQpiPf1mtPV3ztVeapWwJ2JBfQSDnwB6myun3vuIGHdUFjKM4RrkvuYC73WHI4XVYoA5leu-u4sj7NlBF_Y93I8zBEpMk9dJZ0zUwG8akkKW8FDB8SNoxN14jyZn8-7zQDjXV9E97ZbZ1D13e1JSl6UrYby9TVBp-qjyhYde_xk1kQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLkMWGHP4ZLjNC6WRn88P9PSzyA_JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAnzVXKqX_7E-qAMByAMCqgSeAk_QNYvy9VxctNOJxfICZ8HV1y0zLhl-PwwsvR93g24cwKvEfqreM6grOWlA8mqDltb6WylayEw3YuRaLqZpNXH4enoHX2Sq1E-a5u5Bz66-9cPLScPcSs7-7WMhVxdOxsyd4OBWhim65yCXUo7B8xTIpMUNX-lC1na4LecSNIG8ZXUYirmwP-hpFYi8-xKaZlBhQSm5Cx5cMnb8DOuO_kB8AfA9vEPYNFueXlphwlXQp3XwepEEgRGxvwwRQJGpxbHneaawS4qDrDnriKxY-fxlNQ2ffuH5eg0nLuRbJGSGdc0o5GcxxSorGYAFKQxIrcWkS0utqCSMoGR518d7Tg50q5t1RvKBfg8WLHtrk1tje2skA1f2rhmLNq8wp2WABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36Lk6LpGbbSUdu230jWqF74zjEQg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Sep 2023 12:40:00 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/668ee8abe00a920c716933b4d04240cc.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/59b0b8c7986b2b70b58afcad42fd09a9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3199debbca334930f0c74f0981026dfb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/9f5873974a6d354e53f583716a610863.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a0382271e51ee29953a9577748e17545.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/49f379a7baf7effc155e7c2ee810f1e8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b83c5a5eb509dd5e192c39a44104172c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202203/d81c35535d6bf6149f8f0a9f95474ec2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3ecfcc7cd59e8429cdfb9c412990d202.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f309931811ff56c53530cf519ca4af5b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202103/47014fdc1be63e5c12af6600098983ec.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b015a942042d337fba05504ebaadb516.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/dcdfa7a103c7c1f43dc604095e80cfd1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/837d05252d29c8e4cc812ce2a72ea083.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/9616e31d00a0ba292ac26718c10bfc15.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7b284ebb883632348aef4684a10110b0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2204c568ccb145be676c1f17946244ae.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/acbbe2c159f94a2e723689aeb4f15e19.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5f6a507cf237788635f2d61abdaf17e2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e2e2c22d3aa3f9c3d499299fd859fbda.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a0cc05e587eb180f086c78f988f6d74f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9e90d3da3e631a5f29cfefd1a4542c5a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/558d435f6008ca44ce9a95e8ed792d95.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/92f053820039fe57677ee74f6cc43561.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f4ce3968bbdd107331ef66ab1c950572.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/db30bc4ade5fd9599049e563e4e5282a.jpg?w=150&h=100&q=100
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UKDI7Hg1gTZB3if4x9cvpMUUqMMrNrfHqaMV9w
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=b56B-mdXDumTf-c0kmHp018efPg1I0Vm
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-LfRcIXg1gTZB3if4x9cvpMUUqMMObyfB_ZCnvQ
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-Q3WxQHg1gTZB3if4x9cvpMUUqMPzR7xcaOBb-w
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Rbndlng1gTZB3if4x9cvpMUUqMPgWZiXcK38MQ
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-L1cHUHg1gTZB3if4x9cvpMUUqMMnj8Hp6h8bcA&initiator=partner
Domain
criteo-partners.tremorhub.com
URL
https://criteo-partners.tremorhub.com/sync?UICR=k-h1eU6ng1gTZB3if4x9cvpMUUqMMEWMDYkJZmwA
Domain
ad.yieldlab.net
URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-ZYTG3ng1gTZB3if4x9cvpMUUqMN9Y8ezpaSdlA
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-oRIxg3g1gTZB3if4x9cvpMUUqMMAvt1-z8_7wg&pn_id=criteo&ext=1
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UKDI7Hg1gTZB3if4x9cvpMUUqMMrNrfHqaMV9w
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=R6uTpm3aQc8lcToPXTCUYd38onwceQ-n
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-LfRcIXg1gTZB3if4x9cvpMUUqMMObyfB_ZCnvQ
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-Q3WxQHg1gTZB3if4x9cvpMUUqMPzR7xcaOBb-w
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Rbndlng1gTZB3if4x9cvpMUUqMPgWZiXcK38MQ
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-L1cHUHg1gTZB3if4x9cvpMUUqMMnj8Hp6h8bcA&initiator=partner
Domain
criteo-partners.tremorhub.com
URL
https://criteo-partners.tremorhub.com/sync?UICR=k-h1eU6ng1gTZB3if4x9cvpMUUqMMEWMDYkJZmwA
Domain
ad.yieldlab.net
URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-ZYTG3ng1gTZB3if4x9cvpMUUqMN9Y8ezpaSdlA
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-oRIxg3g1gTZB3if4x9cvpMUUqMMAvt1-z8_7wg&pn_id=criteo&ext=1
Domain
e1.emxdgt.com
URL
https://e1.emxdgt.com/put?d=d53&uid=k-EJsDVHg1gTZB3if4x9cvpMUUqMPrR22gVOaR7Q
Domain
ad.vidverto.io
URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Domain
ad.vidverto.io
URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Domain
ad.vidverto.io
URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Domain
ad.vidverto.io
URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Domain
ad.vidverto.io
URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEIlx9ykYWp2McggWa_iuMQ&google_cver=1&google_push=AXcoOmTrfzsC7JSlp-RBeueMXfzK4D1WK2o8TIB2KDyRBNVTBSnHDvPeBJYStQtQl4cu1c9do8EbkIiR63jRMGkyvm1aWPvj0jQkWYiM_nD-YTfnhvOAm5BNm-5lb5YqHP3pLCWu8kgLdFz3ewuxG4mnh072
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENVdK3lYgNxqkB2sE2Yzobg&google_cver=1&google_push=AXcoOmQvt3aqHs56CZYnecMHr2hgzsofqb44oLbRSQlwC8VgF7DPT48t0Cie2HlcXNbp6H_LQSfyVGr_R0FpxEa0aqveuwyBF4oyMSEzmUK6ZuHlFOVDw9rmBoXrBd0JP-htLIRwdDbjeMmVEguS6uDAT6dm
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHc6RNCxZ_GeuWC03J22Q1U&google_cver=1&google_push=AXcoOmSHW0XmLIIagWTaIc-u8Nz_NSxiEGVItPtLAIzvxXrm419JI-EtxiRted_NZRzLuGhNnBxVFx9SNJ0mJSF6gQQnP0ubwWWC9hzC5BHIwovf8m4ZqbhqYJ3kKeXQKafiXSxitM6X5VvyBY0-iu8Ot1o
Domain
ad.vidverto.io
URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Domain
ad.vidverto.io
URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/dmp/async_usersync.html
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzhd1F3P4ZOCNN9m-n88P18CamAKRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAnzVXKqX_7E-qAMByAObBKoEhAJP0P91HLOTXQXrM7prYyEZJFjbrltpslFY5Ri-8Z2q-Csgq-BLPm1nr9UtfcHvRefZABnKPz729D8qZLcJe7Zw8zyjdb-PHh8T-spM3C1O1hu5cqkLCkJqpNzAZnqKzqhPnDIKwwAbKvz63bEbx94SYG_9miZofvLnZIC9tlpSIaJJMA9RsScSH85MhlKT9lcwghZqsJedHat842eJd3JPK-guLrBMDodx192OZ3aEDlbtObHABoA-5gSCXRk7grMYpwtYZBAbLg7RYnBJa01FNHHqlv5F1ndRXQk1pO0gjqkYxZ5dXMlzti4bwuSmTk3vgbfcp2A-liH9kDvwo5mYsTRr28AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIoPW90YCWgQMVWd_nAx1XoAYjEAEYASAAEgK6rfD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJW-NWyK74IUkEceXwi_6wFjZpu2_42gyYZRyfmLVu94dftx-gL0iCZLe6cEWg1gbqz_wI65L4qGAE%26sig%3DAOD64_07UkTfOqFdu1QXlg3vjDo5jU_8KA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A3M5vVFOVOLS4PyAcViJbrQ0Pq3VCgA5xQgxi4XGjgQr87SSpqmWNuMj_b5-bmPt69M6IOq-7vYOPeKm9-JA_dg3QOXLWHWRICQtpfd4W_CUQkRWG3FQ0FjgGF5v2JYmKQsPF85Z4MOr5BJSBx6_Xj4zsdcZBs8nPK0NaAIbPleobrIN4%26cry%3D1%26dbm_d%3DAKAmf-BYwfDoG-3w4l7MF4c5jpWJt4f4W2CrniHiuhNOoFeav4PaIxzqz-qSNAxo2fC5kNfWSSeaeu6Cd0-Q4uJ9R-9nedWszwkDrJbnQfunBxCsx3xv391i_2jCRxiD6vFgdBI-2xM-3vIuqgFv7hyAzEze4CIL5iy93aGbgfmh_Y-UrxM2bNPAFfHEVbXZ4BDd1NKJl_0SOCC7-NuM3cC6xsCBi_B4ps_3MZ77HlUy_0EHsSK5n1xRBdwc8nOwWhI8nqrVHLnRkIJFcM9-sdLHYlkG9jqrD7bA8upHXJIFsdYhkelz0vQx8rd-Ikc841M_r9M5alGWqzXxhQjU61h9RASaVcP1xbhWr_LsRrH9nixqN1vk7GYOtyZvNOifMAHr_et76mVkUi9KFiGLp0gm3W-O6InBfn6WTGzLGzjD6XzFKMZvBzT9AbXrCEsuunSBGW3UzNTjXuqN0UkCSvzK9YpqjQ7hAF6e4k6sEa0YyfEBzlEacouo62eqARFUsrKnDzCuTA9C4U7zCDqhn7r-KbZVx95G7ffkIKjk3rEaIx5wpd57gdZ0zHLV_ukxA-GE7aw5nHg0AdNm89LDWMpD9SiYbHcslWmZGXe4rQe8YXd1jKYllGq-sfuN1cdget59e6a0nPhP%26adurl%3D
Domain
openx2-match.dotomi.com
URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=openx&gdpr=0
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=edZFomzkC092HOLuGzOIWONrM-0lkxiX
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XHJmtggpWvq-5-RvLfT2fDEpxcs_VbDy
Domain
c21lg-d.media.net
URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3370055922594132000V10&origin=1&flt=0
Domain
s.thebrighttag.com
URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=mviAvYeC8vNlZfno5eQTepx5_17Zupwd
Domain
s.thebrighttag.com
URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vFisLo1cYCNqzWDs_u2DBXpXFmelim5O
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEIlx9ykYWp2McggWa_iuMQ&google_cver=1&google_push=AXcoOmSunA3lRPfc5cBp_oVUjqqcHCMT-k5LjMloMwYCff1_OoSi8R4egSyokdowOYv3-fqYo0loV21Jm6AO6WgLK5DbUCh3cM0
Domain
um.simpli.fi
URL
https://um.simpli.fi/gp_match?google_gid=CAESEEQ92EC95esA2KnFMZVxYpE&google_cver=1&google_push=AXcoOmTGK-WdxZoYxiBNhucHrTiXLEJc8D9VyR4dMzNIFIXPdhrbqIj1UZt2GGomfOZXAUVjaMViQ1MdVLaZee9lRqb9PUPvdEnw
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHc6RNCxZ_GeuWC03J22Q1U&google_cver=1&google_push=AXcoOmRi3LqjTtJIykyp4GQKdtjS1kPm5OOwTdB9FdTL7DGDb_NJV5CMTfdtGO6JHN9TnvUXscf1Fg3JCZ337D3IoHkpPa3lc1ri
Domain
match.360yield.com
URL
https://match.360yield.com/match/ebda?google_gid=CAESEKVAbwIQUOAVV8mOM1fitKU&google_cver=1&google_push=AXcoOmQGQy54cBmCkon_S3h_zGxuXi4l_e_ggdfZ7b_gdtIdo2PkHHtZ8u8GpnKaKeXUiIF3i5AAQa8C-BT1kRlHEF55KWoAG0_l
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEH4U9eLBJp7dNJLfPsLFw-o&google_cver=1&google_push=AXcoOmTNlAFcxk1-_klV41phsxQTrg4otOzeF3HlduE8-pTxUPqDWqzotBZp88kLW-geZFBY3ycQ8qBlnGmTZh3f0O7l0w7iiEU
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| documentPictureInPicture object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag function| _statcounter function| _typeof object| TRC object| _tblConsole undefined| msg object| AMP object| adRecover function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ggeac object| google_tag_data object| google_js_reporting_queue function| setImmediate function| clearImmediate undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| aries string| nam object| placementData object| regeneratorRuntime object| ox_esp object| ucf object| request undefined| $ undefined| jQuery string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| __uid2SecureSignalProvider object| __uid2 number| ampAdSlotIdCounter object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo object| Criteo_identitytag_141 object| pbjs number| vidverto object| aries_registry string| paramsString function| runAnimCheck object| cmTag object| google_reactive_ads_global_state object| _cm_wfCounters string| lastWfUrl object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN object| _apPbJsChunk object| mnet string| nobidVersion object| nobid number| ampAdGoogleIfiCounter number| ampAdPageCorrelator function| inView function| VASTClient function| IMA function| VidvertoPlayer function| startCMTagMain string| category object| pbjsChunk object| _aries boolean| noPreviewPage function| OvaMediaPlayer object| listeningFors number| 3pla object| dataLayer function| gtag object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| inViewWindow function| shuffle object| entertainment object| arrToUse object| playlist function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| vidvertoPromiseCache object| closure_lm_446563 function| quantserve function| __qc object| ezt object| _qoptions object| google_tag_manager function| VidvertoPlayerVideoPlaylistUI function| onYouTubeIframeAPIReady object| closure_lm_866296 object| closure_lm_302529 object| google_ad_modifications object| google_prev_clients object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| GoogleGcLKhOms object| google_image_requests

69 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1694003986.10BF351922714F1F4E2B57E99F6DCECC.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1694003985.0
.statcounter.com/ Name: is_visitor_unique
Value: 1694003985377747573
.bg3.co/ Name: __gpi
Value: UID=00000c6f573beb1a:T=1694003986:RT=1694003986:S=ALNI_MYtuqwArQsT2QEyt26H3xOTBpLtYw
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D45e4ddb9-a78a-49b7-9991-67b3d8e9e789-tuctbf1f892
.doubleclick.net/ Name: IDE
Value: AHWqTUlswQmghlI0tDev4oae9tnjvBBJXs0Rcje9HQO2py7hqOrCzdmFWtDSoAbmKOY
www.bg3.co/ Name: __AP_SESSION__
Value: 11b9616f-bf46-4ae2-b1ce-5980147e7b3a
.criteo.com/ Name: uid
Value: 5b855b26-aa26-4a60-81ff-1ba9e43d7455
ad.vidverto.io/ Name: moxuuid
Value: 9af41ca9-4f83-4c5d-822e-ea5e8d26e095
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1694090387
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1694090387
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1694090387
ad.vidverto.io/ Name: _mwayss_imp[23242][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23242][frequencyPeriodEnd]
Value: 1694090387
.openx.net/ Name: i
Value: 002deac0-8aa3-470b-a905-ac728bca00d5|1694003987
.aralego.com/ Name: sspid
Value: a863c8e9-b758-32d6-aeea-a05489dddc9a
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 94266cc5-d6dd-4a8d-b5d3-27bb7531b154
.bidswitch.net/ Name: c
Value: 1694003988
.bidswitch.net/ Name: tuuid_lu
Value: 1694003988
.bidswitch.net/ Name: tuuid
Value: b4b83d5a-fc78-4bf6-a798-f19a4b77957d
.yahoo.com/ Name: A3
Value: d=AQABBBRz-GQCENjyLY9LCJSNmZxvc1JO0iMFEgEBAQHE-WQCZbtj0CMA_eMAAA&S=AQAAAlyFgmL9bS6EL2Y6aSqRLJY
.adnxs.com/ Name: uuid2
Value: 2825018790679395221
.omnitagjs.com/ Name: ayl_visitor
Value: 498c1b159f4384e44938b35d3afefe2b
.teads.tv/ Name: tt_viewer
Value: 06d213f4-09fa-42cc-8e40-f0c5ce83d1f1
.rubiconproject.com/ Name: khaos
Value: LM7Q8JIZ-1V-GWGK
.aralego.com/ Name: euconsent-v2
Value:
.prebid.a-mo.net/ Name: __amc
Value: 1_1694003989_1694003989
.adform.net/ Name: C
Value: 1
.smartadserver.com/ Name: pid
Value: 5128187030614505374
a4p.adpartner.pro/ Name: apuid
Value: fa78814b-5a06-4e22-9419-43857e0b5c25
ad.mox.tv/ Name: onetag
Value: LB55AxoFaFnPANVBDk9cS97bBz8z8WxhEXnGmFheLBo
.adform.net/ Name: uid
Value: 4126843277910630446
ad.vidverto.io/ Name: adpartner
Value: 9af41ca9-4f83-4c5d-822e-ea5e8d26e095
.amazon-adsystem.com/ Name: ad-id
Value: A8NYXlZ5eESgnVMc0bhpDJY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
ad.vidver.to/ Name: bidswitch_com
Value: b4b83d5a-fc78-4bf6-a798-f19a4b77957d
.bg3.co/ Name: _ga
Value: GA1.1.1361012700.1694003986
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1694003991.1.0.1694003991.0.0.0
.quantserve.com/ Name: mc
Value: 64f87318-1b6e6-a345e-9eaa7
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.linkedin.com/ Name: bcookie
Value: "v=2&5de17471-e11f-46af-85d7-56b18e493fcf"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTQwMDM5OTI7MjswMjGPTHyOGVXU/1jYcCIWlWV6aPmHmMXdRAmhPhNZxTEghA==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2625:u=1:x=1:i=1694003992:t=1694090392:v=2:sig=AQFhAM1y80vA6ZOsRvLFfuxgx1Lc-nkv"
.bg3.co/ Name: __qca
Value: P0-306227218-1694003990433
.pubmatic.com/ Name: SyncRTB3
Value: 1695168000%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 26F33825-A14B-43A1-B708-C85E5C534EE3
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2GVHgn21Y!]tbPl@/D!9hy6]/Cv]bj3i/r6<L<S/l.7l4]5e74>fP'5e1sl5bxc34xn5@2(ex?B`^V]P[jCw*bpRz*qF1`*bc8=+i[PI
.casalemedia.com/ Name: CMID
Value: ZPhzGJePj38mET-tZMVd.AAA
.casalemedia.com/ Name: CMPS
Value: 1195
.casalemedia.com/ Name: CMPRO
Value: 1195
.bg3.co/ Name: __gads
Value: ID=40b835a4ab5e1202-226f0e1e68de0038:T=1694003986:RT=1694003992:S=ALNI_MZ-GwsjwRWQsvczyWYhYr6eOYWCcw
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2dro:18zh~2dro"
.pubmatic.com/ Name: pi
Value: 159706:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.smartadserver.com/ Name: csync
Value: 79:k-YwutPHg1gTZB3if4x9cvpMUUqMOZKO_J17rSbg
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-rPNH8Xg1gTZB3if4x9cvpMUUqMOKB3KM99VaEA&KRTB&23144-uid:k-rPNH8Xg1gTZB3if4x9cvpMUUqMOKB3KM99VaEA&KRTB&23286-uid:k-rPNH8Xg1gTZB3if4x9cvpMUUqMOKB3KM99VaEA&KRTB&23287-uid:k-rPNH8Xg1gTZB3if4x9cvpMUUqMOKB3KM99VaEA
.pubmatic.com/ Name: PugT
Value: 1694003992
.openx.net/ Name: pd
Value: v2|1694003989.4|iyvQvNgun0.j8gqwksLmOge
.quantserve.com/ Name: d
Value: EAABDwHxKYEPisMA
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-06T12%3A39%3A53%22%7D
.rqtrk.eu/ Name: browser_id
Value: 1:9309b29f-739d-4948-81e7-53d834daa0d4
.onetag-sys.com/ Name: OTP
Value: 4WiGAJTMRrRKMDDQMKP2pVHIn-44N-JHLA5aDaTI-bM
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EjH8Hnenz/k1Q8c07wQgfKRBwEYcOh1cDMq0/0f+29MkCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ek7+8UWvn5lu
.smilewanted.com/ Name: sw_user_params_infos
Value: P4vaJf8EU6TQGO0hu9RSBe0zDxPoRFxgmS6557fMCxEVagVWc6u%2Bb4ix30Ixt4IHQSKu0Sr6UMkH1hnaPaxot9Cn2tNGmduXuTYKNwqOJG3PiQf0OrJvHx%2FGS%2FfBkp7a4OFReLFPzt%2Fy5etaXlHqCbg9pKhq2pWkLQPnrPpaYcn6CsBuSOGuJOF1UPcECA9txRDpwX1O3VsThJW0oJGgs3f2ydJzqSiEJRk15nf%2BeuNlhJTrdjl8Oxa76m3pkIVEktsGW2EeQi67mR0AlUg0Jq5HuiCex9Ngud0p78qcd8c%3D
.bg3.co/ Name: cto_bundle
Value: ZeU4L19HU1o0dU1VNlRPdHNWRGdKNDc0VE1KaTZRdVFGTEk2UjZxTmFRdiUyRnFyRWxST1JhdkkxQW4lMkZ4dFVLTnZYZzdaSUdIQkd2WVpzaFB4JTJCOEpwc200OEo2TVdmdiUyQk9ZcDlZaTdkaFdXbEJpZnhPdiUyQmxpRURabFQ2R1pJVksyWWdiU2x3bjVJTUd0akFuOGJpNnQxQmxlUm53JTNEJTNE

78 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202203/d81c35535d6bf6149f8f0a9f95474ec2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3ecfcc7cd59e8429cdfb9c412990d202.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b83c5a5eb509dd5e192c39a44104172c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/59b0b8c7986b2b70b58afcad42fd09a9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a0382271e51ee29953a9577748e17545.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3199debbca334930f0c74f0981026dfb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/668ee8abe00a920c716933b4d04240cc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/9f5873974a6d354e53f583716a610863.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/49f379a7baf7effc155e7c2ee810f1e8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f309931811ff56c53530cf519ca4af5b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/837d05252d29c8e4cc812ce2a72ea083.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/dcdfa7a103c7c1f43dc604095e80cfd1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2204c568ccb145be676c1f17946244ae.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7b284ebb883632348aef4684a10110b0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202103/47014fdc1be63e5c12af6600098983ec.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/92f053820039fe57677ee74f6cc43561.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5f6a507cf237788635f2d61abdaf17e2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/acbbe2c159f94a2e723689aeb4f15e19.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/e2e2c22d3aa3f9c3d499299fd859fbda.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9e90d3da3e631a5f29cfefd1a4542c5a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/9616e31d00a0ba292ac26718c10bfc15.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f4ce3968bbdd107331ef66ab1c950572.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/db30bc4ade5fd9599049e563e4e5282a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a0cc05e587eb180f086c78f988f6d74f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b015a942042d337fba05504ebaadb516.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/558d435f6008ca44ce9a95e8ed792d95.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvYmFieWNoYW5nLWh1YS1odWEtZGUtYmFieS1jaHVhbi1tby14aW9uZy1zaGEtcXVuLXJlbi1tZWktZ2UtdGlhbi5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js(Line 10)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UKDI7Hg1gTZB3if4x9cvpMUUqMMrNrfHqaMV9w
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UKDI7Hg1gTZB3if4x9cvpMUUqMMrNrfHqaMV9w
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-Q3WxQHg1gTZB3if4x9cvpMUUqMPzR7xcaOBb-w
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-LfRcIXg1gTZB3if4x9cvpMUUqMMObyfB_ZCnvQ
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-LfRcIXg1gTZB3if4x9cvpMUUqMMObyfB_ZCnvQ
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-Q3WxQHg1gTZB3if4x9cvpMUUqMPzR7xcaOBb-w
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Rbndlng1gTZB3if4x9cvpMUUqMPgWZiXcK38MQ
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Rbndlng1gTZB3if4x9cvpMUUqMPgWZiXcK38MQ
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-L1cHUHg1gTZB3if4x9cvpMUUqMMnj8Hp6h8bcA&initiator=partner
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-L1cHUHg1gTZB3if4x9cvpMUUqMMnj8Hp6h8bcA&initiator=partner
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-ZYTG3ng1gTZB3if4x9cvpMUUqMN9Y8ezpaSdlA
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-ZYTG3ng1gTZB3if4x9cvpMUUqMN9Y8ezpaSdlA
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://e1.emxdgt.com/put?d=d53&uid=k-EJsDVHg1gTZB3if4x9cvpMUUqMPrR22gVOaR7Q
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEIlx9ykYWp2McggWa_iuMQ&google_cver=1&google_push=AXcoOmTrfzsC7JSlp-RBeueMXfzK4D1WK2o8TIB2KDyRBNVTBSnHDvPeBJYStQtQl4cu1c9do8EbkIiR63jRMGkyvm1aWPvj0jQkWYiM_nD-YTfnhvOAm5BNm-5lb5YqHP3pLCWu8kgLdFz3ewuxG4mnh072
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHc6RNCxZ_GeuWC03J22Q1U&google_cver=1&google_push=AXcoOmSHW0XmLIIagWTaIc-u8Nz_NSxiEGVItPtLAIzvxXrm419JI-EtxiRted_NZRzLuGhNnBxVFx9SNJ0mJSF6gQQnP0ubwWWC9hzC5BHIwovf8m4ZqbhqYJ3kKeXQKafiXSxitM6X5VvyBY0-iu8Ot1o
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENVdK3lYgNxqkB2sE2Yzobg&google_cver=1&google_push=AXcoOmQvt3aqHs56CZYnecMHr2hgzsofqb44oLbRSQlwC8VgF7DPT48t0Cie2HlcXNbp6H_LQSfyVGr_R0FpxEa0aqveuwyBF4oyMSEzmUK6ZuHlFOVDw9rmBoXrBd0JP-htLIRwdDbjeMmVEguS6uDAT6dm
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-oRIxg3g1gTZB3if4x9cvpMUUqMMAvt1-z8_7wg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-oRIxg3g1gTZB3if4x9cvpMUUqMMAvt1-z8_7wg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=R6uTpm3aQc8lcToPXTCUYd38onwceQ-n
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=b56B-mdXDumTf-c0kmHp018efPg1I0Vm
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzhd1F3P4ZOCNN9m-n88P18CamAKRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAnzVXKqX_7E-qAMByAObBKoEhAJP0P91HLOTXQXrM7prYyEZJFjbrltpslFY5Ri-8Z2q-Csgq-BLPm1nr9UtfcHvRefZABnKPz729D8qZLcJe7Zw8zyjdb-PHh8T-spM3C1O1hu5cqkLCkJqpNzAZnqKzqhPnDIKwwAbKvz63bEbx94SYG_9miZofvLnZIC9tlpSIaJJMA9RsScSH85MhlKT9lcwghZqsJedHat842eJd3JPK-guLrBMDodx192OZ3aEDlbtObHABoA-5gSCXRk7grMYpwtYZBAbLg7RYnBJa01FNHHqlv5F1ndRXQk1pO0gjqkYxZ5dXMlzti4bwuSmTk3vgbfcp2A-liH9kDvwo5mYsTRr28AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIoPW90YCWgQMVWd_nAx1XoAYjEAEYASAAEgK6rfD_BwE%26num%3D1%26cid%3DCAQSOwBpAlJW-NWyK74IUkEceXwi_6wFjZpu2_42gyYZRyfmLVu94dftx-gL0iCZLe6cEWg1gbqz_wI65L4qGAE%26sig%3DAOD64_07UkTfOqFdu1QXlg3vjDo5jU_8KA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-A3M5vVFOVOLS4PyAcViJbrQ0Pq3VCgA5xQgxi4XGjgQr87SSpqmWNuMj_b5-bmPt69M6IOq-7vYOPeKm9-JA_dg3QOXLWHWRICQtpfd4W_CUQkRWG3FQ0FjgGF5v2JYmKQsPF85Z4MOr5BJSBx6_Xj4zsdcZBs8nPK0NaAIbPleobrIN4%26cry%3D1%26dbm_d%3DAKAmf-BYwfDoG-3w4l7MF4c5jpWJt4f4W2CrniHiuhNOoFeav4PaIxzqz-qSNAxo2fC5kNfWSSeaeu6Cd0-Q4uJ9R-9nedWszwkDrJbnQfunBxCsx3xv391i_2jCRxiD6vFgdBI-2xM-3vIuqgFv7hyAzEze4CIL5iy93aGbgfmh_Y-UrxM2bNPAFfHEVbXZ4BDd1NKJl_0SOCC7-NuM3cC6xsCBi_B4ps_3MZ77HlUy_0EHsSK5n1xRBdwc8nOwWhI8nqrVHLnRkIJFcM9-sdLHYlkG9jqrD7bA8upHXJIFsdYhkelz0vQx8rd-Ikc841M_r9M5alGWqzXxhQjU61h9RASaVcP1xbhWr_LsRrH9nixqN1vk7GYOtyZvNOifMAHr_et76mVkUi9KFiGLp0gm3W-O6InBfn6WTGzLGzjD6XzFKMZvBzT9AbXrCEsuunSBGW3UzNTjXuqN0UkCSvzK9YpqjQ7hAF6e4k6sEa0YyfEBzlEacouo62eqARFUsrKnDzCuTA9C4U7zCDqhn7r-KbZVx95G7ffkIKjk3rEaIx5wpd57gdZ0zHLV_ukxA-GE7aw5nHg0AdNm89LDWMpD9SiYbHcslWmZGXe4rQe8YXd1jKYllGq-sfuN1cdget59e6a0nPhP%26adurl%3D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://creativecdn.com/cm-notify?pi=openx&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://criteo-partners.tremorhub.com/sync?UICR=k-h1eU6ng1gTZB3if4x9cvpMUUqMMEWMDYkJZmwA
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3370055922594132000V10&origin=1&flt=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://criteo-partners.tremorhub.com/sync?UICR=k-h1eU6ng1gTZB3if4x9cvpMUUqMMEWMDYkJZmwA
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XHJmtggpWvq-5-RvLfT2fDEpxcs_VbDy
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=edZFomzkC092HOLuGzOIWONrM-0lkxiX
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEIlx9ykYWp2McggWa_iuMQ&google_cver=1&google_push=AXcoOmSunA3lRPfc5cBp_oVUjqqcHCMT-k5LjMloMwYCff1_OoSi8R4egSyokdowOYv3-fqYo0loV21Jm6AO6WgLK5DbUCh3cM0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHc6RNCxZ_GeuWC03J22Q1U&google_cver=1&google_push=AXcoOmRi3LqjTtJIykyp4GQKdtjS1kPm5OOwTdB9FdTL7DGDb_NJV5CMTfdtGO6JHN9TnvUXscf1Fg3JCZ337D3IoHkpPa3lc1ri
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://um.simpli.fi/gp_match?google_gid=CAESEEQ92EC95esA2KnFMZVxYpE&google_cver=1&google_push=AXcoOmTGK-WdxZoYxiBNhucHrTiXLEJc8D9VyR4dMzNIFIXPdhrbqIj1UZt2GGomfOZXAUVjaMViQ1MdVLaZee9lRqb9PUPvdEnw
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://match.360yield.com/match/ebda?google_gid=CAESEKVAbwIQUOAVV8mOM1fitKU&google_cver=1&google_push=AXcoOmQGQy54cBmCkon_S3h_zGxuXi4l_e_ggdfZ7b_gdtIdo2PkHHtZ8u8GpnKaKeXUiIF3i5AAQa8C-BT1kRlHEF55KWoAG0_l
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEH4U9eLBJp7dNJLfPsLFw-o&google_cver=1&google_push=AXcoOmTNlAFcxk1-_klV41phsxQTrg4otOzeF3HlduE8-pTxUPqDWqzotBZp88kLW-geZFBY3ycQ8qBlnGmTZh3f0O7l0w7iiEU
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=mviAvYeC8vNlZfno5eQTepx5_17Zupwd
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=vFisLo1cYCNqzWDs_u2DBXpXFmelim5O
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59bb09cd39c83dd241c255c34c1f4719.safeframe.googlesyndication.com
6cd7bf16590c4acd6252f188e987571d.safeframe.googlesyndication.com
a.teads.tv
a2efcd6d92f8c72da0402e7aedaff86e.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mox.tv
ad.vidver.to
ad.vidverto.io
ad.yieldlab.net
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.eu.criteo.com
ads.servenobid.com
ads.stickyadstv.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
b1sync.zemanta.com
beacon.krxd.net
bidder.criteo.com
c.statcounter.com
c1.adform.net
c21lg-d.media.net
cat.fr3.eu.criteo.com
cat.nl3.eu.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.vidverto.io
cdnjs.cloudflare.com
cds.taboola.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs.chocolateplatform.com
csi.gstatic.com
csm.eu.criteo.net
csync.smilewanted.com
d-3017157876154211517.ampproject.net
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
e1.emxdgt.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hb-api.omnitagjs.com
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
il-trc-events.taboola.com
image2.pubmatic.com
image8.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
openx2-match.dotomi.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.thebrighttag.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.aralego.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
videos.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
widget.nl3.eu.criteo.com
ws.rqtrk.eu
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
acdn.adnxs.com
ad.360yield.com
ad.vidverto.io
ad.yieldlab.net
ads.betweendigital.com
ads.stickyadstv.com
ap.lijit.com
b1sync.zemanta.com
beacon.krxd.net
c21lg-d.media.net
creativecdn.com
criteo-partners.tremorhub.com
cs.chocolateplatform.com
dpm.demdex.net
e1.emxdgt.com
exchange.mediavine.com
hal9000.redintelligence.net
js-sec.indexww.com
match.360yield.com
matching.ivitrack.com
openx2-match.dotomi.com
pm.w55c.net
public.servenobid.com
s.thebrighttag.com
static.bg3.co
sync-criteo.ads.yieldmo.com
sync.1rx.io
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
um.simpli.fi
us.ck-ie.com
visitor.omnitagjs.com
103.231.174.251
104.16.88.20
104.17.24.14
104.18.39.155
104.20.219.77
104.22.52.86
104.26.5.103
104.75.89.75
108.128.60.227
108.177.15.155
13.107.42.14
13.248.245.213
141.226.224.32
141.226.228.48
141.95.32.69
142.250.181.226
142.250.181.227
142.250.184.238
142.250.185.226
142.250.185.234
142.250.185.66
142.250.185.74
142.250.185.98
142.250.186.104
142.250.186.129
142.250.186.162
142.250.186.164
142.250.186.38
145.40.97.66
151.101.1.44
151.101.129.44
152.199.21.70
162.19.138.83
162.210.196.208
172.217.16.193
172.217.16.194
172.217.16.195
172.64.196.38
172.67.10.198
175.110.113.205
178.250.1.17
178.250.1.25
178.250.1.3
178.250.1.6
178.250.1.9
178.250.7.10
178.250.7.11
178.250.7.12
178.250.7.13
178.250.7.19
178.250.7.9
18.158.83.223
18.184.190.66
18.194.15.213
18.239.50.115
18.66.127.127
185.106.33.48
185.165.240.175
185.180.223.221
185.255.84.150
185.29.132.245
185.64.190.79
185.84.60.21
185.86.138.152
185.89.210.46
190.2.151.7
192.96.203.13
198.47.127.205
2.19.70.117
209.54.182.161
213.19.162.45
216.239.32.36
216.58.212.129
216.58.212.130
23.97.225.52
3.233.155.50
3.71.149.231
3.75.75.174
34.102.146.192
34.107.148.139
34.120.107.143
35.186.253.211
35.244.159.8
35.244.174.68
37.157.3.26
37.157.5.84
5.196.111.69
51.75.86.98
51.83.220.94
52.210.175.116
52.223.40.198
52.58.98.136
52.94.222.140
69.16.175.42
69.173.144.137
69.173.144.138
69.173.144.139
69.173.151.100
74.125.69.94
91.228.74.208
95.101.148.20
95.101.149.233
95.101.149.35
95.101.54.200
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
020e941d6a65b816e5d9af0384a8b8d5558e3665d0baeea96e88e1c18799cde0
02d3592b99720f67ff377e5a232778adcd8e91b3226dd6b570b7f2a0bbb96ca6
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0523c9f4c6e8ba75215efcb5a0dd935a921f2f7ab3fb4704ce76e1581b138f8f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0615a2b759f699319d17f1cb6e6908155c123d27d3e3caa013d9e1938a650803
07ef7b727d3919e7f5409d42785f14883d1788e194ff9d893ff53ca418913c72
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098edf6f2f040b09a7f932e1824aa3295784a54fd3adf7d53daaf7398052a075
099c9b4ec6dbe719afd66f0bbc8f3c6966caeaf94b7c638a43034141a476a07c
0a404d4a65524c3aefca587e9525cbc640805c0be1c7631aa1619472c38f2cb6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0cece56c4f3a345b6ae21348d08954dc3b0805a54ea8061615559fca2e7ee6
0ca5dae92ef6608fe14a8ba5e56f72d38b31e7570d98f2287024bfe4a0d53c99
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0da3d00abc568b8cc9cb9fcf0d8dabdc01c36d6a15c277b1773ee48bead8053e
0eec0a1c04b5faafbc0eb1df1bd2c70d975f16dc34dffbc71549024b46916a29
0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12817bd556af0b34d5e822e20cc5665384767e9fd6bc8f32aea8a5ba3871098a
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807
15880272690a0fdf7156b05ea220c892d14ae24318588b4710c6afa71daf8fec
16c56af26101715bb14f3afe53bf3f2c60a1413cbe8e58a1d2c6d8296908f665
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
19590831a8ec270569fcf2fb23a9929868626e50cb56d4820bb92abbd214b7c2
19d0fc8cbad4484b9867c192567befc7fdd9945fe88ea19ab5bdaf288be5b668
1b3d020dcd904949bce5b8b8b288d5d0a98a1995a09ba336344730caf8f51997
1b744affebfb8d8075c74d66dd9ee9898d59518eef8acb0c25ee4c48fd04d331
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
236dc832d95b825ee65ccd10aa1b9179939a2cea896ca5450116d83d57bc5671
24eb1bc1beb436cdd920616aa3e1d898982a8f0dfc4b50572959ca90271f0210
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26ebac8b8d1247e5aa00ec53cd97a110c0b1edd887362c6d25ddab4570bb79f8
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c
29b110ded380d57fd0b65e05023807dd1ed2d7a50d293f8b1dffc415929df8e1
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2c3d3c32b980d90d1d7446b2c53bbe7898f5969295b56c09d75737942b5fb004
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324c101fecfd75d271b3cf9b7721edb46144edff952f686479ee01239d151ce7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36e0d542a26e9291d9a13b1686f8acf7f4499e4b386a7e9387e5e04ad46e4210
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
375d53ebf5b501de46741e9b21043db76141db00d5216864d26b12840a3bb882
379843d80a0fed0e7a491a70cb3a4644cbeb842088d7dac495a5a98a7a73b245
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39e1573135bfedd0dc289a39f473acd240dcdb72bc39a9430927cc9d54cde1eb
3a116220b9a9ce591808be588c314e923075890cf19e6599c952c2d48539a139
3a3b6228c8b0ca57f754c5044f9ac8a6dbb8ae04dbcd96f0daad569bcccbaabc
3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03
3b5471f1e522aef47b4323d2fb270021c37c9d940ee132a85b729070e8b25b26
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25
3da694ad751f1f8b79b509f0db0068dbaadd4bbdc413424c4ea3288a46c3a450
3dc2167430813a9e3e0e8fc576a71667bacf62c31a747956b601949c0bc452e9
3e621c1b3d4aa2666a1f0473f42220c7d91f47106c1cc50f2041ddf7baed8c12
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fad5a5dd07be2f87a9fd5122649adfbf8bbf188582c718fbc00c743cc09362d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4023b78b720b3f304b3bf74af452b308c3eb5acb2310530e3b9963b50203e5b4
414e46abcb4c362646d340bf7d431ef9c0346f8b2636e8d80b28fde64c4832ba
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c9e4d6cc84fe235db0800274090c3335ecc1fcb54bbbebc324c278bb50c197
44ebee3b9116cb0adb51da2239ec48807b956c75a0cc7c59f30a1a6dede10cbb
456df2365d34880a70f6d13e7e5fcfce71299bcc47f787ee2b40d683ce8e7811
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a888d2c93083d09f25c598cd8eaeb2aa7a7e66bcc4ec74cbf47ce8161ee90bf
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c81fdea7c18bbcfa19c107195f178531a1894893820fa4f813e8a2d4626e7ee
4caf622c5d61991ad9822724ead4741638bc790cede2bdb739a87b194f8aca67
4dcf06849ba0687f90f86395497c63d2bb77ca83e322af918ed6129f62efe373
4dd0d73d5ecadb5b80d3e5a901564b14a90d3436e11f860795ab53098f24b1b7
4dd6d3fb96e9f10b174a4681a7a6d585e81ea7bf92424b4096c358ebeeb27193
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6e179a51d9332a0e36a1b221d83cdbf8151ae3ea6541031bc0c0e1b86d7e90
4f6a107a3fdb1536c81826561e818486e2a0ae0b230df8b15f908af89b0071e0
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52bb7731c906135ebf7750065f353b3350076220298adb1eedef26deb7a023ed
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
53294044ef54aa72d219a20ecea405f082270bb7774af92c6117b2c7a5ea8013
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
5dc9635c4b6ab7b0af2c16246c815907666dd266e45927855431d513dbd5a715
5ddae47187a17644dbe7e02cdf7089521d014d35e172c5c068b16213702bd5c5
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67374076a3908d2dcaf0297dc9615fd17336cb6c25ec6c0a6338a969b9f76423
6800b03b7608460021e446cca3fd48b601c5797a7835907d0ca5f1b3da41672b
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d5fc0b875581145811768362acc8e4f8da3c8ead0dd401f8173e7521de43f7a
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
717f5bc2f61bcb0a23dfa75083abfa8211a3c9d79ab2f7a9414ab843e31aee7d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
770d1afea464224b576faa62418dc477bee6c08b8d6f6eb107bd24aa973bd9a3
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7a35e8431ed5a87ee3170de77087e5423f1526902bda716b52603d202fb69347
7a76c46638f95708e0bb2ce03a583be463402cdd273e0f4fbfe9ab5ef5281acf
7aa0a0674a9722328b7907a6b1caf70fe8374b88ecf7f1f807fa5ee298079da3
7b144f52c4b80de46f05d6d67db843a194defbb862b58d6ce1e0cac2451cbfc5
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
830d7cfcf47642ce668da485d35f95bf47aee7812377b060eccbe2832c2b6b28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
887692f860423797ae7d8f9503ef4b3a311099c37a1256309f0f4d96f2bade5a
88790c731c0410552050895ee0f1cd06a6303b567302f6bf8649cc2cf0945799
8974c7de3825a8cd4f7a46cb779898056bf499a52259aeacd574995bb508a311
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6dbe4a502874141c7ee3a0eff91931c02d2a53c20b989245a2092d7c8b5b28
8a7facafe798ac576bfa5f04527fe5643cdcf7b44d85791436d250202c093b0d
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9f3813710bddb662bc528796e7d5b74ea431d7e0572e10a6ef2f545172b9fe
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f695d0f805518f181367f59cc0bd6ba479fc4059ce5c5aae1ece58d27fcc3ea
9091887c532ff3fc009e74a447355106b85b5fb70f31c3c75cca42d71ad8db4e
920e61c4d114a96b890545ff904a61109578821e50306b6d9f642cebead0eca3
9268a4ccc0f58e4922efb6a46e00e07f46fc0a17c28e5d85db0845e60fbd1be1
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92b6509860512f6d249439e8a2b559c5334d94187d276ea02b245d528e3870d1
93e720e50ba0722600302b85aa2e1e271e3af6c5343e6d5738aac77a7248b054
9745480bd2be28800006175c4a79bc4044d655496e2221a912a45879d832787d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9cdc95a5a7530f63cb0596d39d3d085c03bbba9e887dece7aead9d82d96855f5
9d054aeb66b3f6357d6e9cd4caa3f9452586393a09c25867f4f70cb85752bb9f
9d14370d8d574bf30a1d21b69e1e90caf8804d36cba5593740fe77176ce906e0
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9dc4406241092ceae74cb2efbbc8b9d756da6698dd6b2f041f01be07a3632fab
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a22b9a2b7ac58e555d8dd55a48246056db9d178c65b63296df8ae8d7c4cad193
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a409d74793cb8e9cb28b1fd92311d6c82d4a4b15f2301b5a63daa0057cf9aa77
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4aa020db7a1b98f01198363ebcd03a86c1b31413a4a84421356828aeb6b0b69
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58556405590179a3c95d67fb32e503117b50aa99ee9b02ca08717f518deb05e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7f6bf3d4e79e967e0b1b70de5e46a16da84b04fc505eedca6da03127901953c
a81df12eec9252f6dbb1dc8159a85a8f21218f7cd7f022cd702a4951ff13bb1a
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be
ab7b0e34ff100b69874009ae95a902e12341c7153b7c2189014a33a031c8430f
ad3eada0ebd5b34b6b1ae6e0939cadd21d2e024979b93fac9cbedb3074ab9464
ad6631e15dfd0f63d6dd8fefc5dda86f11dbb37e51307034cc7a7f5980b5493e
aec32e01c152f5e661a5f6b967b606edc9854024539ef97141a7be1201d634d3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b8aafe7638bac88f29d4c8aa15c167f089c45194ae7187c42b0d0ff43add099b
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
bac4cbae7e15fac1157e8c1cf0ecfc142a5261f7396c8b4f7b57c388bfb6dc75
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2120aa7bc0a5cc7185a7607816e12ea56c52ac06a67708e6653012c18c18e56
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c2e108b13f9db2acc5baf4873111d47587fcfc08fac49592a736d7846993ff25
c7352d47a83787b5554a492d3747ff944766ae3dfdeb5c742c72d304cbba6b86
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c96ae71aaa29dc81173e75f0decbce2c96524acc59f1dc3e99a0292560a2b892
ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e
cb1ceef98fa2ac672235b331fb3a3ef695384f97a19f1a5e983ea85919ad7cf9
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
ce726270d66899efe6499167ae27f8bfbe6c8c908c81b6a725f1fd98dc132e4b
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d17931f348c967a2a275b03583aec9173a25ddc47312e22e4319fa31f6023c00
d190e5ee9a93fda75bc50b88fc5b432c58d548dd159dbcd735582457a15a260b
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
d50e6c4a13e9bd1e1e3b5ee410aa072b3f3faa71495a122be03a1762f178c70f
d52df9fabaed1fef20e9bcacbdafdaa0d0f6d07ef28c580fe47c0f14a0053ad3
d71087864680e6be972df84bd1e7cb50033c4856227ef82f1403e028282f0e96
d817c9d5e373b77777d55c671007c32d9f22f1c4998e4f680542fc860583ba06
db94893653c53b70e0c63bd0b7c24b0cbf802b844f6613001062c7c0725d5b65
dca4a223126c4d32188763323f0630c6a702cbf2912a9cad59b269a4588ad7fe
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dd1424b85605b02abc3c308f71fc023a794b594f69589ae3282699748cf310a6
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d
ddeeebadeea81c49fbd6446dbc7419d6e6fd363526d4089494a229122a11447f
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e22158808f2f86a0356dd020a0a86bdfded121d34ecc9055830973870e674115
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2f23562d61e03fab22531ee2a105c9ccbc6568980dd98e6a0ed697daa1873c6
e361396300428cd3c7d4f259de28cd0c1b706d3fcd6a5e484efaf51a51fb87f0
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e38dda9fb07db867bf96cae4d27be4848439fbffe05d9016dbb3e81dad3b4afc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90b5fa14fbbf1733a3003f2f3863857c1088062ecc72a9d3c611b9e9295e4c7
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cf03767a5f7fbbb053aecdddab02934093660092b3632eb240ac8217c4c503
f204856a7becb2c3449b21811b57dcd93c0a27b1c581a71f2703c3d1a661c1b7
f35fa68f6874456682fd7b7157eced947e3e6c27852f2e244b71bc41ac88e533
f3e8d92fd4a698212364aef66e6d5b57030239e7bef444001a2d42064ac2df1c
f533c3d1cac6c67cc0f2c2e9750c236fe41e9f324a62816ba5e8c1c210edd102
f57635be1ff1dd03006902842b90cac34f4960ad3bb09c0341ce66c9f23c1b8e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6739ff8ecd4e27a3c740935879905d3ec308dd70fa0b81203fa5dc2dc410e27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6ac16a68c394818b96de5f16021ac8088ff5b44c5ec7a5e4385678fdc418786
f8976756fa4615ea059fb7d74a726ab8ec00c7267b3fdc298222057fc8a5a732
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc1af2d52744c7e5938cea3070b254256ee781405497d7fcd859e6ed39e028cf
fdb5c9ca794dd4c7377556b10889c33be4ea625a163fb038f2675cfed1735cb4
fdeac9787d8c0f1c5c63f5a18f0679a15ecb99182fc375b5f74d3fa6d7f006da
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0