urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Submission: On October 03 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 121 IPs in 18 countries across 115 domains to perform 521 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
9 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
36 151.101.193.44 54113 (FASTLY)
2 4 192.96.203.13 30633 (LEASEWEB-...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2400:52e0:1e0... 200325 (BUNNYCDN)
4 2001:4860:480... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
3 2a02:2638:d::d 44788 (ASN-CRITE...)
7 23.97.225.52 8075 (MICROSOFT...)
20 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 145.40.97.66 54825 (PACKET)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
19 63.34.177.0 16509 (AMAZON-02)
4 51.89.9.254 16276 (OVH)
1 3.75.19.28 16509 (AMAZON-02)
1 185.255.84.151 200271 (IGUANE-)
10 104.22.69.131 13335 (CLOUDFLAR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 52.59.116.26 16509 (AMAZON-02)
1 23.218.209.56 16625 (AKAMAI-AS)
8 11 185.89.210.141 29990 (ASN-APPNEX)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
3 35.186.253.211 15169 (GOOGLE)
3 9 104.18.26.193 13335 (CLOUDFLAR...)
2 3 162.210.196.208 30633 (LEASEWEB-...)
1 2600:9000:223... 16509 (AMAZON-02)
1 139.144.5.218 63949 (AKAMAI-LI...)
3 151.101.65.44 54113 (FASTLY)
16 185.106.33.48 200478 (TABOOLA-AS)
2 4 172.217.16.198 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
3 3 23.201.255.110 16625 (AKAMAI-AS)
10 23.218.210.30 16625 (AKAMAI-AS)
14 35.71.131.137 16509 (AMAZON-02)
5 141.226.228.48 200478 (TABOOLA-AS)
2 9 2a05:d018:d29... 16509 (AMAZON-02)
5 7 3.120.96.101 16509 (AMAZON-02)
5 9 69.173.144.139 26667 (RUBICONPR...)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.112 16509 (AMAZON-02)
6 10 69.173.144.138 26667 (RUBICONPR...)
2 2600:1f18:24e... 14618 (AMAZON-AES)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 52.94.222.140 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
11 17 172.217.16.194 15169 (GOOGLE)
2 5 209.54.182.161 16509 (AMAZON-02)
7 7 52.211.253.239 16509 (AMAZON-02)
5 5 3.75.62.37 16509 (AMAZON-02)
1 23.50.131.75 20940 (AKAMAI-ASN1)
1 2600:9000:225... 16509 (AMAZON-02)
2 2 44.194.225.44 14618 (AMAZON-AES)
17 217.79.188.60 24961 (MYLOC-AS ...)
2 217.79.188.46 24961 (MYLOC-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
2 51.77.64.70 16276 (OVH)
1 11 104.18.27.193 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 217.79.188.21 24961 (MYLOC-AS ...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a00:1450:400... 15169 (GOOGLE)
12 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
2 35.186.215.140 15169 (GOOGLE)
3 5 34.98.64.218 396982 (GOOGLE-CL...)
1 23.218.208.23 16625 (AKAMAI-AS)
1 23.32.184.180 16625 (AKAMAI-AS)
2 3 13.248.245.213 16509 (AMAZON-02)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 18.66.147.106 16509 (AMAZON-02)
2 54.72.115.16 16509 (AMAZON-02)
1 2 185.86.138.153 201081 (SMARTADSE...)
3 23.32.184.192 16625 (AKAMAI-AS)
7 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 34.194.178.11 14618 (AMAZON-AES)
2 2 216.52.2.30 30282 (AS-INAPCD...)
3 216.52.2.16 32475 (SINGLEHOP...)
8 9 46.228.174.117 56396 (AMOBEE)
4 4 2001:678:cb4:... 56396 (AMOBEE)
3 3 193.0.160.130 54312 (ROCKETFUEL)
1 1 69.166.1.35 27630 (AS-XFERNET)
3 3 54.83.160.255 14618 (AMAZON-AES)
1 1 8.2.110.33 46636 (NATCOWEB)
4 18.156.139.59 16509 (AMAZON-02)
1 1 23.212.88.20 16625 (AKAMAI-AS)
1 2 35.186.193.173 15169 (GOOGLE)
2 173.231.180.197 32475 (SINGLEHOP...)
2 3 193.108.153.21 20940 (AKAMAI-ASN1)
3 4 151.101.194.49 54113 (FASTLY)
3 4 35.204.74.118 396982 (GOOGLE-CL...)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 2600:9000:25e... 16509 (AMAZON-02)
2 3 185.86.138.154 201081 (SMARTADSE...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
3 3 162.55.233.29 24940 (HETZNER-AS)
1 15 34.247.233.198 16509 (AMAZON-02)
2 2 35.210.239.72 19527 (GOOGLE-2)
2 3 70.42.32.95 22075 (AS-OUTBRAIN)
2 2 54.198.183.8 14618 (AMAZON-AES)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 64.202.112.31 23352 (SERVERCEN...)
1 2 72.246.169.24 16625 (AKAMAI-AS)
2 2 63.35.57.217 16509 (AMAZON-02)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
5 7 37.157.6.237 198622 (ADFORM)
1 1 211.120.53.204 4694 (IDCF IDC ...)
1 80.77.87.161 ()
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2 188.42.34.65 7979 (SERVERS-COM)
1 178.250.1.9 44788 (ASN-CRITE...)
1 22 198.47.127.205 3257 (GTT-BACKB...)
2 2 35.210.53.219 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 213.155.156.169 1299 (TWELVE99 ...)
3 3 185.64.190.79 62713 (AS-PUBMATIC)
1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 5 52.18.182.246 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.44.10.91 14618 (AMAZON-AES)
1 198.47.127.20 3257 (GTT-BACKB...)
2 2 98.98.134.241 21859 (ZEN-ECN)
1 1 64.227.64.62 14061 (DIGITALOC...)
2 2 8.2.108.175 46636 (NATCOWEB)
1 1 37.157.6.232 198622 (ADFORM)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
1 52.213.151.23 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 185.255.84.152 200271 (IGUANE-)
2 2404:6800:400... 15169 (GOOGLE)
4 2a00:1288:80:... 203220 (YAHOO-DEB)
1 87.248.100.137 34010 (YAHOO-IRD)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 185.64.190.81 62713 (AS-PUBMATIC)
2 2 141.95.171.142 ()
4 4 141.94.170.64 ()
2 162.55.120.196 ()
2 2606:4700:10:... ()
2 4 77.243.51.122 ()
4 4 141.94.171.212 ()
521 121
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
9    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
14    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
36    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
4    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
agent.aralego.com
5    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
12    2400:52e0:1e00::722:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.unibotscdn.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
20    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
073ceec2d61676674541e8ab5f743dd2.safeframe.googlesyndication.com
tpc.googlesyndication.com
3    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
19    63.34.177.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    3.75.19.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-19-28.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
10    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    52.59.116.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
a.teads.tv
11    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
9    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
3    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    2600:9000:223c:1a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    139.144.5.218 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-144-5-218.ip.linodeusercontent.com
socket.unibots.in
3    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
4    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
27    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
14    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
9    2a05:d018:d29:3605:cdf9:6ebb:c08d:dd (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
7    3.120.96.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-96-101.eu-central-1.compute.amazonaws.com
x.bidswitch.net
9    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
partner.googleadservices.com
1    18.66.97.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-112.fra56.r.cloudfront.net
cdn.socket.io
10    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2600:1f18:24e6:b900:1230:dee4:99dd:baf6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
1    2600:9000:223c:8000:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
adx.holmesmind.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
17    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
cm.g.doubleclick.net
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    52.211.253.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-253-239.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.50.131.75 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-75.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:9000:2251:4a00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    44.194.225.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-225-44.compute-1.amazonaws.com
sync.ipredictive.com
17    217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
2    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
11    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
3    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
1    2a02:26f0:480:f::213:7ed6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    2400:52e0:1e00::874:1 (Germany)

ASN200325 (BUNNYCDN, SI)
unibots.b-cdn.net
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
12    2400:52e0:1e00::865:1 (Germany)

ASN200325 (BUNNYCDN, SI)
stream.unibotscdn.com
2    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
1    23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    18.66.147.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-106.fra60.r.cloudfront.net
public.servenobid.com
2    54.72.115.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    2600:9000:223f:6e00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    34.194.178.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-178-11.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
3    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
9    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    54.83.160.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-160-255.compute-1.amazonaws.com
ssp.disqus.com
1    8.2.110.33 (United States)

ASN46636 (NATCOWEB, US)
us.shb-sync.com
4    18.156.139.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hbx.media.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
2    173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
3    193.108.153.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-21.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2600:9000:25e8:6000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
15    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
3    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    54.198.183.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-183-8.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    63.35.57.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-57-217.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
7    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    211.120.53.204 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    80.77.87.161 (None, )

ASN- ()
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
22    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
image2.pubmatic.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    213.155.156.169 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
5    52.18.182.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.44.10.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-10-91.compute-1.amazonaws.com
a.audrte.com
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    52.213.151.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-151-23.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    2404:6800:4006:80f::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.yahoo.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    141.95.171.142 (None, )

ASN- ()
green.erne.co
4    141.94.170.64 (None, )

ASN- ()
pixel-eu.onaudience.com
2    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
2    2606:4700:10::ac43:db6 (None, )

ASN- ()
mwzeom.zeotap.com
4    77.243.51.122 (None, )

ASN- ()
uipglob.semasio.net
4    141.94.171.212 (None, )

ASN- ()
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
60 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262
trc.taboola.com — Cisco Umbrella Rank: 907
vidstat.taboola.com — Cisco Umbrella Rank: 3587
il-trc-events.taboola.com — Cisco Umbrella Rank: 16209
images.taboola.com — Cisco Umbrella Rank: 1957
imprammp.taboola.com — Cisco Umbrella Rank: 11278
am-match.taboola.com — Cisco Umbrella Rank: 13197
wf.taboola.com — Cisco Umbrella Rank: 3685
am-vid-events.taboola.com — Cisco Umbrella Rank: 10788
vidstatb.taboola.com — Cisco Umbrella Rank: 9042
am-wf.taboola.com
1 MB
47 googlesyndication.com
980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
073ceec2d61676674541e8ab5f743dd2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
2b8db313f9ceb4a4f0c4b1e8b98d363a.safeframe.googlesyndication.com Failed
411 KB
43 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
ad.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
pubads.g.doubleclick.net — Cisco Umbrella Rank: 359
559 KB
35 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1711
75 KB
33 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image2.pubmatic.com — Cisco Umbrella Rank: 1547
image8.pubmatic.com — Cisco Umbrella Rank: 1061
image4.pubmatic.com — Cisco Umbrella Rank: 1978
simage4.pubmatic.com — Cisco Umbrella Rank: 1746
43 KB
24 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 27342
stream.unibotscdn.com — Cisco Umbrella Rank: 37345
4 MB
23 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 12957
ad4.adfarm1.adition.com — Cisco Umbrella Rank: 59333
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 54096
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
89 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
dsum.casalemedia.com — Cisco Umbrella Rank: 2664
13 KB
20 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3520
public.servenobid.com — Cisco Umbrella Rank: 7575
11 KB
17 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2247
usersync.gumgum.com — Cisco Umbrella Rank: 2735
rtb.gumgum.com — Cisco Umbrella Rank: 2264
5 KB
16 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
ads.yap.yahoo.com — Cisco Umbrella Rank: 27934
geo.yahoo.com — Cisco Umbrella Rank: 1897
10 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
2 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
acdn.adnxs.com — Cisco Umbrella Rank: 960
secure.adnxs.com — Cisco Umbrella Rank: 806
25 KB
12 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18087
e3.adpushup.com — Cisco Umbrella Rank: 19655
283 KB
10 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7516
csync.smilewanted.com — Cisco Umbrella Rank: 3971
static.smilewanted.com — Cisco Umbrella Rank: 15268
17 KB
9 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
7 KB
9 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
198 KB
8 onaudience.com
pixel-eu.onaudience.com
pixel.onaudience.com
4 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
dmp.adform.net — Cisco Umbrella Rank: 4243
cm.adform.net — Cisco Umbrella Rank: 1654
4 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
adpushup-d.openx.net — Cisco Umbrella Rank: 32309
us-u.openx.net — Cisco Umbrella Rank: 863
u.openx.net — Cisco Umbrella Rank: 1024
2 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1511
x.bidswitch.net — Cisco Umbrella Rank: 614
2 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
4 KB
7 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 7534
5 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
4 KB
7 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 35724
sync.aralego.com — Cisco Umbrella Rank: 4312
agent.aralego.com — Cisco Umbrella Rank: 319878
4 KB
5 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
2 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1486
ap.lijit.com — Cisco Umbrella Rank: 1012
2 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
3 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
imasdk.googleapis.com — Cisco Umbrella Rank: 657
357 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
bidder.criteo.com — Cisco Umbrella Rank: 949
dis.criteo.com — Cisco Umbrella Rank: 910
1 KB
5 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16071
82 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 814
55 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 5639
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593
1 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
1 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876
69 B
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
2 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
32 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
3 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
435 B
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
321 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
360 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1259
1005 B
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2941
776 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
2 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2272
1020 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1417
2 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3579
cs.yellowblue.io — Cisco Umbrella Rank: 4325
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 11
2 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
contextual.media.net — Cisco Umbrella Rank: 1062
hbx.media.net — Cisco Umbrella Rank: 1959
10 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
cms.quantserve.com — Cisco Umbrella Rank: 1260
10 KB
2 zeotap.com
mwzeom.zeotap.com
673 B
2 truffle.bid
matching.truffle.bid
2 erne.co
green.erne.co
824 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5800
677 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4144
992 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
498 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
562 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 7682
747 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2330
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 821
701 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
2 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 1002
644 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 984
988 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 906
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
3 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 8309
907 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2200
563 B
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 7032
ipac.ctnsnet.com — Cisco Umbrella Rank: 7500
754 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
842 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 99065
20 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
60 KB
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6135
546 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
118 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1542
958 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10583
505 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
visitor.omnitagjs.com — Cisco Umbrella Rank: 1162
808 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 33779
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 19210
c.statcounter.com — Cisco Umbrella Rank: 12701
15 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8195
279 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
555 B
1 admanmedia.com
cs.admanmedia.com
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1516
836 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1610
44 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1092
243 B
1 shb-sync.com
us.shb-sync.com — Cisco Umbrella Rank: 5530
1 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1592
625 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2785
160 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
17 KB
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 39054
1 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 2229
63 KB
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 7313
145 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2560
501 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 2263
479 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
863 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 776901
867 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
408 B
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 44737
13 KB
1 unibots.in
socket.unibots.in — Cisco Umbrella Rank: 75443
4 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
635 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1774
492 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
18 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 adotmob.com Failed
sync.adotmob.com Failed
521 115
Domain Requested by
27 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
imasdk.googleapis.com
www.googletagservices.com
19 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
17 imagesrv.adition.com 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
www.bg3.co
imagesrv.adition.com
17 cm.g.doubleclick.net 11 redirects www.bg3.co
googleads.g.doubleclick.net
ssbsync.smartadserver.com
g2.gumgum.com
adpushup-d.openx.net
17 tpc.googlesyndication.com www.bg3.co
980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
16 il-trc-events.taboola.com www.bg3.co
15 usersync.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
14 match.adsrvr.org www.bg3.co
imprammp.taboola.com
am-match.taboola.com
cdn.adpushup.com
ssum-sec.casalemedia.com
g2.gumgum.com
adpushup-d.openx.net
ads.pubmatic.com
14 images.taboola.com www.bg3.co
14 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
cdn.aralego.net
agent.aralego.com
www.googletagservices.com
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 simage2.pubmatic.com ads.pubmatic.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
12 stream.unibotscdn.com vjs.zencdn.net
12 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
10 image2.pubmatic.com 1 redirects ads.pubmatic.com
10 pixel.rubiconproject.com 6 redirects www.bg3.co
10 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
am-match.taboola.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
9 pr-bh.ybp.yahoo.com 2 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
adpushup-d.openx.net
ads.pubmatic.com
9 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
7 sync.1rx.io 7 redirects
7 cs-rtb.minutemedia-prebid.com public.servenobid.com
ads.pubmatic.com
cs-rtb.minutemedia-prebid.com
7 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
7 match.prod.bidr.io 7 redirects
7 x.bidswitch.net 5 redirects imprammp.taboola.com
am-match.taboola.com
7 ib.adnxs.com 4 redirects cdn.adpushup.com
acdn.adnxs.com
7 e3.adpushup.com www.bg3.co
6 c1.adform.net 4 redirects ads.pubmatic.com
5 sync.crwdcntrl.net 4 redirects ads.pubmatic.com
5 ups.analytics.yahoo.com 5 redirects
5 s.amazon-adsystem.com 2 redirects www.bg3.co
ssum-sec.casalemedia.com
adpushup-d.openx.net
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.aralego.net www.bg3.co
ads.aralego.com
adx.holmesmind.com
agent.aralego.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 pixel.onaudience.com 4 redirects
4 uipglob.semasio.net 2 redirects g2.gumgum.com
ads.pubmatic.com
4 pixel-eu.onaudience.com 4 redirects
4 s.yimg.com ad.sitemaji.com
s.yimg.com
adx.holmesmind.com
4 pubads.g.doubleclick.net imasdk.googleapis.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 sync-tm.everesttech.net 3 redirects g2.gumgum.com
adpushup-d.openx.net
ads.pubmatic.com
4 secure.adnxs.com 4 redirects
4 match.sharethrough.com public.servenobid.com
csync.smilewanted.com
cs-server-s2s.yellowblue.io
4 ad.turn.com 4 redirects
4 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
ads.pubmatic.com
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
4 ad.doubleclick.net 2 redirects www.bg3.co
4 onetag-sys.com cdn.adpushup.com
public.servenobid.com
csync.smilewanted.com
4 prebid.a-mo.net 2 redirects cdn.adpushup.com
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
cdn.unibotscdn.com
3 image8.pubmatic.com 3 redirects
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 sync.richaudience.com 3 redirects
3 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
3 image6.pubmatic.com ads.pubmatic.com
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 ssp.disqus.com 3 redirects
3 p.rfihub.com 3 redirects
3 ap.lijit.com public.servenobid.com
csync.smilewanted.com
cs-rtb.minutemedia-prebid.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
3 www.google.com tpc.googlesyndication.com
3 secure-assets.rubiconproject.com 3 redirects
3 sync.aralego.com 2 redirects ads.aralego.com
3 htlb.casalemedia.com cdn.adpushup.com
3 rtb.openx.net cdn.adpushup.com
3 trc.taboola.com cdn.taboola.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 ads.aralego.com 1 redirects ads.aralego.com
agent.aralego.com
2 mwzeom.zeotap.com g2.gumgum.com
ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 green.erne.co 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 ads.playground.xyz 2 redirects
2 us.ck-ie.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 pool.admedo.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 stags.bluekai.com 1 redirects ads.pubmatic.com
2 b1sync.zemanta.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 us-u.openx.net 1 redirects adpushup-d.openx.net
2 u.ipw.metadsp.co.uk 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 sync.targeting.unrulymedia.com 1 redirects csync.smilewanted.com
2 ce.lijit.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 ad.sitemaji.com adx.holmesmind.com
securepubads.g.doubleclick.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 ad2.adfarm1.adition.com ad4.adfarm1.adition.com
ad2.adfarm1.adition.com
2 pro.ip-api.com cdn.unibotscdn.com
2 www.googletagservices.com 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
2 ad4.adfarm1.adition.com 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
ad4.adfarm1.adition.com
2 sync.ipredictive.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 fonts.googleapis.com cdn.taboola.com
securepubads.g.doubleclick.net
2 prebid.smilewanted.com cdn.adpushup.com
2 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 am-wf.taboola.com vidstat.taboola.com
1 simage4.pubmatic.com ads.pubmatic.com
1 geo.yahoo.com adx.holmesmind.com
1 ads.yap.yahoo.com s.yimg.com
1 visitor.omnitagjs.com 1 redirects
1 u.openx.net 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 cm.adform.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cs.admanmedia.com g2.gumgum.com
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 s.ad.smaato.net ssbsync.smartadserver.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 hbx.media.net 1 redirects
1 us.shb-sync.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 agent.aralego.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 unibots.b-cdn.net cdn.unibotscdn.com
1 code.createjs.com imagesrv.adition.com
1 vjs.zencdn.net cdn.unibotscdn.com
1 live.primis.tech www.bg3.co
1 hb.yahoo.net www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 adx.holmesmind.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 vidstatb.taboola.com www.bg3.co
1 cdn.socket.io cdn.unibotscdn.com
1 073ceec2d61676674541e8ab5f743dd2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 imprammp.taboola.com vidstat.taboola.com
1 pixel.quantserve.com www.bg3.co
1 socket.unibots.in cdn.unibotscdn.com
1 rules.quantcount.com secure.quantserve.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 2b8db313f9ceb4a4f0c4b1e8b98d363a.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ssbsync.smartadserver.com
ads.pubmatic.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 static.bg3.co Failed www.bg3.co
521 192

This site contains links to these domains. Also see Links.

Domain
unibots.com
yallo.ch
popup.taboola.com
trc.taboola.com
annelscomerior.com
facherautoverkauf-ch.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
cdn.unibotscdn.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
teads.tv
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
socket.unibots.in
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
cdn.socket.io
Amazon RSA 2048 M01		 2023-02-22 -
2023-12-20		 10 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
feebee.com.tw
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-25 -
2023-11-15		 2 months crt.sh
*.pubgw.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-25 -
2023-11-15		 2 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-26 -
2024-03-20		 6 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 101 frames:

Primary Page: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Frame ID: E88AFE0A40224BDD976E2D2B5DDC5E2B
Requests: 195 HTTP requests in this frame

Frame: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E409442C84F925F9E9C680441CD9CB0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: BB6854DB03A870473ABCFAE553B88385
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: CD401A933B54C4AAA8402EA6DB43069D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 5E658573ACD0865984EA427C3B52B217
Requests: 16 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&cmcv=&pix=undefined&cb=1696350023543&uv=3345&tms=1696350023543&abt=nonrv_vA!rbcatc_vA!ufm_vD!ul3345_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a4d95dc-3b7e-4b6a-8021-d5b3a87c1dd3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: A9F814D744222A5EC8A13B272702B6B1
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: A23AE2C86D139F5CBEDCB44C1E27A085
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html
Frame ID: D4954A1556979E243C52BA03EC3AC92E
Requests: 1 HTTP requests in this frame

Frame: https://073ceec2d61676674541e8ab5f743dd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5D09F9352B13E83FADF848BC0A9FF9C1
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: DB4619CD1E653D4CF6FF24E7A373CAF9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: AE1E1833FF0C456B65273C79BF9E4C90
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: B1F7263802993B6BC842D0DD54A4B4AF
Requests: 15 HTTP requests in this frame

Frame: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B8B6D14C8C7E70C14A07BC8213503203
Requests: 24 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 7E1283806F1E05CE144B2C2F49AFED66
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNU3-QUhJH3u9zFtPQlk_OTABQPUHJ3SbnyXVFcdsBnTaLPQhVjq1JxDqLPoOJmRkb0jbWF8wVudwP7MjPSUZYMeYx4FbA
Frame ID: 72D3A3840DE8846F201255D645B11392
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C41A740593AD16A90E5E34BED2794BB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A262721EDBE202E845FA5BB91F75578A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CD0CF99AB05A9D2F16FF07611FA87049
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 95C83E187984A3320BDD3EEDC2B4E9F6
Requests: 13 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: 698737825E5097C64D8713225B02A877
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5999DE75341A96F23EB88EEDC75F4A6E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: F37F0C29AE89022EE6847A94CAC2D94E
Requests: 8 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: C9961E6F156828CBC1A1DE9C3B509CB1
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: A60A718543864C98DEF606EB414E36DF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 36C398C8FF27F2AE2D51286EA2EB82CA
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7BE351F666781FB694E308D0B0C08B9E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1696350022985
Frame ID: DFFE536A839FE4776CA5349F1D6F5365
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 869ACB0E7FC8AB7F3D63E41E6CFE1125
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 61F5652AA0DEA07FB4706B975E9948EC
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 480BFB871A75B2011F8E06C9B602A3C4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6621BA72DA9FD671837A326901ED4355
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3C97FB0B028955F47190C151C73D3141
Requests: 13 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: AA3113CC61E1263C64F4E3456BA6104C
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 83339A04F3BCA342AC0E684F0E6BF447
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: B8714EFC0BBE0CBB62377F23B874F634
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: EEDB3F7C6B645DA4A8EB81EC89590CF4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 9DA6BCA4423F7AE62CBC1D4C9BEF5AB4
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 77ADB048CF8A45C5BAB903CEF1A8C9D6
Requests: 22 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: CA36857410140E076A8D546F14DF40C6
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: EDE989418DBC52BD0BE236946BEF6A0D
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 0A2D33622E15612CB5D1AD8EA8449CBB
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 86991F83298FDEF0244D8DD4F71A79BA
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 0D3FBE94DDA65A029FBEE0E574ABDB1A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 26BDD07100928E56A07C9CFC568DC8DA
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 282E509A6468A148FA66CF10D144B897
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent=
Frame ID: AA98C887A051351470D57DB6B8BFE774
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=6943665478420919866&gdpr=0&gdpr_consent=
Frame ID: DD1C96C027D304DA1A6417D81A57BAA6
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 7042A8452366AAFAE31D4C9881C46878
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNDJkNTQyNy1iNjUzLTQzOTMtYmI3Yi01NTYwNDQ1YTY4MjA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 2FA8AF9E0362C4D41ACC8E2FA7FD0830
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: C499393BB611CEEE805274B116EC1BA9
Requests: 5 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: E2CB036E624568196FACAA6BF418F666
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZRw-S8Co5tEAAFCv6d8AAAAA
Frame ID: CEE48AF286B2B10B4ABC21F73FBF4FF9
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_342d5427-b653-4393-bb7b-5560445a6820&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 751315A78A76DCE280B230F967BFFDF9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=W237bNMB3dWIoFt3dbV8&pi=gumgum&tc=1
Frame ID: B87A4F0CA6D64F4B45D41A1E3375EADE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: DC12ABEAF85F5AAEB1C5541C4ABC1508
Requests: 4 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
Frame ID: 243D15BB02B1A3070B128A613E1D2B0D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/a94c0a23-b58d-5214-9db9-16e9f8a529a3
Frame ID: D9D9F4D87AE1DB7576AE96A508019A99
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BA2D239DE369EB9864A70655DB3058B8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&redir=true&gdpr=0&gdpr_consent=
Frame ID: 5E4674E70AB1283B3BAB5FD9588B7CD5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4100453253981970744&gdpr=0&gdpr_consent=
Frame ID: 5D2E0AAABB9E0BCE54E087BD67B60D74
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ILaQ7CXllbg7sZPqdOaMtyG3lbw75ZO4deV9ItkA
Frame ID: 4BFFFEDC437E2E1C4B167E0DA2CAC0FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7285767875650060647&gdpr=0&gdpr_consent=
Frame ID: D538F0BBC958C68D202D058ACE2F7EC3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 05C1A02FF9F46E3C678F9C154AB46DAC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Frame ID: 9115A6F96C2CC056D205E2065E2BE49B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRw-SgARzSmMeQBV
Frame ID: 738A37C3DC357827C1183F2617CDF024
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: C1138B801AA2E6E27F51F64B9BC78BB9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABmz07KOH8AABk7MLziSw&gdpr=0&gdpr_consent=
Frame ID: 5D2385F7FF1DB536EE159C120F613334
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU99ebdce51a454f38a569b4b461737c99
Frame ID: 72722495CC3393DFD81DAE33F02F29B5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A3891AFED311C5B94BC770ADFAAA892F
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2ADDB3F6AEDB3AA6C0ECC4F7703EF46D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528040792867
Frame ID: 11625C01708D6D6BD8E746F5245E7A50
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Frame ID: FBA0B0F9329C2A97A4EF5CB4587F099A
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: F3E2DD11B36E29A487B9E670ED1AF8B2
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A7879F99B73370755810EACBCE1FA1B5
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 921166078986AB727281C7DA421757A3
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: BC46205AA1DB0A989397641036A16BED
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Frame ID: 7DD2618790BF155D9ABD49C62EC5A975
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Frame ID: 4E30C95F0DC182DA0DDF668DCFAE197C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6943665478420919866
Frame ID: D12BE26E028034D81487B849FAE3D1C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A787CF9C50AF8947DC7231F3F3762BBC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63ABFB2A2A2596A9FE387C3E17AFA845
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/bea94eaac4d9e8ca11914f1e12f5c857?gdpr_consent=&gdpr=0
Frame ID: E98CECBB053FCE5ECC9624C7B3F4E64F
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: B0A56F6C0EA5947053CEBC74D5D31192
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
Frame ID: B35C3DD6278B173EE832D61F6BB00848
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 062D46381A0DC73B7BEA3692AF7489EB
Requests: 6 HTTP requests in this frame

Frame: https://2b8db313f9ceb4a4f0c4b1e8b98d363a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 7839DABC03401A2BCA9789B550C74301
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7GW7Xf9nIlnPygPLf5M_W6MO08zfjbLXOs-3C3nmNYyjlxlteerJLVSdfdjb27AjU-GvtlPggQy-a9sBksa0-SLr3NNGnxQ6Nq_NqwOa3Q0_Ki95uAdYHXCao2i6jdaNR2VR6IubCWG4vtUq7H27oddcsN36B0kVB5OIRpeBVNUDEIhXI5dskekJGlKoJPzLE7tv84Vfyb5jQtaZ2kyS5DJ0v7JntrfZecr2qXLVBXiAFI2Zg6Y_BpGUCZgle-tqJ4ValU00D-5CHig-I1v6CCp2aTysCsB0YYZMAxdaVZNGg0JIq2C6vNhNDjpBrsjKi8-lO551-CSxf&sai=AMfl-YQ_mP9i57gPw9M0p2QzoD4UGscrQKOz5PBiV2TdunfhDXjQhs9AxSzxtx4FiKFACEbhVD9vxA_pOH6g-YRwtMWWLiwauvEPkLwiSw&sig=Cg0ArKJSzLOp_s9NbvPiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7C21E264A34AF3BD7A9A5F887C9F75D4
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6FB1CD1CA3E3F5921FAA8271E767EFB2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37D6A22963C656939AC0D9EBCDC237C5
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=
Frame ID: A0C47C921D91DAA14E6930789BE4A8CE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
Frame ID: D87AA35114F314C6034EFE3B359FECBA
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 36CA1237B17461EA72D55960E12AF151
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
Frame ID: C7387D0937942FFF65167E7B9D293913
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3217481196
Frame ID: 53BAAC487822E7A7A3E5C84C973EB6AF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Frame ID: 641701118CEF5F7A491829EF98C4E62F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=
Frame ID: 8F839182C69542A3184A3DC9F2C8E4DC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
Frame ID: C73E38EAE06099A840E8BEF0CFC12C23
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: D4C4D4BA53E3D1C9081B39C7BC65D366
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
Frame ID: 35EFB717DCE3CBAAF8B9849F3B8574D6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4215457303
Frame ID: 01DF1957442CBB2746B16D4BBEAF5550
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Frame ID: C29AAF080588595B898D3AFD41EF8AA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

牙醫系「要考雕塑」…學生奔補習班 「變美比健康更重要」 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

521
Requests

77 %
HTTPS

27 %
IPv6

115
Domains

192
Subdomains

121
IPs

18
Countries

8098 kB
Transfer

18509 kB
Size

160
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 96
  • https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CL-FtaSk2oEDFdSQ_QcdawYFvQ;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
Request Chain 97
  • https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CMSHtaSk2oEDFS_wEQgdtHAH8A;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
Request Chain 133
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 134
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 162
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNAJ06TG-6-27CT HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNAJ06TG-6-27CT HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 184
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696342823&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696350023528&bpp=146&bdt=606&idt=418&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3De251d757ab4d7eed%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_Ma6tt5Nyvc5U5NN-zij_Js3-UfXtQ&gpic=UID%3D00000c8ba1258626%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MaZRM7jfJawRk8s4u3qyOCy4eYDJw&correlator=8622720980039&frm=23&ife=1&pv=2&ga_vid=383059617.1696350022&ga_sid=1696350024&ga_hid=1458802353&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3069&biw=1600&bih=1200&isw=336&ish=280&ifk=1706067244&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C44795922%2C31078301%2C44803793%2C31078422&oid=2&pvsid=3894423243177422&tmod=1061044031&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1t7fid8btlin&btvi=1&fsb=1&dtd=430 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Request Chain 187
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/W3YoZHQGfUs7PGWYxy0J3A?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C7HxyKhE2oLvusEfEwzENaAb62JTxT0HTF2Puw--~A
Request Chain 189
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YLT2omUST9OC-Vr6Si0lSA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YLT2omUST9OC-Vr6Si0lSA
Request Chain 190
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNAJ06TG-6-27CT
Request Chain 191
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTUyNDY0OWUzMzkwYTNiNjU2ZmU5ZDA4NjY1Y2JiOWEyNjM0ODY2Zg
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHPNt2U24B0ASM8tgCGE8lc&google_cver=1
Request Chain 193
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5BSjA2VEctNi0yN0NU HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECO7uFhgpucOXqM4zzpejUI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5BSjA2VEctNi0yN0NU&google_push=
Request Chain 194
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ug-6HVCwTDCsQ6xX8l0EBQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ug-6HVCwTDCsQ6xX8l0EBQ
Request Chain 195
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABmz07KOH8AABk7MLziSw&expires=30
Request Chain 196
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNAJ06TG-6-27CT&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNAJ06TG-6-27CT&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05OFIuWWhWRTJ1RUlTNWk0dW5oVlJSOTBMZHFReVVsTn5B&ovsid=LNAJ06TG-6-27CT&dpid=58160
Request Chain 197
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNAJ06TG-6-27CT
Request Chain 198
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eb13e72f-8bb6-46fd-8ce8-f13dadae30d8&expires=30
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1&C=1
Request Chain 213
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRw-SCSPpF-G21atZNsmTAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1
Request Chain 296
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 304
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 319
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 324
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4100453253981970744
Request Chain 325
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HbM0uRZHHfwyd5VITQmlFCO2
Request Chain 327
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696350026527 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2309748280 HTTP 302
  • https://sync.1rx.io/usersync/turn/4271883361042746048?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-c472eb64-a5b4-4cba-96ce-b504af229e62-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
Request Chain 328
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5124322328791702166
Request Chain 329
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=7cb1ebc1-8c0b-4b63-b07a-37c13a5156bb
Request Chain 330
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 331
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
Request Chain 332
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAh8OOAE=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.disqus.com/match?bidder=31&buyeruid=3770a831-02ba-4235-90f2-fc5134da4d3a&r=Cid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAh8OOAE=&gdpr=&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAh8OOAI=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ssp.disqus.com/match?bidder=14&buyeruid=4100453253981970744&r=Cid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAh8OOAI=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec
Request Chain 333
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
Request Chain 335
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEE90jrLwAqz2jUO4d2n98s&google_cver=1
Request Chain 344
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1be88fedbe054e40afee0f06768e2d07&expiration=1698942026
Request Chain 345
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329528040792867
Request Chain 351
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4100453253981970744
Request Chain 353
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZRw-SgAR4GCtdQA4 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRw-SgAR4GCtdQA4&_test=ZRw-SgAR4GCtdQA4
Request Chain 354
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4199825767004818112
Request Chain 355
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F7900C4933484875A43E49AF0050F1A0
Request Chain 357
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABmz07KOH8AABk7MLziSw&expiration=1697559626
Request Chain 358
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=33e3f415e5eb1734&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIPlZx_wb2iAMXZzfwAAAAAAA&expiration=1696436426&is_secure=true
Request Chain 364
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LNAJ06TG-6-27CT HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LNAJ06TG-6-27CT
Request Chain 368
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MzQzMTk1NDM1MzUwNjk4OTE3NQ==&gdpr=0&gdpr_consent=
Request Chain 369
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7285767875650060647&gdpr=0&gdpr_consent=
Request Chain 371
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent=
Request Chain 372
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4100453253981970744
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_342d5427-b653-4393-bb7b-5560445a6820&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_342d5427-b653-4393-bb7b-5560445a6820&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=cc6f9897-7213-4ba3-a466-1aa04a3dff21&ssp=gumgum2&bsw_param=064e09c4-747f-41dd-8df7-aa6886c11942 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 374
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ukbF4AHUO7yZKO5N93pcbY9tqpguo7CLESiKrFG5CPuBL9j98MdiWwc8sr00WWCh%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ukbF4AHUO7yZKO5N93pcbY9tqpguo7CLESiKrFG5CPuBL9j98MdiWwc8sr00WWCh%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_342d5427-b653-4393-bb7b-5560445a6820&obuid=ENC(ukbF4AHUO7yZKO5N93pcbY9tqpguo7CLESiKrFG5CPuBL9j98MdiWwc8sr00WWCh)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 375
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=acda22cc-7526-0a6d-3f8d-4f780f4ff6a1
Request Chain 376
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
Request Chain 377
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RK_jE7ZE2peVxAohdJuxYdzbbkLM6GbTpIJL~A
Request Chain 378
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=eb13e72f-8bb6-46fd-8ce8-f13dadae30d8
Request Chain 380
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_342d5427-b653-4393-bb7b-5560445a6820&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=DeCr5RPIDf5RVw8Xds1k&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RDFINZDKUSQJFCGMNKSKZ3TQWDEOMYWWJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RDFINZDKUSQJFCGMNKSKZ3TQWDEOMYWWJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=DeCr5RPIDf5RVw8Xds1k&us_privacy=1---
Request Chain 381
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=112dacbe-dbd4-4045-8a8d-67f1a1e39eae
Request Chain 382
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=XpKA9M9avpgA&ev=1&pid=558355
Request Chain 383
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3431954353506989175
Request Chain 385
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=6943665478420919866&gdpr=0&gdpr_consent=
Request Chain 390
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZRw-S8Co5tEAAFCv6d8AAAAA
Request Chain 392
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=W237bNMB3dWIoFt3dbV8&pi=gumgum&tc=1
Request Chain 393
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPruaOyN-JJNFdOx4CN6ElY&google_cver=1
Request Chain 402
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6025152002 HTTP 302
  • https://sync.1rx.io/usersync/turn/4271883361042746048?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
Request Chain 404
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-6011506098370058169 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/a94c0a23-b58d-5214-9db9-16e9f8a529a3
Request Chain 407
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4100453253981970744&gdpr=0&gdpr_consent=
Request Chain 408
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ILaQ7CXllbg7sZPqdOaMtyG3lbw75ZO4deV9ItkA
Request Chain 409
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7285767875650060647&gdpr=0&gdpr_consent=
Request Chain 410
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=064e09c4-747f-41dd-8df7-aa6886c11942 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=064e09c4-747f-41dd-8df7-aa6886c11942 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cacc5ec5-a0f6-4c11-b56e-6cd661df5d26&user_group=1&ssp=pubmatic&bsw_param=064e09c4-747f-41dd-8df7-aa6886c11942 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 411
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Request Chain 412
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRw-SgARzSmMeQBV
Request Chain 414
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbXowN0tPSDhBQUJrN01MemlTdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABmz07KOH8AABk7MLziSw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABmz07KOH8AABk7MLziSw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABmz07KOH8AABk7MLziSw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3431954353506989175&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABmz07KOH8AABk7MLziSw&gdpr=0&gdpr_consent=
Request Chain 415
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU99ebdce51a454f38a569b4b461737c99
Request Chain 418
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528040792867
Request Chain 419
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7775699054741716146 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Request Chain 422
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-8D-DgjQS8qWrp9UWy_g8Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 426
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=&ct=y
Request Chain 427
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1706388907
Request Chain 428
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDcycGdacS1tQ3VTV0tUMmVTNFE5UGxCUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6612935009356825541&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkJDMEZFMEUtMDhEMC00QkNBLTk2QUUtOUY1NDVCMkZFMEYx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFrWzOKB5PrleQOuivT8SZ8&google_cver=1
Request Chain 432
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6612935009356825541
Request Chain 434
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TMBiU_lE2uX8pjPvGGJbx56vBSw3uIs-~A&gdpr=0
Request Chain 436
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e76a5eff-d486-4a96-80a6-d0117a1bf20c-651c3f4a-4348&gdpr=0&gdpr_consent=
Request Chain 437
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3d22d84a2d6e1734&is_secure=true&networkId=17100&version=1&nuid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHzEuqU2LFKgNLUuZEAAAAAAA&expiration=1696436426&nuid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 438
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4271883361042746048&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 439
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5fc9781a-d716-4588-bf40-93bc141034f4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 442
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Request Chain 443
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LNAJ06TG-6-27CT HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LNAJ06TG-6-27CT
Request Chain 444
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6943665478420919866
Request Chain 446
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4100453253981970744&gdpr=0&gdpr_consent=
Request Chain 447
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4100453253981970744
Request Chain 448
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=bea94eaac4d9e8ca11914f1e12f5c857&gdpr_consent=&gdpr=0
Request Chain 453
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 454
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRw-SCSPpF-G21atZNsmTAAA%265268
Request Chain 455
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=c2be64b8-22a1-0d6f-206e-4662871c7d02
Request Chain 457
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4100453253981970744
Request Chain 458
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3084296709723666376038
Request Chain 459
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=4ee8a36d00747ba48c66715c5afd1ccb
Request Chain 461
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/bea94eaac4d9e8ca11914f1e12f5c857?gdpr_consent=&gdpr=0
Request Chain 465
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
Request Chain 505
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DF1rNcAsvjhjVQgbbhhVVXjTT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=43068a6bda2346ea7bb715cdf8527dad&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DF1rNcAsvjhjVQgbbhhVVXjTT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
Request Chain 507
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
Request Chain 508
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3217481196
Request Chain 511
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 512
  • https://pixel.onaudience.com/?partner=214&mapped=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=84ef86093be0eb3a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=43068a6bda2346ea7bb715cdf8527dad&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 514
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 515
  • https://pixel.onaudience.com/?partner=214&mapped=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=ace67d7e6206f574
Request Chain 517
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DF1rNcAsvjhjVQgbbhhVVXjTT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=43068a6bda2346ea7bb715cdf8527dad&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DF1rNcAsvjhjVQgbbhhVVXjTT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
Request Chain 519
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
Request Chain 520
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4215457303

521 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
www.bg3.co/a/ 		60 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6dbdad506c9135c1771abd56e7070028cae1d01bb18b6f15cb0743f264ced0f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 16:20:21 GMT
etag
"f1e5-d0gZNcDmvgyW+OEB6EpTjGCcV6k"
expires
Tue, 03 Oct 2023 16:21:21 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 03 Oct 2023 16:20:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73010
x-xss-protection
0
server
sffe
etag
"b44d49b4390daba4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Oct 2023 16:20:22 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 03 Oct 2023 16:20:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9649
x-xss-protection
0
server
sffe
etag
"72b1ab72fa86fbb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Oct 2023 16:20:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa23b7d5325e06f0085b3b46ad110499e513c9f2545de9e74b595a6b9491f836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29382
x-xss-protection
0
server
cafe
etag
932 / 19633 / m202309280101 / config-hash: 18346230598739657090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:20:22 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f8e3daabdc6a334fbaf144d5ad810b28378bfaa9532bbe0a1b833996f54775f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91216
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Oct 2023 16:20:22 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Oct 2023 13:24:21 GMT
server
cloudflare
age
19800
etag
W/"651ac485-a1c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8106831748131e5c-FRA
expires
Tue, 03 Oct 2023 22:50:22 GMT
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
age
32867
x-cache
HIT
x-client-device
desktop
content-length
10032
x-ap-device
DESKTOP
last-modified
Tue, 03 Oct 2023 07:00:26 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Tue, 03 Oct 2023 17:20:22 GMT
adpushup.js
cdn.adpushup.com/42753/ 		681 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
age
283277
x-cache
HIT
x-client-device
desktop
content-length
145467
x-ap-device
DESKTOP
last-modified
Thu, 28 Sep 2023 16:35:35 GMT
server
ECAcc (ama/48F2)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Tue, 03 Oct 2023 17:20:22 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		563 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
183dfec5cf1f6b3a375fda455ca34845f0dde81eb23330157e582eec0cca23ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Yr7T8HrVNyhK_41shFiUGwuYGOTG3VKh
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:22 GMT
x-amz-request-id
0C4G77WH55RV40R0
age
19974
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
55237
x-amz-id-2
zs+9BuNXLG5P2DMhbQGd2sktQpVmCB+MbnycKjPU5TcYNp6ca1BHXIZafgO1UMVfkIz6AAH0ccw=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:47:13 GMT
server
AmazonS3
x-timer
S1696350022.302974,VS0,VE2
etag
"f52a1e260c399bab087a03548886a0f8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6431
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOG04%2FV618XBTbd9nbH7mlmI%2FPAlXYoTkWCvMctKs1q7QDeA5qXhLqOs0mCtN1AmdwXTPJaFbsG0klsBy1RZRL9pB03aQUnEFxRzqWhrqTUJeyN9XoZc8EQo3AvqUJWOJ0TRfHis75UPrpnmkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8106831aef27691b-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
player.js
cdn.unibotscdn.com/player/mvp/ 		316 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
b9ca88ff32a453c0d8a5bd64d52474826dd9225343b12bca882251daf5448682

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
09/30/2023 06:49:35
cdn-pullzone
873945
last-modified
Sat, 30 Sep 2023 06:49:13 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
656
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6517c4e9-4eedb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
7c8ea91611430d3e3e22ef34809242de
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
t.php
c.statcounter.com/ 		192 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=75D7026B35484FDB2C481138207B7BEB&java=1&security=dd738f34&sc_snum=1&sess=95cc7e&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&t=%E7%89%99%E9%86%AB%E7%B3%BB%E3%80%8C%E8%A6%81%E8%80%83%E9%9B%95%E5%A1%91%E3%80%8D%E2%80%A6%E5%AD%B8%E7%94%9F%E5%A5%94%E8%A3%9C%E7%BF%92%E7%8F%AD%E3%80%80%E3%80%8C%E8%AE%8A%E7%BE%8E%E6%AF%94%E5%81%A5%E5%BA%B7%E6%9B%B4%E9%87%8D%E8%A6%81%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1931&sc_rum_e_e=1935&sc_rum_f_s=0&sc_rum_f_e=1928&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
81068317a8861e5c-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
impl.20231003-9-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5e79e3732bbbae1bf9807c0bb412a312efaf38da68ca7a90e4558c192af2ee24

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
im78naZw0f.pUwqPC7vJhfi9ZafTafax
content-encoding
br
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:22 GMT
x-amz-request-id
NW5YV2WXR2EVJR5C
age
22361
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171935
x-amz-id-2
+plOcc2fVoQsamuuO2wtNidGV3ZI4cR2Jook0HKF8MZ4BrbdrqGSLSKTaq3M3JADfkBTHyfLuHQ=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 09:59:30 GMT
server
AmazonS3-br
x-timer
S1696350022.395393,VS0,VE0
etag
"9fd15e78bb04560827b357a5c3482fb5"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
91278
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je39r0&_p=127493778&cid=383059617.1696350022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696350022&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&dt=%E7%89%99%E9%86%AB%E7%B3%BB%E3%80%8C%E8%A6%81%E8%80%83%E9%9B%95%E5%A1%91%E3%80%8D%E2%80%A6%E5%AD%B8%E7%94%9F%E5%A5%94%E8%A3%9C%E7%BF%92%E7%8F%AD%E3%80%80%E3%80%8C%E8%AE%8A%E7%BE%8E%E6%AF%94%E5%81%A5%E5%BA%B7%E6%9B%B4%E9%87%8D%E8%A6%81%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1549391
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230077-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696350023.518179,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 31719
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 		413 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 13:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
9188
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 02 Oct 2024 13:47:14 GMT
1d3a4d56ccfb169a2d9d83be30989d82.jpg
static.bg3.co/imgs/202105/ 		0
0
97d1ed8d3e41f487f2c525f36c8f4174.jpg
static.bg3.co/imgs/202105/ 		0
0
c9ec9f7a1e494bf7b0bedb47475b880f.jpg
static.bg3.co/imgs/202105/ 		0
0
e2654063ba2b8c44ec528072c79aea64.jpg
static.bg3.co/imgs/202106/ 		0
0
8f91a71ff32d125f60a8302f35c20552.jpg
static.bg3.co/imgs/202106/ 		0
0
9fd0210f020b82863d6116496739802d.jpg
static.bg3.co/imgs/202105/ 		0
0
47dc22bc02780370eb129ac4ae9b6344.jpg
static.bg3.co/imgs/202309/ 		0
0
2071ad06acda4988910955922513b2b2.jpg
static.bg3.co/imgs/202309/ 		0
0
5dbb6f94afb61dff6b4406be609b58a9.jpg
static.bg3.co/imgs/202106/ 		0
0
f201040137fa55b2e60b8da99213018f.jpg
static.bg3.co/imgs/202105/ 		0
0
ae23b43703743ab7e30b848f93e8ea00.jpg
static.bg3.co/imgs/202309/ 		0
0
ab6fef3cf6b600542d02f64a0a75cb51.jpg
static.bg3.co/imgs/202106/ 		0
0
7f1b7a44fda67cd8bde5fe80be9486b2.jpg
static.bg3.co/imgs/202309/ 		0
0
2cfa7d51ec920835e6d79c3039e32ae6.jpg
static.bg3.co/imgs/202105/ 		0
0
0cc6352291d9cf29a09e16298b96ff35.jpg
static.bg3.co/imgs/202105/ 		0
0
6847ad075153397e1b0fab2cc89bab80.jpg
static.bg3.co/imgs/202106/ 		0
0
aa55013bf0365c04ac2f3e14d57a3cac.jpg
static.bg3.co/imgs/202105/ 		0
0
a9c9004038aa3b4f44d1664fc0fd408f.jpg
static.bg3.co/imgs/202106/ 		0
0
9ed75ef25ff37e0e3cfbeb3719d98c6f.jpg
static.bg3.co/imgs/202106/ 		0
0
01c46e10f06b68766c46d9e8651288e9.jpg
static.bg3.co/imgs/202309/ 		0
0
b7fb3a1c467573f01006525c31f99a2f.jpg
static.bg3.co/imgs/202105/ 		0
0
b95049b36a754a118f29fd204cdbc4f8.jpg
static.bg3.co/imgs/202105/ 		0
0
cdd360a02315177ea6d31ab25a880f80.jpg
static.bg3.co/imgs/202105/ 		0
0
5a45a59892da7389abfc4fc263d8ea92.jpg
static.bg3.co/imgs/202206/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012309151607000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:14 GMT
age
593348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2976
x-xss-protection
0
server
sffe
etag
"07fb3dc7eac63481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:14 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012309151607000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:14 GMT
age
593348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3936
x-xss-protection
0
server
sffe
etag
"3d96bab6a7d5a37d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:14 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1111923
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230077-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696350023.553704,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 994947
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:21 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
349825
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		78 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=18%3A20%3A22.578&lti=deflated&data=%7B%22id%22%3A471%2C%22ii%22%3A%22%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696330027877%2C%22vi%22%3A1696350022576%2C%22cv%22%3A%2220231003-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html%22%2C%22vpi%22%3A%22%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3469%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3348.984375%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b2b9332dfd35b7ef73d224abd884a0bf13cce6f89042e1a228fa12ee1ae97655

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
482
date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.2495833333333333
x-fastly-to-nlb-rtt
64067
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230112-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1696350023.598085,VS0,VE482
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
age
1644559
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (ama/48CC)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 16:20:22 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
age
4612844
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 16:20:22 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
age
1644559
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 16:20:22 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYzNTAwMjI2ODgsInBhY2tldElkIjoiMDAwMEE3MDEtYzNjN2I4MzAtNTAyNS00OGZiLTk4MjYtNTllMGI4NWIyNDQzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhLXlpLXhpLXlhby1rYW8tZGlhby1zdS14dWUtc2hlbmctYmVuLWJ1LXhpLWJhbi1iaWFuLW1laS1iaS1qaWFuLWthbmctZ2VuZy16aG9uZy15YW8uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2297.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:22 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1696350022780
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 02 Oct 2024 16:20:22 GMT
date
Tue, 03 Oct 2023 16:20:22 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
4079698
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYzNTAwMjI4MDQsInBhY2tldElkIjoiMDAwMEE3MDEtYzNjN2I4MzAtNTAyNS00OGZiLTk4MjYtNTllMGI4NWIyNDQzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhLXlpLXhpLXlhby1rYW8tZGlhby1zdS14dWUtc2hlbmctYmVuLWJ1LXhpLWJhbi1iaWFuLW1laS1iaS1qaWFuLWthbmctZ2VuZy16aG9uZy15YW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2413
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYzNTAwMjI4MTEsInBhY2tldElkIjoiMDAwMEE3MDEtYzNjN2I4MzAtNTAyNS00OGZiLTk4MjYtNTllMGI4NWIyNDQzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhLXlpLXhpLXlhby1rYW8tZGlhby1zdS14dWUtc2hlbmctYmVuLWJ1LXhpLWJhbi1iaWFuLW1laS1iaS1qaWFuLWthbmctZ2VuZy16aG9uZy15YW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2420
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYzNTAwMjI4MTQsInBhY2tldElkIjoiMDAwMEE3MDEtYzNjN2I4MzAtNTAyNS00OGZiLTk4MjYtNTllMGI4NWIyNDQzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhLXlpLXhpLXlhby1rYW8tZGlhby1zdS14dWUtc2hlbmctYmVuLWJ1LXhpLWJhbi1iaWFuLW1laS1iaS1qaWFuLWthbmctZ2VuZy16aG9uZy15YW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2422.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
778 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948671750844261&correlator=1456113120027375&eid=31070233&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696350022825&lmt=1696342822&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=383059617.1696350022&ga_sid=1696350023&ga_hid=127493778&ga_fc=true&dlt=1696350022203&idt=388&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_9_0_pv%26cluster_reporting%3Dchrome_DESKTOP_9_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccee0cdfa08b1ee2618fb5c97c7d202947f6f7015fcff81a067e0a5356f6248e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
747
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E40 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:22 GMT
expires
Wed, 02 Oct 2024 16:20:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca7a8672a07fab48b90d072b49a0b88a112113c195f43526dd9ab8c60145ecd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 14:00:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
8398
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13159
x-xss-protection
0
server
cafe
etag
16611791723324671441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 02 Oct 2024 14:00:24 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYzNTAwMjI4MDQsInBhY2tldElkIjoiMDAwMEE3MDEtYzNjN2I4MzAtNTAyNS00OGZiLTk4MjYtNTllMGI4NWIyNDQzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lhLXlpLXhpLXlhby1rYW8tZGlhby1zdS14dWUtc2hlbmctYmVuLWJ1LXhpLWJhbi1iaWFuLW1laS1iaS1qaWFuLWthbmctZ2VuZy16aG9uZy15YW8uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2445
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 10 Oct 2023 16:20:22 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231003
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
478bf656d14a54eb37d140e2ab2035b97d3f48e9eeeae540661f1a0f4c44bfca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1172
x-jsd-version
1.0.1832
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-bAvnhruO8FNgjanV9h+ubvs0+Zo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2z1q9B1e1ctJva8VwV7XTeW7Nlzy6yK%2BRHVeMWMkknN3umqOBX82UILGr7ARqWoZrPzKQLiS3j258ZKxu3BtH%2BF20opNQ5OLwEPcueCM85zoZC3AV%2F4v1Ambre2onXbG6OsSBuYIMf0LyFmnXCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8106831b6f70f0d7-CDG
c
prebid.a-mo.net/a/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 03 Oct 2023 16:20:22 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=42320355047&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 03 Oct 2023 16:20:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
adreq
ads.servenobid.com/ 		723 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9765
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.19.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-19-28.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
16ee74e54ed4fc6ef7ecc38b845beadd752839bbf3b7c5c3ce0471c0711622ad

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Oct 2023 16:20:23 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
71
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8106831b8d634dcb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8106831b8d644dcb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9de209d9f9f34aace4afa4888a57fcaf84c715d990a9709aca1e3aa126ee5415

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Oct 2023 16:20:22 GMT
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.116.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 03 Oct 2023 16:20:23 GMT
prebid
ib.adnxs.com/ut/v3/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
108d5bf69f661dc1cd268f82db93e50a0fdac720a9b96c778d928835956064d9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
an-x-request-uuid
a04271ed-6316-402a-8c64-9f4851797098
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
256
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e94a8e6e28e661a381e35833873364bd314bf411f8b9352b7384be5d58e72f25

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=c4339307-f130-429f-9f9f-09337f48992e%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E7%89%99%E9%86%AB%E7%B3%BB%E3%80%8C%E8%A6%81%E8%80%83%E9%9B%95%E5%A1%91%E3%80%8D%E2%80%A6%E5%AD%B8%E7%94%9F%E5%A5%94%E8%A3%9C%E7%BF%92%E7%8F%AD%E3%80%8C%E8%AE%8A%E7%BE%8E%E6%AF%94%E5%81%A5%E5%BA%B7%E6%9B%B4%E9%87%8D%E8%A6%81%E3%80%8D&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=1dacdd8a-e8e2-40e3-bd0e-d9d5934f44a6%3B2a86c685-ff11-4ba4-931e-a47b59de7da1&l_pb_bid_id=56b5f5305317dc%3B57e0c359443baff&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1dacdd8a-e8e2-40e3-bd0e-d9d5934f44a6%3B2a86c685-ff11-4ba4-931e-a47b59de7da1&rp_maxbids=1&slots=2&rand=0.8240920742527955
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3bd784bb1b4b19a5bab9e589cf577ece64242030d19f9c310e11648d02ee0923

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
50e36641a19080622e16bcdbb895234da506068d72a77636fc1cd734d37d4c29

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 03 Oct 2023 16:20:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 03 Oct 2023 16:20:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c12859eca282c159661e4bd57844a9fdb6a8739d341a485f2c41b7e6feed8f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkhCBlTDqPg7LJ5lxl4sMOw40zDqUtxFE446Mt0iAefj6Z3qANZSkTChjnttNf9k1k1%2FHd8eIrINIhOE1k4bjjU%2BJBdX3Fu9zIa7q%2FZHU%2BiG7mRtngXGJOiobPe88eTEVNVmjh0H"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8106831b99e03cc5-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c12859eca282c159661e4bd57844a9fdb6a8739d341a485f2c41b7e6feed8f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uY1TaqThtlhpk%2BedzBu78ec44g5myePupy9bSDTv0R82PXNswD8I1MvZIz%2BIGK7X6n5jvBx58hoNbPhBgWIe%2FxhYT3nsbFg%2Bx5l8vb6rA%2Fj54tXoes2rFW8qxQ%2BQCqPjRXI1oPCc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8106831b99e33cc5-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c12859eca282c159661e4bd57844a9fdb6a8739d341a485f2c41b7e6feed8f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDb2syCuLTNKIMS8vpspF4iNep9f2SJpkoUs2f2ijtQ6B9%2Bv7Mk7AKblyw7FpsLEPZn5vGctGufFeem8Foo0ClrEskPvkAsF1xOpVdXINDRmHAd4Cg90VQfxpwg9fNm36G3v%2FUcx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8106831b99e83cc5-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9132
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0gVmUJ1zhzyMqDt6f3T%2B%2BWzfp1jjVGWFTBExCd%2FR6JfJyRXHaBKWY4a7Vvin0okzjNbiqjhPaTqevVarkLQ2y0hGI3m5PF%2FnQdDSAxz6A6kfu%2FLnQ8eSZCrmxi%2FQon919k4mezT2QGcnxC%2BxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8106831b4f74691b-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a4a0b2d357363e3c4dcc8cef8dbb67b273ba61bad258a84d298968055bdce42

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7561127726075556&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:20:23 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:1a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:55:26 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1498
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
zdx2TpuAkwYIqBWOnSTxbrhg7wLfnQZQuDAeP0IPCipLnIFv25ENvA==
playerConfig
socket.unibots.in/website/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.144.5.218 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
139-144-5-218.ip.linodeusercontent.com
Software
/ Express
Resource Hash
16c1a8284ac22bac6889f84dcbc193f8ffd78f080d9e4378406b3a67b6b555b3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:23 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
3609
etag
W/"e19-vwRj2d0Nu4XpH6939n9fbHUAS6s"
content-type
application/json; charset=utf-8
pixel;r=2037512133;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html;uh=e51ed67dfb8d91dc24b15e2ace...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2037512133;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1523039640-1696350022984;pbc=c4339307-f130-429f-9f9f-09337f48992e;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1696350023103;tzo=-120;ogl=;ses=1823606e-909d-4765-b0b5-3b59f16ae3a8;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
floating-unit.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8647c3cdde2a08bb1de628a786e9607c1cfd69f8620f0b004b1e0eb13e9c501

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8s_DViAPZUyyFsHMf3y.XKS99HG44Wh.
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
Q91W8NA3XEX7QBYA
age
20223
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
ZiQboCNW2v4DRJ8M0arF5ZG2Vgfkhqpwk/hm2Oyvf9sfcz7ix4dRelJU3saYtrNNT2+G4FZqZMQ=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:43:21 GMT
server
AmazonS3
x-timer
S1696350023.128075,VS0,VE0
etag
"9302a89d82d448058c541a3e803f8b05"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
76
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6794
taboola-vignette-new-scanning.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c15ccf4d265cf5f2b9bf8a4f591ccfaf190f264d0227fa1d37f4390fb14d5f87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
bmU1uHvwScFLhTrZ1EdjHg3BxE4OcC9P
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
DS82NX21W3DVQ83H
age
20161
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
E/UxYlBleaZ3iDamfyf2ITmrwfVslHGRKQAkGOjRKHcXSB19XThK+O1udy0pXK9zpINfsI7hmrM=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:44:22 GMT
server
AmazonS3
x-timer
S1696350023.128794,VS0,VE0
etag
"d5bf25530537f37e17642271edea36e2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
17
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5249
distance-from-article.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90c5cb30608837e3f31706fad97926bf58dc6e8e586f25b26cd9575bb48f7706

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
SMxoV_1G2bPBHHPyv65j29toj8WbxYVa
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
347ZAKWJA16PCCYC
age
20254
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
ZO8O1PTRXv3/F55xWuzzTUEEPXi6OeqTpclANXe6cmAUn7NbIzSsQ694AeBiKFj8IyQWYhYfWec=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:42:49 GMT
server
AmazonS3
x-timer
S1696350023.140661,VS0,VE0
etag
"fba1cab2be05b89de3b4a5f374570490"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
65335
article-detection.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5980a644111865c17f116417e51593a3a427e7a25130c6029bf2da0d10d79146

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4Pxdi2ZN_qLbgYtLsHwlgNgnk0ZhfDqC
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
CR4ZH69YABXDMAK4
age
20276
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
6UJZbFU9wQ//4TYEHMth/hMjhmwAqPsie8IPXFXILqSdcze3ymjT0xQKqW2rUq8lpPCVdbsxZ0Y=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:42:27 GMT
server
AmazonS3
x-timer
S1696350023.140798,VS0,VE0
etag
"504c6c3dee15b1e3d14bbe2c133783f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
82
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
65345
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.9/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6cf7f6b545e3bca01c1d76754a14719ce1329ab67177bd145767c2f2bc75fd8

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
20565
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34324
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Tue, 03 Oct 2023 10:37:22 GMT
server
AmazonS3
x-timer
S1696350023.206590,VS0,VE0
etag
"1181e33be6e95d56261bd3572bdb31d3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
VnOQqcgNvJd8krScFwjdojRzByzEWPAhjW_3PNjOf14jCRgoMvbOeA==
x-cache-hits
4097
feed-card-placeholder.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e642d00afcb3f47c8b418e9322522e6f32cb0bc6d0e6ff0f69bdb890a0c1e10

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
b.bRJhyE_M.UcYh4CXnwDatiQkwMmJ4d
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
Z75J94QYD1DJ7XA0
age
20239
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
rRG4ZQAjED8z49ga5G9RD+iecw+W6VEwt/HKWIKRONVfivpAwWZe5Z/8rAptLelKv4ndiM/fI4A=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:43:04 GMT
server
AmazonS3
x-timer
S1696350023.148487,VS0,VE0
etag
"98f30df1dba99f07e6fbf17e11f8e6c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
14
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
55687
userx.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63499d6c49a6a813ee86e89bdfff444d23c29917fc366ff8fa18ab7244fdfd2e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
V1ICWd9P6FlbX5kl8wLhqcKqeSAcEBLg
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
FZK4K60TB4PWXGZB
age
20151
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
Sv/4XX5J9cBbSXuqALjO430HYT3c6fFtMd41MnaM4xPsu/gYuvt6SANyMoKJAsJQj8gaamreP4s=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:44:31 GMT
server
AmazonS3
x-timer
S1696350023.149708,VS0,VE0
etag
"4f2c93be6370d9ffbabd92e8fe593a87"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17202
explore-more.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ada6435de11f15eba4e529b72fcd1bb6bc28e68e58400715586648a9ca330c88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8Zm1Y_de0oUxsK1csdM9gN4_qSBWriNL
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
DT5VE9TZJ7B4G5N6
age
20245
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
gkQj/bLsHhBWrkpETX9vo4XSsOGJQ4mtSGp+gpOYegGPyMPorCKuyU/thX7LqTXyMu71lLU8QkQ=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:42:58 GMT
server
AmazonS3
x-timer
S1696350023.158854,VS0,VE0
etag
"d4812d5ed92b47fe2875bdc57c9074f7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
68
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
30742
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=18%3A20%3A23.119&id=1148&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1696350023120%7D&tim=18%3A20%3A23.120&id=3411&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696350023127%7D&tim=18%3A20%3A23.127&id=242&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
B29068018.355025866;dc_pre=CL-FtaSk2oEDFdSQ_QcdawYFvQ;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
  • https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CL-FtaSk2oEDFdSQ_QcdawYFvQ;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CL-FtaSk2oEDFdSQ_QcdawYFvQ;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CL-FtaSk2oEDFdSQ_QcdawYFvQ;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B29068018.355025866;dc_pre=CMSHtaSk2oEDFS_wEQgdtHAH8A;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
  • https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CMSHtaSk2oEDFS_wEQgdtHAH8A;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CMSHtaSk2oEDFS_wEQgdtHAH8A;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CMSHtaSk2oEDFS_wEQgdtHAH8A;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A20%3A23.146&id=2657&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A20%3A23.148&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2427&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74387
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A20%3A23.149&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=7860&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74387
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A20%3A23.154&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=2041&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74387
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A20%3A23.155&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5613&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74387
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A20%3A23.189&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=686&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74391
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
15
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1696350023.200318,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
58
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
29
cc688d54307bc2e37551e093c25561de.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_1080%2Cx_0%2Cy_128/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_1080%2Cx_0%2Cy_128/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc688d54307bc2e37551e093c25561de.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8f087a2d64fde28ecd95784b677c3ef5241a1c9c5beba6c0f40ac187fb3c7ca6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_1080%2Cx_0%2Cy_128/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc688d54307bc2e37551e093c25561de.jpg
age
1182711
edge-cache-tag
577010342666635306653237192233786996799,590369926533082112603093468831272395446,29ecf9b93bbf306179626feeda1fab70
cache-tag
577010342666635306653237192233786996799,590369926533082112603093468831272395446,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
962
req-referer
https://www.marca.com/
content-length
46796
x-request-id
433a3dae52775bc5d72645dd7c110f3c
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000090-IAD, cache-iad-kjyo7100048-IAD, cache-sna10731-LGB, cache-iad-kjyo7100170-IAD, cache-fra-eddf8230112-FRA
last-modified
Tue, 19 Sep 2023 14:49:03 GMT
server
nginx
surrogate-reporting
width=1080,height=810,bytes=127293,owidth=1080,oheight=1080,obytes=297363
x-timer
S1696350023.231742,VS0,VE2
etag
"be348df59b5a02642c2d9e8b51cb092c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
cc688d54307bc2e37551e093c25561de.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1080%2Cx_0%2Cy_168/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1080%2Cx_0%2Cy_168/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc688d54307bc2e37551e093c25561de.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
472873bfc7fdc0b159467112d2570b00395682df4ae8512df0f4f39aa3c6e2e6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1080%2Cx_0%2Cy_168/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc688d54307bc2e37551e093c25561de.jpg
age
1182879
edge-cache-tag
577010342666635306653237192233786996799,474087227171467410617117402447527258183,29ecf9b93bbf306179626feeda1fab70
cache-tag
577010342666635306653237192233786996799,474087227171467410617117402447527258183,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
590
req-referer
https://www.lefigaro.fr/actualite-france/les-banques-ca-vaut-pas-le-coup-au-proces-de-redoine-faid-la-vie-de-voyou-de-jacques-mariani-20230919
content-length
37082
x-request-id
8376843d564acf86e087ff5470e32fa7
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100132-IAD, cache-iad-kjyo7100059-IAD, cache-iad-kcgs7200164-IAD, cache-fra-eddf8230112-FRA
last-modified
Tue, 19 Sep 2023 14:49:03 GMT
server
nginx
surrogate-reporting
width=1080,height=540,bytes=100708,owidth=1080,oheight=1080,obytes=297363
x-timer
S1696350023.236959,VS0,VE0
etag
"82db6b2bc64416a2c7145b7d2f84744b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2746, 3
uskp0l3naoa3rzejqkib.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695644101/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695644101/uskp0l3naoa3rzejqkib.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4fdd0f1c05515e5ffe58554e808dccc5b5b5aa42f0348d03bed6350a6aaf950

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695644101/uskp0l3naoa3rzejqkib.jpg
age
705872
edge-cache-tag
378695557520618837294857908002853183595,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
378695557520618837294857908002853183595,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
100
req-referer
https://www.telecinco.es/
content-length
11888
x-request-id
48176b2e934ddceaf51a40ccb217d24c
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100172-IAD, cache-iad-kiad7000140-IAD, cache-iad-kcgs7200024-IAD, cache-fra-eddf8230112-FRA
last-modified
Mon, 25 Sep 2023 12:15:51 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=28937,owidth=800,oheight=450,obytes=27926
x-timer
S1696350023.261389,VS0,VE2
etag
"5b0252943d71cdb91bc2f3050124e68c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 1
010265c674156b11c5a7f0548effca2a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d9a990a2a2aba6243e0eb9e5771ffaa1c28daa936d6e835ece7812ac01f3beb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
age
1319401
edge-cache-tag
566384033220055394941780511940138429506,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
566384033220055394941780511940138429506,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
345
req-referer
https://www.saechsische.de/
content-length
10308
x-request-id
bc208e2c86b4a8fa49632cb27cfa7ad4
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100135-IAD, cache-iad-kjyo7100116-IAD, cache-iad-kiad7000089-IAD, cache-fra-eddf8230112-FRA
last-modified
Mon, 18 Sep 2023 00:06:23 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=17499,owidth=1600,oheight=900,obytes=1520715
x-timer
S1696350023.264112,VS0,VE0
etag
"99025b1f059273d39006c530952c18e5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2931, 43
awblc3geu323atcgyeyy.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695643537/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695643537/awblc3geu323atcgyeyy.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0eff24c4c0dfd7d3d6b5f697a31a318c2aeac30b11434072aa4173fa04952d94

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695643537/awblc3geu323atcgyeyy.jpg
age
235576
edge-cache-tag
438435599239062881343739031521868447157,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
438435599239062881343739031521868447157,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
522
req-referer
https://www.gazzetta.it/
content-length
34748
x-request-id
bfad08d8978207d159d96c26931ff0cd
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200151-IAD, cache-iad-kjyo7100169-IAD, cache-sna10729-LGB, cache-iad-kcgs7200110-IAD, cache-fra-eddf8230112-FRA
last-modified
Mon, 25 Sep 2023 12:06:30 GMT
server
nginx
surrogate-reporting
width=800,height=400,bytes=35817,owidth=800,oheight=450,obytes=35722
x-timer
S1696350023.288288,VS0,VE3
etag
"eabdc9bc64961dd9c90e252d148fc0e0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
de97da4e5ea43a5c120f39621c2b70a3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4ad80d7d73b7f24ebf06c45f0c0440cb9be0f663436a81dd259d4706d1e03a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
age
1319148
edge-cache-tag
408733366898660953393362977677879303429,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
408733366898660953393362977677879303429,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
465
req-referer
https://www.tag24.de/
content-length
26132
x-request-id
0fb0b7590803bc97570298a178c38325
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100170-IAD, cache-sna10722-LGB, cache-iad-kcgs7200079-IAD, cache-fra-eddf8230112-FRA
last-modified
Mon, 18 Sep 2023 00:09:37 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=32563,owidth=1400,oheight=788,obytes=2079237
x-timer
S1696350023.288963,VS0,VE0
etag
"ebf240bc440e635dcd1b9d473ff0f36a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 38, 6
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1046a7b5f56b3c23e1162005cfc50b1f0af39546ed1f194f63a1613acf2dea4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
2767553
edge-cache-tag
553345370031307653688610699912439950752,547259280119040429728062571465126378377,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,547259280119040429728062571465126378377,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
113
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tvmovie.de/
content-length
10060
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000160-IAD, cache-iad-kiad7000147-IAD, cache-iad-kcgs7200057-IAD, cache-fra-eddf8230112-FRA
last-modified
Tue, 01 Aug 2023 05:55:16 GMT
server
nginx
x-timer
S1696350023.317018,VS0,VE1
etag
"d5f7a809c5582096c3cb0ce65205e40b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1083, 1
cc688d54307bc2e37551e093c25561de.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1080%2Cx_0%2Cy_168/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1080%2Cx_0%2Cy_168/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc688d54307bc2e37551e093c25561de.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf6388c7f2943f39c5b6cb609bfa367efe2b2b47bbab1cfe8e7e57e9e67e3257

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1080%2Cx_0%2Cy_168/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc688d54307bc2e37551e093c25561de.jpg
age
1236432
edge-cache-tag
577010342666635306653237192233786996799,433905914140179145829128143493681331294,29ecf9b93bbf306179626feeda1fab70
cache-tag
577010342666635306653237192233786996799,433905914140179145829128143493681331294,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1189
req-referer
https://ads.taboola.com/
content-length
41648
x-request-id
2e4ed29d03ddee5beb6efbe86e4ff77f
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200081-IAD, cache-iad-kcgs7200062-IAD, cache-sna10720-LGB, cache-iad-kiad7000101-IAD, cache-fra-eddf8230112-FRA
last-modified
Tue, 19 Sep 2023 08:53:12 GMT
server
nginx
surrogate-reporting
width=1080,height=607,bytes=112470,owidth=1080,oheight=1080,obytes=297363
x-timer
S1696350023.321991,VS0,VE0
etag
"18103e4bab17989aae899c73e78bb5f4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2482, 138
010265c674156b11c5a7f0548effca2a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22448f459d343be586255d8f7f412d32ac59a854ee4a193e037170a55c7bccac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
age
1353738
edge-cache-tag
566384033220055394941780511940138429506,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
566384033220055394941780511940138429506,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
279
req-referer
https://www.tag24.de/dresden/lokales/die-letzten-geheimnisse-vom-eliasfriedhof-2956727
content-length
22292
x-request-id
952ef747c92321fcdeaada4cf6b44c2a
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100158-IAD, cache-iad-kiad7000084-IAD, cache-iad-kjyo7100074-IAD, cache-fra-eddf8230112-FRA
last-modified
Mon, 18 Sep 2023 00:06:23 GMT
server
nginx
surrogate-reporting
width=1600,height=888,bytes=78981,owidth=1600,oheight=900,obytes=1520715
x-timer
S1696350023.345730,VS0,VE0
etag
"26f7346ccb0045e95d724c180ee055d8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 22
de97da4e5ea43a5c120f39621c2b70a3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b60b0182287c737c56da3e2d3d201a5fd23c492e64a97f8456fff803f800d3a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
age
1320490
edge-cache-tag
408733366898660953393362977677879303429,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
408733366898660953393362977677879303429,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
204
req-referer
https://www.tag24.de/
content-length
95904
x-request-id
730b00498ba37cdd3081fd155563e572
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100120-IAD, cache-iad-kjyo7100120-IAD, cache-sna10730-LGB, cache-iad-kiad7000027-IAD, cache-fra-eddf8230112-FRA
last-modified
Mon, 18 Sep 2023 00:09:37 GMT
server
nginx
surrogate-reporting
width=1400,height=777,bytes=197194,owidth=1400,oheight=788,obytes=2079237
x-timer
S1696350023.351910,VS0,VE0
etag
"06e088bdf961a200adc5c84782eefe84"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 145, 2
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
3751838
edge-cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
269
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.desired.de/
content-length
29394
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200115-IAD, cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200071-IAD, cache-fra-eddf8230112-FRA
last-modified
Tue, 01 Aug 2023 07:44:45 GMT
server
nginx
x-timer
S1696350023.352986,VS0,VE2
etag
"a8139c2d2ea8fa23ad77f4b509ad1b5b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 72, 1
next-up-widget.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa64ff458d93e79b8853fd55ac7a09f6d6d1e102382f334d50a3c42c21717ab3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IMDiBh7szuKfUj9sEVXzA.xSBp1zyy88
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
XXTF1K1KVENZ2MYM
age
20213
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
Nl8ZUaVvtN4i9hrBkC9DWal/+p4s17BCh5fHc/W9iKXKxfxtSJZWIja4BCc8sKYKrjUeygFlbwg=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:43:30 GMT
server
AmazonS3
x-timer
S1696350023.248232,VS0,VE0
etag
"84f51f780c53b0f58e0691c8ab013e77"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6600
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22345.15625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A20%3A23.252&id=8018&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1053%7D%22%2C%22eventTime%22%3A1696350023254%7D&tim=18%3A20%3A23.255&id=9877&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A20%3A23.264&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9908&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74391
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:55:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Oct 2023 16:20:23 GMT
spa-detector.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a699c50dfb7042fb0b8b00489e1b467d26cbfb1cfed4c584503d4413f0eb30d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LzXVyPfXe1o2SjcbV0oH6UQOzX1jm64K
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 16:20:23 GMT
x-amz-request-id
ERJNQFMZYKF5TD3Y
age
20191
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
/N3jcSrDBY3Y05AT5VhHzXsk+3vLULcEApMv4ZbgbCyRKK5oo6Xvn7ov6Qm/yanqAgZAHkbc8wc=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 10:43:53 GMT
server
AmazonS3
x-timer
S1696350023.288015,VS0,VE0
etag
"e2c37488fa879cf24222a54a1b5dfc8b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
31424
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A20%3A23.266&id=4887&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1696350023275%7D&tim=18%3A20%3A23.275&id=7050&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A20%3A23.277&id=6971&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12611&tvi50=12261&lti=deflated&ri=c8b50147ca6bcd605306df6e5c22438d&sd=v2_db2ab5c4bfa3aa1d1654431bc6e4be09_d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6_1696350022_1696350022_CNawjgYQ2YJdGLDX3LKvMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6&pi=/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&wi=3983208541020668365&pt=text&vi=1696350022576&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1696350023279%7D&tim=18%3A20%3A23.279&id=654&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS95YS15aS14aS15YW8ta2FvLWRpYW8tc3UteHVlLXNoZW5nLWJlbi1idS14aS1iYW4tYmlhbi1tZWktYmktamlhbi1rYW5nLWdlbmctemhvbmcteWFvLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS1jM2M3YjgzMC01MDI1LTQ4ZmItOTgyNi01OWUwYjg1YjI0NDMiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMWI2OGYwOTYtNDI2Ny00YWIwLWI5MzMtZTZkOTUyNjFlNDkxIiwidGltZU9mQXVjdGlvbiI6MTY5NjM1MDAyMjg3OSwiYmlkcyI6W3siY3BtIjowLjAwOCwiYWRJZCI6Ijc2OTVmNzI2NTIzZmVkMSIsIm9yaWdpbmFsQ3BtIjowLjAwOCwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDA4LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozMTQsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2MzUwMDIzMjEzfV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6InJ1Ymljb24iLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc2OTVmNzI2NTIzZmVkMSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMDh9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjFiNjhmMDk2LTQyNjctNGFiMC1iOTMzLWU2ZDk1MjYxZTQ5MSIsInRpbWVPZkF1Y3Rpb24iOjE2OTYzNTAwMjI4NzksImJpZHMiOlt7ImNwbSI6MC4wMSwiYWRJZCI6Ijc1ODQzMDMyYTkzNjYxMSIsIm9yaWdpbmFsQ3BtIjowLjAxLCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzEzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjM1MDAyMzIxMn1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJydWJpY29uIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NTg0MzAzMmE5MzY2MTEiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDF9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=2908.6000022888184
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		95 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948671750844261&correlator=3575166853708742&eid=31070233&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696350023312&lmt=1696342823&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=383059617.1696350022&ga_sid=1696350023&ga_hid=127493778&ga_fc=true&dlt=1696350022203&idt=388&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_9_0%26cluster_reporting%3Dchrome_DESKTOP_9_1_active_0%26refresh27Split%3Drefresh_experiment_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D75843032a936611%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_9_0%26cluster_reporting%3Dchrome_DESKTOP_9_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D7695f726523fed1%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=1420297610%2C2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b301ce279a842b7ad830152c18a8914cb098586018915c5d5e2372f32939c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27314
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc688d54307bc2e37551e093c25561de.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_1080%2Cx_0%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_1080%2Cx_0%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc688d54307bc2e37551e093c25561de.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9ec35e6b295b5a215d8e1d3772adf9be32b179c0366cd63388a019b99f0832ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_1080%2Cx_0%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc688d54307bc2e37551e093c25561de.jpg
age
1182294
edge-cache-tag
577010342666635306653237192233786996799,387283134944534372381706964341649122715,29ecf9b93bbf306179626feeda1fab70
cache-tag
577010342666635306653237192233786996799,387283134944534372381706964341649122715,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
147
req-referer
https://www.thairath.co.th/
content-length
48218
x-request-id
0a07ded79ccf24a0184c3fb1b4f7f9d7
x-backend-name
US_nlb102
x-served-by
cache-iad-kcgs7200039-IAD, cache-iad-kjyo7100078-IAD, cache-iad-kjyo7100074-IAD, cache-fra-eddf8230112-FRA
last-modified
Tue, 19 Sep 2023 14:49:03 GMT
server
nginx
surrogate-reporting
width=1080,height=900,bytes=128565,owidth=1080,oheight=1080,obytes=297363
x-timer
S1696350023.357423,VS0,VE0
etag
"368ee1bf2119eaccd614dce50c02f560"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 170, 7
010265c674156b11c5a7f0548effca2a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
df8f5ceac07210857c47b64727c5abe725cba27e9701e9fac0ad38c021e6c27e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
age
1319399
edge-cache-tag
566384033220055394941780511940138429506,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
566384033220055394941780511940138429506,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
200
content-length
3890
x-request-id
6896e26dbd374622d98e718560609fc8
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100098-IAD, cache-iad-kiad7000143-IAD, cache-sna10732-LGB, cache-iad-kiad7000166-IAD, cache-fra-eddf8230112-FRA
last-modified
Mon, 18 Sep 2023 00:06:23 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=5987,owidth=1600,oheight=900,obytes=1520715
x-timer
S1696350023.372254,VS0,VE0
etag
"ef27206af80c47a9d2782165e0ec68b2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 19, 11
de97da4e5ea43a5c120f39621c2b70a3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
35d039f1c7b97b8b48833a12db7880b3fdc9a23debfd778299669f57fce38138

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
age
1319183
edge-cache-tag
408733366898660953393362977677879303429,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
408733366898660953393362977677879303429,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
469
req-referer
https://www.queer.de/detail.php?article_id=35891
content-length
5984
x-request-id
ddb3a4b4e8183dbad66bef1cd3c94076
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100069-IAD, cache-iad-kiad7000138-IAD, cache-sna10741-LGB, cache-iad-kiad7000023-IAD, cache-fra-eddf8230112-FRA
last-modified
Mon, 18 Sep 2023 00:09:37 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=8389,owidth=1400,oheight=788,obytes=2079237
x-timer
S1696350023.383135,VS0,VE2
etag
"e2a47257bf13fc90fa31b85660a8d8bd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 388, 1
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BB68 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1435d59c21d9849804e80e058bcbf2edebcb11c75eabcd28c2f14402ccf3ba6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7894
x-xss-protection
0
server
cafe
etag
9827040991199540179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:20:23 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame CD40 		714 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
12722
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8106831e5a3a910a-FRA
content-encoding
br
content-type
text/html
date
Tue, 03 Oct 2023 16:20:23 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1z0Wr8N8wo7JSNB9uNDvcRowdsfk2A2JEjuWTQqq2VVfpdUwBoC%2BJpj82c1BeSGEE0P5U9AXfSisWsUJDxbwTYLBTe3Un4stAqZLyvRCyTm51nuqp1%2Fj35WWIz4MrPrq7ln5%2FcsRFqCp06%2BwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5E65
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 16:20:23 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 03 Oct 2023 16:20:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Tue, 03 Oct 2023 16:20:23 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CD40 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e3fa34990839e7c5fb9dd46aa37b80bd888ea11e32d116adcd670def665a435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29312
x-xss-protection
0
server
cafe
etag
436 / 19633 / m202309280101 / config-hash: 18346230598739657090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:20:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame BB68 		142 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c0f617c0cd92380e936d7649108858bdb2a87099bbe857647b70a80ec8c9cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50523
x-xss-protection
0
server
cafe
etag
14912074047679925519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:20:23 GMT
st
imprammp.taboola.com/ Frame A9F8 		422 B
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&cmcv=&pix=undefined&cb=1696350023543&uv=3345&tms=1696350023543&abt=nonrv_vA!rbcatc_vA!ufm_vD!ul3345_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a4d95dc-3b7e-4b6a-8021-d5b3a87c1dd3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a60571a59a4329d1aea983f97de4d70fb55f5b52b69aa17382a1473e51a8fcd3

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 03 Oct 2023 16:20:23 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230112-FRA
x-timer
S1696350024.554529,VS0,VE10
sync
am-match.taboola.com/ Frame A23A 		422 B
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a60571a59a4329d1aea983f97de4d70fb55f5b52b69aa17382a1473e51a8fcd3

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 03 Oct 2023 16:20:23 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696350023551&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1558&pt=-1748938159&tz=120&viewable=true&ddast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rbcatc_vA!ufm_vD!ul3345_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4865ab655137e66b9b58f697af6b13c2ec7cf714852668ede44150846143a186

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1417
x-cache
MISS
x-served-by
cache-fra-eddf8230112-FRA
pragma
no-cache
server
nginx
x-timer
S1696350024.560514,VS0,VE63
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&cmcv=&pix=31589837&cb=1696350023543&uv=3345&tms=1696350023543&abt=nonrv_vA!rbcatc_vA!ufm_vD!ul3345_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1696350020391.7!ts:1696350023543&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame A9F8 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&cmcv=&pix=undefined&cb=1696350023543&uv=3345&tms=1696350023543&abt=nonrv_vA!rbcatc_vA!ufm_vD!ul3345_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a4d95dc-3b7e-4b6a-8021-d5b3a87c1dd3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6
pr-bh.ybp.yahoo.com/sync/taboola/ Frame A9F8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&cmcv=&pix=undefined&cb=1696350023543&uv=3345&tms=1696350023543&abt=nonrv_vA!rbcatc_vA!ufm_vD!ul3345_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a4d95dc-3b7e-4b6a-8021-d5b3a87c1dd3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame A9F8 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&cmcv=&pix=undefined&cb=1696350023543&uv=3345&tms=1696350023543&abt=nonrv_vA!rbcatc_vA!ufm_vD!ul3345_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a4d95dc-3b7e-4b6a-8021-d5b3a87c1dd3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.96.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-96-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 5E65 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:20:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46299
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:12:02 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ Frame CD40 		413 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 13:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
9189
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 02 Oct 2024 13:47:14 GMT
khaos.json
token.rubiconproject.com/ Frame 5E65 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_4_5/infra/ 		882 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c930218a7329f9a602afceefc667804448908afb5048d9db9bbb31ea85486562

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696324689
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
Z3HN305F4BYJJD72
age
25219
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696324690
x-amz-meta-mode
33188
content-length
147342
x-amz-id-2
0458jpKlcHtyqmxP5zkJMjfcV3ZVfGwp4x9iL6YNqXh4iLFA2v1piYXjQhXHkAVtDJq36H9KyRE=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Tue, 03 Oct 2023 09:18:11 GMT
server
AmazonS3-br
x-timer
S1696350024.649310,VS0,VE0
etag
"506fa4da9ad74d978d49cd3219439d0e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
21
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_5/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_5/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696324708
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
AAB07MP3Z0BRKB90
age
25222
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696324709
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
5zlPQrxkHXYPWMBB+EHlzkEfvuhsb1WuCuNJYZ/zDtQvkzfgK1ihN8wqrUFlyz8QYKidyM+16Xk=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Tue, 03 Oct 2023 09:18:30 GMT
server
AmazonS3-br
x-timer
S1696350024.650998,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
5957
generic
match.adsrvr.org/track/cmf/ Frame A23A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6
pr-bh.ybp.yahoo.com/sync/taboola/ Frame A23A 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame A23A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.96.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-96-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ Frame BB68 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9286e644d9ba9484d2293c04e0ebc84619d8d436d6c995642f18b7df9189cfb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131217
x-xss-protection
0
server
cafe
etag
11560358305304011445
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:20:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/ Frame D495 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
33909
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 06:55:14 GMT
etag
2603938475786422795
expires
Tue, 17 Oct 2023 06:55:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CD40 		492 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3203946015878668&correlator=522662996120862&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1696350023725&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ctg0x7oy8m7v&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=244088759.1696350024&ga_sid=1696350024&ga_hid=1226709553&ga_fc=false&dlt=1696350023466&idt=248&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b376ae3aaaab994fb0ae5576f599ef9e374dd26004f0518ae5213ada66ddd23e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
073ceec2d61676674541e8ab5f743dd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D09 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://073ceec2d61676674541e8ab5f743dd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:23 GMT
expires
Wed, 02 Oct 2024 16:20:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1504629
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1696350024.798825,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
79378
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/ 		465 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696237416
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2EK0MFKQJ582WGF5
age
112538
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696237429
x-amz-meta-mode
33188
content-length
89004
x-amz-id-2
uWnSXRPNxYC47yYqArglm/Yl1WFzirwr1h4h6dCkk/tO4FFf9RUbOHfsYVNsTCpw+wNcNXoFYxA=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Mon, 02 Oct 2023 09:03:50 GMT
server
AmazonS3-br
x-timer
S1696350024.815840,VS0,VE0
etag
"585652628115b4409d6c93eb98f8e63c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
63292
sync
am-match.taboola.com/ Frame DB46 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b995a6ed1c2aca7349e66a202e5416060d3cb6cd75143bbda4f71efd08e7c21b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 03 Oct 2023 16:20:23 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&cmcv=&pix=31579697&cb=1696350023810&uv=3345&tms=1696350023810&su=3&abt=nonrv_vA!rbcatc_vA!ufm_vG!ul3345_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-length
0
server
nginx
socket.io.min.js
cdn.socket.io/4.5.4/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-112.fra56.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:53:50 GMT
content-encoding
gzip
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA56-P2
age
6169327
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
cdg1::5jf72-1690394030373-77073517fca8
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
n-jcLEpn7F1twGJXNGK6ZC7UudivAiZwn-aS9XNbCN49fCDnsB4jMQ==
prebid.js
cdn.unibotscdn.com/player/prebid/ 		465 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
3518aec29d9d15101a5c9a36164c0d18bf4cc9a38f870a5174ad9e3292201867

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-588
cdn-cachedat
09/22/2023 04:09:06
cdn-pullzone
873945
last-modified
Wed, 02 Aug 2023 08:32:45 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64ca14ad-7435c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
5f9fbdb2ceacb85e29bb00522969e04e
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
generic
match.adsrvr.org/track/cmf/ Frame 5E65
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNAJ06TG-6-27CT
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNAJ06TG-6-27CT
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Tue, 03 Oct 2023 16:20:24 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Tue, 03 Oct 2023 16:20:23 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
1167957
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1696350024.849866,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
281712
generic
match.adsrvr.org/track/cmf/ Frame DB46 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6
pr-bh.ybp.yahoo.com/sync/taboola/ Frame DB46 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/d3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ Frame CD40 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c19a172ebf3d96937926b3aba6ad177fdea8e4cdd19acdc7fb056b15bff2d00b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12146
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:1230:dee4:99dd:baf6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EveWEteWkteGkteWFvLWthby1kaWFvLXN1LXh1ZS1zaGVuZy1iZW4tYnUteGktYmFuLWJpYW4tbWVpLWJpLWppYW4ta2FuZy1nZW5nLXpob25nLXlhby5odG1s.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveWEteWkteGkteWFvLWthby1kaWFvLXN1LXh1ZS1zaGVuZy1iZW4tYnUteGktYmFuLWJpYW4tbWVpLWJpLWppYW4ta2FuZy1nZW5nLXpob25nLXlhby5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 02 Oct 2024 16:20:24 GMT
date
Tue, 03 Oct 2023 16:20:18 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
usync.html
eus.rubiconproject.com/ Frame AE1E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 16:20:23 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309181453000/ Frame B1F7 		223 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 02 Oct 2023 17:11:29 GMT
age
83334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62203
x-xss-protection
0
server
sffe
etag
"59b685ca39a652ba"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Oct 2024 17:11:29 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame B1F7 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 02 Oct 2023 17:11:29 GMT
age
83334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"38a16d64b8e81628"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Oct 2024 17:11:29 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame B1F7 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 02 Oct 2023 17:11:29 GMT
age
83334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29033
x-xss-protection
0
server
sffe
etag
"ac3d68f1a1bd2015"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Oct 2024 17:11:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame B1F7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 02 Oct 2023 17:11:29 GMT
age
83334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1919
x-xss-protection
0
server
sffe
etag
"93680ba5e670b6a8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Oct 2024 17:11:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame B1F7 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 02 Oct 2023 17:11:29 GMT
age
83334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12946
x-xss-protection
0
server
sffe
etag
"6bacf375b2677883"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 01 Oct 2024 17:11:29 GMT
css
fonts.googleapis.com/ Frame B1F7 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:21:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Oct 2023 16:20:23 GMT
container.html
980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B8B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:22 GMT
expires
Wed, 02 Oct 2024 16:20:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B1F7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 07:35:47 GMT
x-content-type-options
nosniff
server
cafe
age
31476
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 04 Oct 2023 07:35:47 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B1F7 		344 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
33722
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 04 Oct 2023 06:58:21 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/11503505723936343461/ Frame B1F7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11503505723936343461/14763004658117789537?w=400&h=209
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbece9bb2b1bfc60d3f3b00b26f9707d1fe0d0329daf3305206f12a6eb1967b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 15:11:51 GMT
x-content-type-options
nosniff
age
522512
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10791
x-xss-protection
0
last-modified
Sun, 27 Nov 2022 13:44:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 26 Sep 2024 15:11:51 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/2846112655707210455/ Frame B1F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2846112655707210455/14763004658117789537?w=100&h=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be4d8091871d2fa3b3449d1cb4d5b609eecd29926ff53e1b10b5e8212cd0cadc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 14:00:59 GMT
x-content-type-options
nosniff
age
526764
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2392
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 16:01:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 26 Sep 2024 14:00:59 GMT
truncated
/ Frame B1F7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc039cc872b9d66044e9bca57840b0eaf717cd110bafe9fdb7d6487ce9f299dd

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame AE1E 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:20:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46299
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:12:02 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame BB68 		210 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3De251d757ab4d7eed%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_Ma6tt5Nyvc5U5NN-zij_Js3-UfXtQ&gpic=UID%3D00000c8ba1258626%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MaZRM7jfJawRk8s4u3qyOCy4eYDJw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e375ee99a7a4af0cc927d735a33fbe22a1e130933d219144c8ee186cb3668bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
195
x-xss-protection
0
GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
adx.holmesmind.com/adx-file/20230617/ Frame 7E12
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16963...
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
459 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-length
459
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
etag
"b488597db51c4a25cc169c0690d8eea0"
last-modified
Sat, 17 Jun 2023 07:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-id
T7PIByBEr1AIzBmYa-O5tYbwK3PSMDc-1IoAKPblq1TCPIOM2VWn4g==
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache
RefreshHit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:24 GMT
location
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B1F7 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 17:26:14 GMT
x-content-type-options
nosniff
age
600850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B1F7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 16:50:19 GMT
x-content-type-options
nosniff
age
516605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Sep 2024 16:50:19 GMT
tap.php
pixel.rubiconproject.com/ Frame 5E65
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/W3YoZHQGfUs7PGWYxy0J3A?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C7HxyKhE2oLvusEfEwzENaAb62JTxT0HTF2Puw--~A
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C7HxyKhE2oLvusEfEwzENaAb62JTxT0HTF2Puw--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 03 Oct 2023 16:20:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C7HxyKhE2oLvusEfEwzENaAb62JTxT0HTF2Puw--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 5E65 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5E65
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YLT2omUST9OC-Vr6Si0lSA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YLT2omUST9OC-Vr6Si0lSA
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YLT2omUST9OC-Vr6Si0lSA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YN5AQCSS1FC0ND493QP6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YLT2omUST9OC-Vr6Si0lSA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 5E65
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNAJ06TG-6-27CT
0
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNAJ06TG-6-27CT
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:23 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B6B84FEBC2D14E51AE743CAEF0ABE280 Ref B: ZRHEDGE1111 Ref C: 2023-10-03T16:20:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYG0kScBrkdEhgmI25t9w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNAJ06TG-6-27CT
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5E65
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTUyNDY0OWUzMzkwYTNiNjU2ZmU5ZDA4NjY1Y2JiOWEyNjM0ODY2Zg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTUyNDY0OWUzMzkwYTNiNjU2ZmU5ZDA4NjY1Y2JiOWEyNjM0ODY2Zg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTUyNDY0OWUzMzkwYTNiNjU2ZmU5ZDA4NjY1Y2JiOWEyNjM0ODY2Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5E65
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHPNt2U24B0ASM8tgCGE8lc&google_cver=1
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHPNt2U24B0ASM8tgCGE8lc&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHPNt2U24B0ASM8tgCGE8lc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E65
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5BSjA2VEctNi0yN0NU
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECO7uFhgpucOXqM4zzpejUI&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5BSjA2VEctNi0yN0NU&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5BSjA2VEctNi0yN0NU&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5BSjA2VEctNi0yN0NU&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 5E65
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ug-6HVCwTDCsQ6xX8l0EBQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ug-6HVCwTDCsQ6xX8l0EBQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ug-6HVCwTDCsQ6xX8l0EBQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MCMGA3S1GNW1KVT7FQ8C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ug-6HVCwTDCsQ6xX8l0EBQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5E65
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABmz07KOH8AABk7MLziSw&expires=30
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABmz07KOH8AABk7MLziSw&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABmz07KOH8AABk7MLziSw&expires=30
Date
Tue, 03 Oct 2023 16:20:24 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame 5E65
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNAJ06TG-6-27CT&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNAJ06TG-6-27CT&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05OFIuWWhWRTJ1RUlTNWk0dW5oVlJSOTBMZHFReVVsTn5B&ovsid=LNAJ06TG-6-27CT&dpid=58160
53 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05OFIuWWhWRTJ1RUlTNWk0dW5oVlJSOTBMZHFReVVsTn5B&ovsid=LNAJ06TG-6-27CT&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Server
23.50.131.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-75.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 03 Oct 2023 16:20:24 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 03 Oct 2023 16:20:24 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05OFIuWWhWRTJ1RUlTNWk0dW5oVlJSOTBMZHFReVVsTn5B&ovsid=LNAJ06TG-6-27CT&dpid=58160
date
Tue, 03 Oct 2023 16:20:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
liveCS.php
live.primis.tech/live/ Frame 5E65
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNAJ06TG-6-27CT
0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNAJ06TG-6-27CT
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Server
2600:9000:2251:4a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:23 GMT
content-encoding
gzip
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
BxpyWH1WNFifseZkekU86naIve8f5CD0t73iKrOyfyglq4WUsWPVTQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNAJ06TG-6-27CT
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 5E65
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eb13e72f-8bb6-46fd-8ce8-f13dadae30d8&expires=30
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eb13e72f-8bb6-46fd-8ce8-f13dadae30d8&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eb13e72f-8bb6-46fd-8ce8-f13dadae30d8&expires=30
Date
Tue, 03 Oct 2023 16:20:24 GMT
Connection
keep-alive
X-CI-RTID
ffe47d31-f077-4135-a0bf-18bd062e0b76
Content-Length
144
Content-Type
text/html; charset=utf-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 72D3 		478 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNU3-QUhJH3u9zFtPQlk_OTABQPUHJ3SbnyXVFcdsBnTaLPQhVjq1JxDqLPoOJmRkb0jbWF8wVudwP7MjPSUZYMeYx4FbA
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:24 GMT
expires
Tue, 03 Oct 2023 16:20:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B8B6 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:20:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bj43fIKh1ArjeQHUXLhSfwnXD2MNWSL72ytHXSmWS-f9BH0JbWjnRVWJazLO9_4-P70KevxNiAqUW7LPXQqdlUVzz9WiJYM_rNarABJIXjFqaa3rU
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6001562261801800365&x=1&ct=77
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame B8B6 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame B8B6 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787112&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I-XbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K-evg7lKlOvAy1U-6P-7QF-oMmGPDl_DoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4-bCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn-2F9Ni9-wUT7mIQ_v3Jb0hLaIli-HzJUbhmTi2LGWGVKi8c8I-R7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU-8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcB&ae=1&gclid=EAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD_BwE&num=1&cid=CAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ&sig=AOD64_0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q&client=ca-pub-8933329999391104&dbm_c=AKAmf-AAPI-oJ328U--RtqY-5a7-1SBS0fs3R2bD_lQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8-dkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1_fwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC_EDA4ttHg&cry=1&dbm_d=AKAmf-CP5-ZKfS9_E9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS__7Bd8EdzkZmjt_FmQqMfmuWbmqlP5y9WKx-x0-sUs_hfmTAoF8_ZMtDDV6A1TVgYM1Xo3fUi1uJXo-AhOYwVyTzX6-X6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y_UtB4rlaN3dzG2J-O2_O-315Q7uWWZVcAqA_iJDRXWYdv_FmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e-S1c_7FyvcAB4-IktzaJq4cRDJmN6qq03n2g7cN54W0RAO-q93K9bYi-_0I1MQSiX3DeVs_29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF-RG2IxiVpCpiCeLeDplTK4Eg1DXU_EeGvwU9OdyqebBjbvD-EGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb-9kKIckJSCDIBWqF2wpS32Qt_kjDEMNT5jCmqOrHbZcqvl-IiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU&adurl=
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
992400be6fb1bf1022df091d16168b01e7707c02c3723f2b385852898f3b3fdd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Tue, 03 Oct 2023 18:20:24 +0200
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame B8B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:13:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 16:13:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame B8B6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 17:33:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
82022
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 17:33:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B8B6 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:20:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CD40 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 16:20:24 GMT
khaos.json
token.rubiconproject.com/ Frame AE1E 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LNAJ06TG-6-27CT
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
/
pro.ip-api.com/json/ 		117 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
a595a70a7c50d21c4253c9e2b7cf37204ec07ad621fb3615960a1e730b85e516

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 03 Oct 2023 16:20:24 GMT
Content-Length
117
Content-Type
application/json; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 72D3 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNU3-QUhJH3u9zFtPQlk_OTABQPUHJ3SbnyXVFcdsBnTaLPQhVjq1JxDqLPoOJmRkb0jbWF8wVudwP7MjPSUZYMeYx4FbA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 72D3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNU3-QUhJH3u9zFtPQlk_OTABQPUHJ3SbnyXVFcdsBnTaLPQhVjq1JxDqLPoOJmRkb0jbWF8wVudwP7MjPSUZYMeYx4FbA
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E4I3ft%2FpVWY3GnQ68SHWB8MKaptq5VStpyrU8WjNlMKrMKnSbzRtRbvySjEEfLG1t5ul97IX26Vm8RlBMinGV4r4YsCZ1hDc0xlEV00FJ6CmenrXUepWOHmye9psHvhWilhG%2FbvXiHFGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81068323798b24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV8yKfdN1lZ4npatW4kR4htNpv5u0oaG8C11oS4pdiAhrhSj8Gx0ckFPjuKf%2BU0MUj7sGKjTyj7Tv2KfyaZBV%2FxfuSVTmvPE0JmJzQdydMPkFuAmQTXK4E7zxL%2Fs%2B2YlafqFrffX0K8XlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1&C=1
cache-control
no-cache
cf-ray
81068322f8ca3cc5-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 72D3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRw-SCSPpF-G21atZNsmTAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNU3-QUhJH3u9zFtPQlk_OTABQPUHJ3SbnyXVFcdsBnTaLPQhVjq1JxDqLPoOJmRkb0jbWF8wVudwP7MjPSUZYMeYx4FbA
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtmE5Gn4kEfCp8E5ArOLh0wtI4lvrqdAN%2BF3SglnnYj9NqOXt9CpfaPsQX02N0DMviyFyAqEdnj%2FVtXYh84vI84ntCBCtNX2VrVRVX0inYSGhQYENKiqufvUFsUDyFAE%2B863EIa2Vz6N3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81068323ea3324be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIlaHNQdRd8meorQv0u6YRY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=191604880031&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=191604880031&version=m202309260101&ct=77&x=1&cor=6001562261801801000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B8B6 		30 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6mjDp9FVDT3MxHwZgamnoRxaMGi_-zv5PV0ChPyXp0DTh88Hd99uhw4VxRL3sIQEqxeQ2lxN2AQsNpUyKc9_S6nX-R5uKp-Y9jP0g9vf6BxvPjX8aA2pGWy5c2lIiKtVCj6H8ZIyfO47nTf-WBTklnhvDTEnlxHQ0R-siRZUUx-i17Ew&cry=1&dbm_d=AKAmf-DIDC5DeGBQ6H5GDOkB0n0gXhq3HHDv4UXci1Zo_5sQFjf7aqsNOU5AZEQxLdt4gYGCX3c4f0EwDWxOLWptOCqFOfixt8zGxgcNw75xNczc4URr8sgXK8OUMbtCIHm0sJcxKdrmIIR-m9q4UvPzW5nhEbVXvCE5YJlcdy_xT0NdJw3Cva-5sUnTYT836jLobzKz63jv2MpwrWwwYN_rRatkI5X9S2k3qcEZ1nqba1A-bpvA82nQ4pDD_8bzG-BKmrbvA5AEQoEtY7PHniO5F43JFErIkHhAUHZjEm6eTbhpaGxDu0p_bB-nMcohoTXM1INgtLFMQr6o-_7SrD01Dp1nGCOyJm1txmPQgEKVr8U05NCpEbkeUtUkc_OAaypEHAq3CSJMpt0yF9YWCn5KLxc91ILqj7gkBfijj9ygFxGcLi-7j9WqAueCOzBOeoxFDvabBnR4OSPdsznYk_YdqJuKyz8rnpLraUmbqtmHCEolb2EkQh4RNLP6CAF9bw1RcVN_U1nvYv3AKeGp6hZd7Yr7ePqkNdETI2kuGQ_Ftry6mO5xsHS7F_GP7PCNMsAS6jIqajIxObPff7jt_fh-njfblXpZ8KEz3h-h4ZpTExa1-2xOKQ4BQqoLooc0oIIGbQ09dLuCZxdQBa-zdXc55tKH72DNgD4oUT8lca9QKl_S8Tg3_VO86gZVZricd0Qtl8KZ8bQflSynqfIIO2Phxon9UrRfJP01oYnNaG6OI1pu_3F3jwT36z5qQTF6aiimZR5RS6rC0aycPKVbSsPj-_F5_nWuur8y-pfbjTHSmltVuEBT-1Sxw4eI3AA1v_xsu20uJGu8u05Ul8Qm7nqSXhb3wt9QNzuJ-Dhg9oFL2b5zRIsZJumebfjilcfvH3FQM8jocGDX5skJZMIQblm1miNa_A9Q_7A0rKQik3CHSGjFgk8tTkvh3LPl0CSX1v-StE0AWFosfBhpOVjSo2NyDhLxuUcFK5nu7wG4bhrnWrOGOfyPW2SDvlgsEFnHLUI5JqWQMLPkPTLqA9RO2xZqlmWRzOOoMSNfdsFKiQgsiIgPBPfJy1uXMs0v66EpEDoIHbxJfmsyzqb-C08HU8TGIQ-45YeSfCKiNed7-PtCvxvJEW6_vOSJSVp04b_EMn-gX3lUazPuePJz4qOHkFulCRrmxomp32-XaDwZnJTPV9tmbc59ODypCqGszOXO3n7CIPW--e4w3umpgFz3GKe2Sw3DLPEnZqAfhgQ7nGBQhEQe-vg51vtxk1lPsNgClynzQHk1C6BSPUlwxPb7_O5l1tX0shxDi0N4uTZMNRhOp9JI2oO0Vcz85TKeZtJufXE166e5Mf_Blx3_lPW_UKV29qlODhW6Sad9JTWpzPo_1NKD4iZw_yKtp09kyM__fcKUefsEQSQU2xyl4jVzfGfPd-O-BjLUazRwKW_INpf2GrSK3xlNe1X5zZzcV5wkTTRjm-JyokH8I-N-jtlxmGJI2Duh29SG4VIYempV5jWfCmGa6rmS9qqwaO19bicWxCbiHL4VjD2ZncYDmAjcZ--gFfvmNBMT68IjjL-bMrVPjIr39_mM5N3xJ66WBN_ry5GnqjALitpXcTakt7ko2pa6lkx6KxcNJCH5tEoXfzKnZS31Aw88ZnoR0SaULMiARVIwyBc4iDafWco1ooggcGbNTIrl2vBsxT5o9_EywTUFe7TBq0bTcGpG2TrH5npT_QtRIkMgLsPGBKqRgu8mwmH5j5x2SPhHPFTmNs5O7nm0AWKybasLcrcp0nym3mlsxNi3zSjFQjlwH1tY57khHxQlKKzsNB0Sov87X7slkpc6yTkp5f-WvnLCG3ScXQ3WGHJdOdIQKBxLDIG7GxcCV2gZTH1Q5FD5WtA1DXsVfSzkspe0ERR3vIfhNGoFYiOJU5YSt7ya5p4n7kVh3du2oBjvgZXeapCy6KikSe2QXLGdXbwuh958pqHo25m0teln-YPgE0gXJRRW1ADb2f0IkIEkyEeEFb_bOFK9ltLo4sDqJOaUsfAVIVDRcaJBqhfe7gNBQ_Z4IHVAFoyoZD9HQOVH9bzzsmQ0uMisxcjCQqbAQKbYdJoaOjdOLuComXhE7A4K17eFXwwDw7AE7wwyfTtZvtxTF0XlFvBDG0Rl-FK9npQtx6vDnf2Nb_cdMEG-ttSBKF6qMnydJvAL5PAODC5X9DR1rINy8wv1ym3kyChtEZMDEn4itrv4SE1_AqsQNm9g0hOa1HV1sxxwkl1NQscwaIKLEcnOjkKcXQLtz0Vu7tmfUo2naC3YbuJ8TluFgb8esQ02say03iAyRmCJrIqcBpV-enOuRt0YvxKQJci08NiNdh5HHFSnGN5kVQ4OtsMcCXTXyosPuyYXz4TJVsgYb0Jo6xN1qN_VcJq9eI2N7YBXkGaUU04g30i15QzKrO92_AswTUR0991_rmeekCxKhFH8h85j_oN08BFvDGFnoz51EqDkufR_4sm5oLGhtlaQV3s60vjHJqvXFH-bSezncrovHaYwivv_ByYd1xO0TJefXJz_PByBMOByMxgqqSw737Bdl3aq2w_BVjrjUYiHhnK7fr7Itx7plW5UkPPo1dZD1BJ9X-MxlKSlFXa04miZ4Zemg_R0IPFnOBEaSZXGVGIfB-vjojO5fJcObtQzNSwodvBpsL9D35fAGqDHGOxPse37VPTB-DOpUVV4DrBvQfcPgfb7LCWXxaqa0g16v_eX5UMR_ZxA_XC_0Os3lCkDmuS95cCw3I-wNdXBUVOKoebhnfN84YLzlRKT9alLXaKvdajRhVOFGAbcV641SprPDYOXglSZquHvWPuGXuZ4qJyZObmLzaaCHEDyQeduOQbez5DMzvV2fBljGM_VoQT39dSZtaI88eLCzQFzVHPj1XIBgfOW7SCJEATUJyqyX-J9jjfs--VtwzuljCljjrL2oKbp1TLkBPqn716-i5HJIUxRjbrIeaJ0tFPbfS7Cl1CKfxPqfPA1-0ZescBhINUrHNtkJkIDZBr9kS3PTRwrkxrRfHw03WHksGXhy_wWTFLDw-jqzE-3lh6vuf5dAfB_shDFUQHRv1RE7eCc7sDmtBvdfD211bKwEweCAGb07SKbSK7iYbonhQs1oMJ8rZW61Z8zVg9Tx5wzgDxg8ZYX4JkP-emfDfI7B6dV1rM1VPNFKjru2J58fVso_tOMEeRyMC6PUwfIWoKJbKzmxpKK_NfHZeTh8tVwR2Ja70-gN_WrBewui6KNMnBxC211SNwhxAfnXuRaQO6_dBmHpqtqr2JpgMzl-0fPHsRK71ewOzjDwHHAB-cU6oS8ZoohB3zxZB0Ol0mlkksQ4H-R2LmjaGwy8AxINKk3F3JMeZf63QDijAW41xkGdgEhrvmgRjpDnW6IkggwGkz1A138kS03D1RUEpU8XCqsEj5cC0gBsNgE3a408SYf8BGcIdr9mDuio07RZAwPS_a2g939_RuIWVx6piXVrv-jKvBm-Y-PH4O9MiyZVnystp70_t83T3k6X3F7xUeNIwy6KUXzlYwN4qsef0_JfRrQEg0VnjCuhJLzhnGwyY28-AUGVTSblfyDvW-PU9hWtyOHIFzdN2bygncF_21NCUsZ3DZ2FcdeG6o39_OZVQTNPsbeiJBZ3QQ7TjRab7jHSp4_EnaCLBEGAP1VqrTSwSdTB36VtLsEyTTnjTiJ9fPsCfrfcnrEYWB1qmPdQLCx_VYDoOvRVbR2EremMtz--3jpbXlkWgZmwtM2q9me-vP61yY-BvjTTeOvtU7XZdorZxTVjRnTjyEbQ-04s_k89LBWxK3ESEwjZbPctd059d7Fw6cvJioBS_eDUnL3iNXOYvf4kZPRzrGKJeCIyrDT3MrUO5o2SIREzbw9tlpmDi5wqHgec1rddyD495Z0T4m5jyHT0pzve8-rVO65p71rJ_sze40FAe6MnvUcyQs-n3b1lrk2rDZ_QRx7dPZWp7PieT0Fy9GfTPD5-lAmkd6Vh_rMV0YmQOJHjDvv_1ih2aR_AZDT_ABSY6HXJHl-CdAWmsuO_z2RTLg9IwubKNP_PV_x3HhpCouv2WMgDqau6AX_--9n3cPyP6UEG-0FFiC1gbr9DKbC7t4ypsgXlefIfMIutbrn_fpxryJURrRn-3lst1ZpuX_NQRsiH7Yo2TLK&cid=CAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=6001562261801801000&adk=2086295851&idt=90&cac=0&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7e3417346ea531f7f1bf4e36bc79b11aaa3685eece0b1fed1f47152be48ba6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18508
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B1F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPrWvRz8cZerTFo6lgAeowrKYAq2r6epyjfa-pvAQZBABILqEwDNg9ZXOgeAEoAGV_e3DA8gBCakCPVLKgTuTsT7gAgCoAwHIAwqqBIUDT9AfyjDaRyQ4AQcFddZITlomIKq23jL0TUtZzBZoOtail674dJtEg3rgHljrEKaJNAF2Oz81i9iZVkS-W4MjujX5OnkK7bQvphptqDMM6aWWTOQmHltHo8BRXzHnvu03c70FVruEP7vcb1tiuMsmqDkQViI_CwLnXnK58RB7jMpWfk05_p89yDRwFehJEoLnSgsqOGmbACkfe7UUxdMVeTAes6k-nuMMD2dDjlz7mUCKW1rzD5VDhe9JUrSadQbgPR8C6dCSO6BIEFDDI3I2sDJb5NPv6B10vN3qtk6s3gVxg1iG3LsJv0IcvmBfdptn-K-3_sgdvOqJmGIZOkBUqLE89_3gqXQf04TfKiLXVoolvqRumiERWHLgEHwrWbeykHeJ4QyLx2A3826iUIZ1htBssKCoQi1b1pFyAaWkhATc6aZmZp_EiGyqSvyk29duI1lZqpCSfvoN9U2w16AQHUm7DOUzprg-RfG_F_GS8L6btIDrJqV8g6SG0_aOe6crMDi9rmXABIfchdOdBOAEAYgFgOTX1kigBi6AB9OCkjyoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDH9ALSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJLGh0dHBzOi8vY29tZm9ydGJhYnkuZGUvc3dlZXRkcmVhbS0xMGluMS5odG1sgAoDyAsB2gwQCgoQsJDf7ovglIVjEgIBA-INEwiJsLmkpNqBAxWOEuAKHSihDCO4E-QD2BMDiBQD0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=j4EjytDW1Ss&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ&template_id=484&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C41 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:13:39 GMT
expires
Wed, 02 Oct 2024 16:13:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A262 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c8fdfd348a95fb4e85481e88f6b81c6adf4cd5c1a483412c67b3310c18277f01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--vzweUJ1_cs8365vCk9YnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--vzweUJ1_cs8365vCk9YnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:24 GMT
expires
Tue, 03 Oct 2023 16:20:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bg3.co_1695642730139.js
cdn.unibotscdn.com/clientdata/js/ 		667 B
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-662
cdn-cachedat
09/26/2023 10:16:02
cdn-pullzone
873945
last-modified
Tue, 26 Sep 2023 10:14:53 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6512af1d-29b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
f34f2f0f5031e8b53255c12a8ac89829
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
/
pro.ip-api.com/json/ 		117 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
a595a70a7c50d21c4253c9e2b7cf37204ec07ad621fb3615960a1e730b85e516

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 03 Oct 2023 16:20:24 GMT
Content-Length
117
Content-Type
application/json; charset=utf-8
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-680
cdn-cachedat
09/28/2023 14:29:50
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
bbb3e14647c31565e345b532781e2128
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-165
cdn-cachedat
09/22/2023 13:07:19
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
51bf0c5d9aa8f933d59fa08d7b3dabaf
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-662
cdn-cachedat
09/28/2023 12:52:20
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
2fbb4e87861d54a2c7efbd8384c70d33
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
cdn-edgestorageid
1078
cdn-storageserver
DE-680
cdn-cachedat
09/28/2023 12:54:34
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 05:21:29 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e83a59-1333"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
ffd49ea2b29fe88d6c6ecee4ad76ffab
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea582ef1baf5e03535a91a5b3dc94658a3622fe76b34aa07634a7f3078ca007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125651
x-xss-protection
0
expires
Tue, 03 Oct 2023 16:20:24 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=12611&tvi50=12261&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
77
date
Tue, 03 Oct 2023 16:20:24 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64050
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230112-FRA
pragma
no-cache
server
nginx
x-timer
S1696350024.274860,VS0,VE77
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame B8B6 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6mjDp9FVDT3MxHwZgamnoRxaMGi_-zv5PV0ChPyXp0DTh88Hd99uhw4VxRL3sIQEqxeQ2lxN2AQsNpUyKc9_S6nX-R5uKp-Y9jP0g9vf6BxvPjX8aA2pGWy5c2lIiKtVCj6H8ZIyfO47nTf-WBTklnhvDTEnlxHQ0R-siRZUUx-i17Ew&cry=1&dbm_d=AKAmf-DIDC5DeGBQ6H5GDOkB0n0gXhq3HHDv4UXci1Zo_5sQFjf7aqsNOU5AZEQxLdt4gYGCX3c4f0EwDWxOLWptOCqFOfixt8zGxgcNw75xNczc4URr8sgXK8OUMbtCIHm0sJcxKdrmIIR-m9q4UvPzW5nhEbVXvCE5YJlcdy_xT0NdJw3Cva-5sUnTYT836jLobzKz63jv2MpwrWwwYN_rRatkI5X9S2k3qcEZ1nqba1A-bpvA82nQ4pDD_8bzG-BKmrbvA5AEQoEtY7PHniO5F43JFErIkHhAUHZjEm6eTbhpaGxDu0p_bB-nMcohoTXM1INgtLFMQr6o-_7SrD01Dp1nGCOyJm1txmPQgEKVr8U05NCpEbkeUtUkc_OAaypEHAq3CSJMpt0yF9YWCn5KLxc91ILqj7gkBfijj9ygFxGcLi-7j9WqAueCOzBOeoxFDvabBnR4OSPdsznYk_YdqJuKyz8rnpLraUmbqtmHCEolb2EkQh4RNLP6CAF9bw1RcVN_U1nvYv3AKeGp6hZd7Yr7ePqkNdETI2kuGQ_Ftry6mO5xsHS7F_GP7PCNMsAS6jIqajIxObPff7jt_fh-njfblXpZ8KEz3h-h4ZpTExa1-2xOKQ4BQqoLooc0oIIGbQ09dLuCZxdQBa-zdXc55tKH72DNgD4oUT8lca9QKl_S8Tg3_VO86gZVZricd0Qtl8KZ8bQflSynqfIIO2Phxon9UrRfJP01oYnNaG6OI1pu_3F3jwT36z5qQTF6aiimZR5RS6rC0aycPKVbSsPj-_F5_nWuur8y-pfbjTHSmltVuEBT-1Sxw4eI3AA1v_xsu20uJGu8u05Ul8Qm7nqSXhb3wt9QNzuJ-Dhg9oFL2b5zRIsZJumebfjilcfvH3FQM8jocGDX5skJZMIQblm1miNa_A9Q_7A0rKQik3CHSGjFgk8tTkvh3LPl0CSX1v-StE0AWFosfBhpOVjSo2NyDhLxuUcFK5nu7wG4bhrnWrOGOfyPW2SDvlgsEFnHLUI5JqWQMLPkPTLqA9RO2xZqlmWRzOOoMSNfdsFKiQgsiIgPBPfJy1uXMs0v66EpEDoIHbxJfmsyzqb-C08HU8TGIQ-45YeSfCKiNed7-PtCvxvJEW6_vOSJSVp04b_EMn-gX3lUazPuePJz4qOHkFulCRrmxomp32-XaDwZnJTPV9tmbc59ODypCqGszOXO3n7CIPW--e4w3umpgFz3GKe2Sw3DLPEnZqAfhgQ7nGBQhEQe-vg51vtxk1lPsNgClynzQHk1C6BSPUlwxPb7_O5l1tX0shxDi0N4uTZMNRhOp9JI2oO0Vcz85TKeZtJufXE166e5Mf_Blx3_lPW_UKV29qlODhW6Sad9JTWpzPo_1NKD4iZw_yKtp09kyM__fcKUefsEQSQU2xyl4jVzfGfPd-O-BjLUazRwKW_INpf2GrSK3xlNe1X5zZzcV5wkTTRjm-JyokH8I-N-jtlxmGJI2Duh29SG4VIYempV5jWfCmGa6rmS9qqwaO19bicWxCbiHL4VjD2ZncYDmAjcZ--gFfvmNBMT68IjjL-bMrVPjIr39_mM5N3xJ66WBN_ry5GnqjALitpXcTakt7ko2pa6lkx6KxcNJCH5tEoXfzKnZS31Aw88ZnoR0SaULMiARVIwyBc4iDafWco1ooggcGbNTIrl2vBsxT5o9_EywTUFe7TBq0bTcGpG2TrH5npT_QtRIkMgLsPGBKqRgu8mwmH5j5x2SPhHPFTmNs5O7nm0AWKybasLcrcp0nym3mlsxNi3zSjFQjlwH1tY57khHxQlKKzsNB0Sov87X7slkpc6yTkp5f-WvnLCG3ScXQ3WGHJdOdIQKBxLDIG7GxcCV2gZTH1Q5FD5WtA1DXsVfSzkspe0ERR3vIfhNGoFYiOJU5YSt7ya5p4n7kVh3du2oBjvgZXeapCy6KikSe2QXLGdXbwuh958pqHo25m0teln-YPgE0gXJRRW1ADb2f0IkIEkyEeEFb_bOFK9ltLo4sDqJOaUsfAVIVDRcaJBqhfe7gNBQ_Z4IHVAFoyoZD9HQOVH9bzzsmQ0uMisxcjCQqbAQKbYdJoaOjdOLuComXhE7A4K17eFXwwDw7AE7wwyfTtZvtxTF0XlFvBDG0Rl-FK9npQtx6vDnf2Nb_cdMEG-ttSBKF6qMnydJvAL5PAODC5X9DR1rINy8wv1ym3kyChtEZMDEn4itrv4SE1_AqsQNm9g0hOa1HV1sxxwkl1NQscwaIKLEcnOjkKcXQLtz0Vu7tmfUo2naC3YbuJ8TluFgb8esQ02say03iAyRmCJrIqcBpV-enOuRt0YvxKQJci08NiNdh5HHFSnGN5kVQ4OtsMcCXTXyosPuyYXz4TJVsgYb0Jo6xN1qN_VcJq9eI2N7YBXkGaUU04g30i15QzKrO92_AswTUR0991_rmeekCxKhFH8h85j_oN08BFvDGFnoz51EqDkufR_4sm5oLGhtlaQV3s60vjHJqvXFH-bSezncrovHaYwivv_ByYd1xO0TJefXJz_PByBMOByMxgqqSw737Bdl3aq2w_BVjrjUYiHhnK7fr7Itx7plW5UkPPo1dZD1BJ9X-MxlKSlFXa04miZ4Zemg_R0IPFnOBEaSZXGVGIfB-vjojO5fJcObtQzNSwodvBpsL9D35fAGqDHGOxPse37VPTB-DOpUVV4DrBvQfcPgfb7LCWXxaqa0g16v_eX5UMR_ZxA_XC_0Os3lCkDmuS95cCw3I-wNdXBUVOKoebhnfN84YLzlRKT9alLXaKvdajRhVOFGAbcV641SprPDYOXglSZquHvWPuGXuZ4qJyZObmLzaaCHEDyQeduOQbez5DMzvV2fBljGM_VoQT39dSZtaI88eLCzQFzVHPj1XIBgfOW7SCJEATUJyqyX-J9jjfs--VtwzuljCljjrL2oKbp1TLkBPqn716-i5HJIUxRjbrIeaJ0tFPbfS7Cl1CKfxPqfPA1-0ZescBhINUrHNtkJkIDZBr9kS3PTRwrkxrRfHw03WHksGXhy_wWTFLDw-jqzE-3lh6vuf5dAfB_shDFUQHRv1RE7eCc7sDmtBvdfD211bKwEweCAGb07SKbSK7iYbonhQs1oMJ8rZW61Z8zVg9Tx5wzgDxg8ZYX4JkP-emfDfI7B6dV1rM1VPNFKjru2J58fVso_tOMEeRyMC6PUwfIWoKJbKzmxpKK_NfHZeTh8tVwR2Ja70-gN_WrBewui6KNMnBxC211SNwhxAfnXuRaQO6_dBmHpqtqr2JpgMzl-0fPHsRK71ewOzjDwHHAB-cU6oS8ZoohB3zxZB0Ol0mlkksQ4H-R2LmjaGwy8AxINKk3F3JMeZf63QDijAW41xkGdgEhrvmgRjpDnW6IkggwGkz1A138kS03D1RUEpU8XCqsEj5cC0gBsNgE3a408SYf8BGcIdr9mDuio07RZAwPS_a2g939_RuIWVx6piXVrv-jKvBm-Y-PH4O9MiyZVnystp70_t83T3k6X3F7xUeNIwy6KUXzlYwN4qsef0_JfRrQEg0VnjCuhJLzhnGwyY28-AUGVTSblfyDvW-PU9hWtyOHIFzdN2bygncF_21NCUsZ3DZ2FcdeG6o39_OZVQTNPsbeiJBZ3QQ7TjRab7jHSp4_EnaCLBEGAP1VqrTSwSdTB36VtLsEyTTnjTiJ9fPsCfrfcnrEYWB1qmPdQLCx_VYDoOvRVbR2EremMtz--3jpbXlkWgZmwtM2q9me-vP61yY-BvjTTeOvtU7XZdorZxTVjRnTjyEbQ-04s_k89LBWxK3ESEwjZbPctd059d7Fw6cvJioBS_eDUnL3iNXOYvf4kZPRzrGKJeCIyrDT3MrUO5o2SIREzbw9tlpmDi5wqHgec1rddyD495Z0T4m5jyHT0pzve8-rVO65p71rJ_sze40FAe6MnvUcyQs-n3b1lrk2rDZ_QRx7dPZWp7PieT0Fy9GfTPD5-lAmkd6Vh_rMV0YmQOJHjDvv_1ih2aR_AZDT_ABSY6HXJHl-CdAWmsuO_z2RTLg9IwubKNP_PV_x3HhpCouv2WMgDqau6AX_--9n3cPyP6UEG-0FFiC1gbr9DKbC7t4ypsgXlefIfMIutbrn_fpxryJURrRn-3lst1ZpuX_NQRsiH7Yo2TLK&cid=CAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=6001562261801801000&adk=2086295851&idt=90&cac=0&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
464857ce2cd39f577e1aee4380de452b3032f2746c94be5b8d71508e0733ca40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:13:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
72411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11583
x-xss-protection
0
server
cafe
etag
13692823745828058245
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 20:13:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B8B6 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6mjDp9FVDT3MxHwZgamnoRxaMGi_-zv5PV0ChPyXp0DTh88Hd99uhw4VxRL3sIQEqxeQ2lxN2AQsNpUyKc9_S6nX-R5uKp-Y9jP0g9vf6BxvPjX8aA2pGWy5c2lIiKtVCj6H8ZIyfO47nTf-WBTklnhvDTEnlxHQ0R-siRZUUx-i17Ew&cry=1&dbm_d=AKAmf-DIDC5DeGBQ6H5GDOkB0n0gXhq3HHDv4UXci1Zo_5sQFjf7aqsNOU5AZEQxLdt4gYGCX3c4f0EwDWxOLWptOCqFOfixt8zGxgcNw75xNczc4URr8sgXK8OUMbtCIHm0sJcxKdrmIIR-m9q4UvPzW5nhEbVXvCE5YJlcdy_xT0NdJw3Cva-5sUnTYT836jLobzKz63jv2MpwrWwwYN_rRatkI5X9S2k3qcEZ1nqba1A-bpvA82nQ4pDD_8bzG-BKmrbvA5AEQoEtY7PHniO5F43JFErIkHhAUHZjEm6eTbhpaGxDu0p_bB-nMcohoTXM1INgtLFMQr6o-_7SrD01Dp1nGCOyJm1txmPQgEKVr8U05NCpEbkeUtUkc_OAaypEHAq3CSJMpt0yF9YWCn5KLxc91ILqj7gkBfijj9ygFxGcLi-7j9WqAueCOzBOeoxFDvabBnR4OSPdsznYk_YdqJuKyz8rnpLraUmbqtmHCEolb2EkQh4RNLP6CAF9bw1RcVN_U1nvYv3AKeGp6hZd7Yr7ePqkNdETI2kuGQ_Ftry6mO5xsHS7F_GP7PCNMsAS6jIqajIxObPff7jt_fh-njfblXpZ8KEz3h-h4ZpTExa1-2xOKQ4BQqoLooc0oIIGbQ09dLuCZxdQBa-zdXc55tKH72DNgD4oUT8lca9QKl_S8Tg3_VO86gZVZricd0Qtl8KZ8bQflSynqfIIO2Phxon9UrRfJP01oYnNaG6OI1pu_3F3jwT36z5qQTF6aiimZR5RS6rC0aycPKVbSsPj-_F5_nWuur8y-pfbjTHSmltVuEBT-1Sxw4eI3AA1v_xsu20uJGu8u05Ul8Qm7nqSXhb3wt9QNzuJ-Dhg9oFL2b5zRIsZJumebfjilcfvH3FQM8jocGDX5skJZMIQblm1miNa_A9Q_7A0rKQik3CHSGjFgk8tTkvh3LPl0CSX1v-StE0AWFosfBhpOVjSo2NyDhLxuUcFK5nu7wG4bhrnWrOGOfyPW2SDvlgsEFnHLUI5JqWQMLPkPTLqA9RO2xZqlmWRzOOoMSNfdsFKiQgsiIgPBPfJy1uXMs0v66EpEDoIHbxJfmsyzqb-C08HU8TGIQ-45YeSfCKiNed7-PtCvxvJEW6_vOSJSVp04b_EMn-gX3lUazPuePJz4qOHkFulCRrmxomp32-XaDwZnJTPV9tmbc59ODypCqGszOXO3n7CIPW--e4w3umpgFz3GKe2Sw3DLPEnZqAfhgQ7nGBQhEQe-vg51vtxk1lPsNgClynzQHk1C6BSPUlwxPb7_O5l1tX0shxDi0N4uTZMNRhOp9JI2oO0Vcz85TKeZtJufXE166e5Mf_Blx3_lPW_UKV29qlODhW6Sad9JTWpzPo_1NKD4iZw_yKtp09kyM__fcKUefsEQSQU2xyl4jVzfGfPd-O-BjLUazRwKW_INpf2GrSK3xlNe1X5zZzcV5wkTTRjm-JyokH8I-N-jtlxmGJI2Duh29SG4VIYempV5jWfCmGa6rmS9qqwaO19bicWxCbiHL4VjD2ZncYDmAjcZ--gFfvmNBMT68IjjL-bMrVPjIr39_mM5N3xJ66WBN_ry5GnqjALitpXcTakt7ko2pa6lkx6KxcNJCH5tEoXfzKnZS31Aw88ZnoR0SaULMiARVIwyBc4iDafWco1ooggcGbNTIrl2vBsxT5o9_EywTUFe7TBq0bTcGpG2TrH5npT_QtRIkMgLsPGBKqRgu8mwmH5j5x2SPhHPFTmNs5O7nm0AWKybasLcrcp0nym3mlsxNi3zSjFQjlwH1tY57khHxQlKKzsNB0Sov87X7slkpc6yTkp5f-WvnLCG3ScXQ3WGHJdOdIQKBxLDIG7GxcCV2gZTH1Q5FD5WtA1DXsVfSzkspe0ERR3vIfhNGoFYiOJU5YSt7ya5p4n7kVh3du2oBjvgZXeapCy6KikSe2QXLGdXbwuh958pqHo25m0teln-YPgE0gXJRRW1ADb2f0IkIEkyEeEFb_bOFK9ltLo4sDqJOaUsfAVIVDRcaJBqhfe7gNBQ_Z4IHVAFoyoZD9HQOVH9bzzsmQ0uMisxcjCQqbAQKbYdJoaOjdOLuComXhE7A4K17eFXwwDw7AE7wwyfTtZvtxTF0XlFvBDG0Rl-FK9npQtx6vDnf2Nb_cdMEG-ttSBKF6qMnydJvAL5PAODC5X9DR1rINy8wv1ym3kyChtEZMDEn4itrv4SE1_AqsQNm9g0hOa1HV1sxxwkl1NQscwaIKLEcnOjkKcXQLtz0Vu7tmfUo2naC3YbuJ8TluFgb8esQ02say03iAyRmCJrIqcBpV-enOuRt0YvxKQJci08NiNdh5HHFSnGN5kVQ4OtsMcCXTXyosPuyYXz4TJVsgYb0Jo6xN1qN_VcJq9eI2N7YBXkGaUU04g30i15QzKrO92_AswTUR0991_rmeekCxKhFH8h85j_oN08BFvDGFnoz51EqDkufR_4sm5oLGhtlaQV3s60vjHJqvXFH-bSezncrovHaYwivv_ByYd1xO0TJefXJz_PByBMOByMxgqqSw737Bdl3aq2w_BVjrjUYiHhnK7fr7Itx7plW5UkPPo1dZD1BJ9X-MxlKSlFXa04miZ4Zemg_R0IPFnOBEaSZXGVGIfB-vjojO5fJcObtQzNSwodvBpsL9D35fAGqDHGOxPse37VPTB-DOpUVV4DrBvQfcPgfb7LCWXxaqa0g16v_eX5UMR_ZxA_XC_0Os3lCkDmuS95cCw3I-wNdXBUVOKoebhnfN84YLzlRKT9alLXaKvdajRhVOFGAbcV641SprPDYOXglSZquHvWPuGXuZ4qJyZObmLzaaCHEDyQeduOQbez5DMzvV2fBljGM_VoQT39dSZtaI88eLCzQFzVHPj1XIBgfOW7SCJEATUJyqyX-J9jjfs--VtwzuljCljjrL2oKbp1TLkBPqn716-i5HJIUxRjbrIeaJ0tFPbfS7Cl1CKfxPqfPA1-0ZescBhINUrHNtkJkIDZBr9kS3PTRwrkxrRfHw03WHksGXhy_wWTFLDw-jqzE-3lh6vuf5dAfB_shDFUQHRv1RE7eCc7sDmtBvdfD211bKwEweCAGb07SKbSK7iYbonhQs1oMJ8rZW61Z8zVg9Tx5wzgDxg8ZYX4JkP-emfDfI7B6dV1rM1VPNFKjru2J58fVso_tOMEeRyMC6PUwfIWoKJbKzmxpKK_NfHZeTh8tVwR2Ja70-gN_WrBewui6KNMnBxC211SNwhxAfnXuRaQO6_dBmHpqtqr2JpgMzl-0fPHsRK71ewOzjDwHHAB-cU6oS8ZoohB3zxZB0Ol0mlkksQ4H-R2LmjaGwy8AxINKk3F3JMeZf63QDijAW41xkGdgEhrvmgRjpDnW6IkggwGkz1A138kS03D1RUEpU8XCqsEj5cC0gBsNgE3a408SYf8BGcIdr9mDuio07RZAwPS_a2g939_RuIWVx6piXVrv-jKvBm-Y-PH4O9MiyZVnystp70_t83T3k6X3F7xUeNIwy6KUXzlYwN4qsef0_JfRrQEg0VnjCuhJLzhnGwyY28-AUGVTSblfyDvW-PU9hWtyOHIFzdN2bygncF_21NCUsZ3DZ2FcdeG6o39_OZVQTNPsbeiJBZ3QQ7TjRab7jHSp4_EnaCLBEGAP1VqrTSwSdTB36VtLsEyTTnjTiJ9fPsCfrfcnrEYWB1qmPdQLCx_VYDoOvRVbR2EremMtz--3jpbXlkWgZmwtM2q9me-vP61yY-BvjTTeOvtU7XZdorZxTVjRnTjyEbQ-04s_k89LBWxK3ESEwjZbPctd059d7Fw6cvJioBS_eDUnL3iNXOYvf4kZPRzrGKJeCIyrDT3MrUO5o2SIREzbw9tlpmDi5wqHgec1rddyD495Z0T4m5jyHT0pzve8-rVO65p71rJ_sze40FAe6MnvUcyQs-n3b1lrk2rDZ_QRx7dPZWp7PieT0Fy9GfTPD5-lAmkd6Vh_rMV0YmQOJHjDvv_1ih2aR_AZDT_ABSY6HXJHl-CdAWmsuO_z2RTLg9IwubKNP_PV_x3HhpCouv2WMgDqau6AX_--9n3cPyP6UEG-0FFiC1gbr9DKbC7t4ypsgXlefIfMIutbrn_fpxryJURrRn-3lst1ZpuX_NQRsiH7Yo2TLK&cid=CAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=6001562261801801000&adk=2086295851&idt=90&cac=0&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
379320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4a216dd4949d99919c7521bfa8843b050a2fb103bc03b2af2cc2c37ed05f757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91548
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Oct 2023 16:20:24 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:1230:dee4:99dd:baf6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
banner
ad4.adfarm1.adition.com/ Frame B8B6 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787112&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1413619577&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3D&gclid=EAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787112&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I-XbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K-evg7lKlOvAy1U-6P-7QF-oMmGPDl_DoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4-bCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn-2F9Ni9-wUT7mIQ_v3Jb0hLaIli-HzJUbhmTi2LGWGVKi8c8I-R7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU-8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcB&ae=1&gclid=EAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD_BwE&num=1&cid=CAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ&sig=AOD64_0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q&client=ca-pub-8933329999391104&dbm_c=AKAmf-AAPI-oJ328U--RtqY-5a7-1SBS0fs3R2bD_lQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8-dkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1_fwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC_EDA4ttHg&cry=1&dbm_d=AKAmf-CP5-ZKfS9_E9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS__7Bd8EdzkZmjt_FmQqMfmuWbmqlP5y9WKx-x0-sUs_hfmTAoF8_ZMtDDV6A1TVgYM1Xo3fUi1uJXo-AhOYwVyTzX6-X6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y_UtB4rlaN3dzG2J-O2_O-315Q7uWWZVcAqA_iJDRXWYdv_FmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e-S1c_7FyvcAB4-IktzaJq4cRDJmN6qq03n2g7cN54W0RAO-q93K9bYi-_0I1MQSiX3DeVs_29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF-RG2IxiVpCpiCeLeDplTK4Eg1DXU_EeGvwU9OdyqebBjbvD-EGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb-9kKIckJSCDIBWqF2wpS32Qt_kjDEMNT5jCmqOrHbZcqvl-IiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
f89e829205e0bc7e6d98c46db7d83c847f5533809beb18f0df0875b158695cd5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 18:20:24 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 6C41 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:15:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 15:15:44 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 03 Oct 2023 16:20:24 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
6765
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230112-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1696350024.290996,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
40
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
3861
sodar
pagead2.googlesyndication.com/pagead/ Frame A262 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=3203946015878668&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CD0C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
128842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 04:33:02 GMT
expires
Tue, 01 Oct 2024 04:33:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
ad2.adfarm1.adition.com/ Frame B8B6 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4389191&gdpr=0&gdpr_consent=&ts=7285767875653864204&kid=5609187&keyword=PACS_4787112_17068014&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787112&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1413619577&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3D&gclid=EAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
bdfaf1d248b4e4b93894b61afe0f7aa8457fe3dcf7b57923ba36bb8159931214

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Tue, 03 Oct 2023 18:20:24 +0200
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39r0&_p=127493778&cid=383059617.1696350022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696350024&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&dt=%E7%89%99%E9%86%AB%E7%B3%BB%E3%80%8C%E8%A6%81%E8%80%83%E9%9B%95%E5%A1%91%E3%80%8D%E2%80%A6%E5%AD%B8%E7%94%9F%E5%A5%94%E8%A3%9C%E7%BF%92%E7%8F%AD%E3%80%80%E3%80%8C%E8%AE%8A%E7%BE%8E%E6%AF%94%E5%81%A5%E5%BA%B7%E6%9B%B4%E9%87%8D%E8%A6%81%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
pagead2.googlesyndication.com/bg/ Frame CD0C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
592942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14693
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:02 GMT
video.min.js
vjs.zencdn.net/7.11.4/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.11.4/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230050-FRA
date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 16:37:54 GMT
etag
"dca7de69f28da40d65353c2e9323442b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
148475
x-cache-hits
4
banner
ad2.adfarm1.adition.com/ Frame B8B6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4389191&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7285767875650060647&kid=5609187&kw=PACS%5F4787112%5F17068014&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gclid=EAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389191&gdpr=0&gdpr_consent=&ts=7285767875653864204&kid=5609187&keyword=PACS_4787112_17068014&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
3112999f3c49fd4b1cd9ae0a87069378f8d54c638cd6946c25bb8b5b30903f56

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 18:20:24 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6C41 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?I_4oMA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html
imagesrv.adition.com/banners/268/01/09/74/8e/ Frame 95C8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
686e25b07bf001dc76dff0ddcf9f4e4e429b4a0f168d3d72abc3696939e2591b

Request headers

Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
1104
content-type
text/html
date
Tue, 03 Oct 2023 16:20:24 GMT
etag
"4158419693-br"
last-modified
Thu, 01 Jun 2023 08:55:08 GMT
vary
Accept-Encoding
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame B8B6 		2 KB
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7285767875653864204&btr=true&pos=top-right&cid=558342&aid=558342
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
906ae728d9078876df2664b1d0d47975400fbe3bad207fef4a562d26cd50a680

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
content-length
608
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
truncated
/ Frame B8B6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ee797ac55455ff08f6d9dc8c733734b73e9f47cc1487230845a4bd02687b8b3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame 95C8 		753 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 14:03:40 GMT
etag
"1134380014-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
createjs.min.js
code.createjs.com/1.0.0/ Frame 95C8 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7ed6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Tue, 03 Oct 2023 16:35:24 GMT
Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.js
imagesrv.adition.com/banners/268/01/09/74/8e/ Frame 95C8 		51 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.js?1674114188906
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
a52f8196f53da810aa8dd44a33a4272cf8c483a7c24d5d1a5dd32a25d6ff13ae

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
last-modified
Thu, 02 Feb 2023 11:23:59 GMT
etag
"3593526640-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8038
adplayer_privacy.sjs
imagesrv.adition.com/js/adplayer/ Frame B8B6 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7285767875653864204&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7285767875653864204&btr=true&pos=top-right&cid=558342&aid=558342
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e0d9dcb0630c51f1e8bb9f1131d51c4b4bc5b31c28fd1e49526baa64a27388a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
content-length
6039
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
09/22/2023 01:09:22
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
c970389884896f6a8e9a157c31d3cea3
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-167
cdn-cachedat
09/27/2023 15:06:24
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
ea9c0c7f307357622092f4738b863dd8
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-587
cdn-cachedat
09/10/2023 07:57:09
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
9df9daba7f34309d3e08e3a6b8f955cc
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-676
cdn-cachedat
09/22/2023 01:10:25
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
ed68b672629e82df5832478cea91897f
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
6b51a61d-f090-4951-a6dd-e6aeae4ac53c
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/6b51a61d-f090-4951-a6dd-e6aeae4ac53c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37aa638d975433ed399c89193f3b62ef42f6af56fdb78702c7fabe63ca9586ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92726
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Oct 2023 16:20:24 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cdaca743c6e093b1c63ce23430a59a8642e95e1c279dcaa1a5eb44fab044bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92739
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Oct 2023 16:20:24 GMT
5c8a9968-487d-4843-adf9-04d81daa7619
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/5c8a9968-487d-4843-adf9-04d81daa7619
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
d04e6636-f904-4e73-bbd2-608333b16264
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/d04e6636-f904-4e73-bbd2-608333b16264
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD0C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHf7zSD8cZevnCeSEjuwPruuUyAgAAAAAOAHgBAI&bg=!DwylDEPNAAZN1Q_XbdU7ADQBe5WfOMDjF0qbGVtFIubBjSMw0_gVgIjxZn03FHJrScmuB_zHEb5yLfwUoZjpUV37YLkkAgAAANlSAAAACWgBB5kDDSvoBHkGt0gVTJc1qmbZoGcZoexfLwy06wxxBWX5cAR29qvgiaSV7580Yli08kTycB96cAwnX1HAkw2xFXcLp2mRj3o5FmJw7uPNQyK5fcy7-xFNIvxrj5NCIcRvowiatID84MBoUKVjCK3uPt03lWu1gYtpc7cSRzhjQAPNGfg0YlHVHzvRcB2acdbLwxdCct2UWgaPMU2ZP8__sj55qqec5ieNAZtWcCMWaDZjx_xOm1CRSf9OPRUkj3bm8LABks28ecoJIlxk_zYK3qgfQdtinRIycytmyyp98B_4fAtLIM1PrsRJIm2l0gdTHGAgOeKdxg4hkAOmEZA4Kqub0s_stCbIF4_I_y-zZcZ2IOKh3YdVfyIOE6eulgIFRaGtenwiPkrxptK8w4SWulpUvKnDC0lDr-pUHRmGIwupxzRon1Yd3M1d5S9fjhKgtfSK5xbDIa5fTVxvEjLk2568v_PBov5u75Hs1IZDd0hxMSHn6xzKYp80UdS1NHRIFglhWLobc3HI723N4vKbbTLjrBLlbuEkW7hT-1icYBNMpSPp9cU0WYcMT9cer0-i89snFFriQKZlImLCOHkikucSba58SFHg1E-npFQY0KVj2X8v2H4NOk8GASBbM_zE1-U52jDNIp8Hvg02jAzBJo4imISedQQcT7IdeuCZbuaa5rAeK4kZP0VJnzrSttb4oCNkow2gFaxt-tQEVp6tibavGwp_b7tAFrkEDfRmzusEa9WXL1k_44oU_ynNbj9EUW_o7wedMkEJTJqp8tZKQvd8q8QmZjIyQea2gYWyTMW7QoPScFuxLH8EPH7UmbNINw_cJtYONK33_onf8xvRMioTEsXVpdVWHObmFfmrjIi2NKaw5D2mSyijsRCxO1w9pOmazxKjT8mqhndn41Vo5cAdAZpe6wdhdmx3FM2BqJm8JG_Vh8REZPQtzhRh0ke_HfLSEtZJHPIWs8N9PBn11xct1Di-yFX9vkZ4wm3XFXFa_hstnTfCwyywZHLeMPgiii9SMjAmhSYDHOZ_uretomk
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame B8B6 		3 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7285767875653864204&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
br
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
etag
"524465627-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
918
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
DE-664
cdn-cachedat
09/06/2023 03:55:39
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-722
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
289cee5d9b9ad0442b3f2932358a51dc
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::874:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-874 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-51
cdn-cachedat
08/02/2023 18:29:37
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:52 GMT
server
BunnyCDN-DE1-874
cdn-fileserver
135
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
7e65c47dc522ef7d0c4e08ee04ffda96
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
bridge3.593.1_en.html
imasdk.googleapis.com/js/core/ Frame 6987 		723 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
493710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237116
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 23:11:54 GMT
expires
Thu, 26 Sep 2024 23:11:54 GMT
last-modified
Wed, 27 Sep 2023 23:10:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 16:20:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5999 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Oct 2023 17:12:40 GMT
playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 		171 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:24 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
NY-267
cdn-cachedat
04/11/2023 16:02:55
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
04e01cfe4de45ec244a8996c87f2007b
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame B8B6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:24 GMT
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges
bytes
etag
"502461915"
content-length
3262
content-type
image/png
9159dcd8-3d17-4c8e-a308-68d54f23c20d
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/9159dcd8-3d17-4c8e-a308-68d54f23c20d
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
6cd8505a-7771-4715-9a85-e649edd53168
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/6cd8505a-7771-4715-9a85-e649edd53168
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
855e7ad0-3ad0-49cd-90ec-3eb6253da9a9
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/855e7ad0-3ad0-49cd-90ec-3eb6253da9a9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
bridge3.593.1_en.html
imasdk.googleapis.com/js/core/ Frame F37F 		723 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
493710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237116
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 23:11:54 GMT
expires
Thu, 26 Sep 2024 23:11:54 GMT
last-modified
Wed, 27 Sep 2023 23:10:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je39r0&_p=127493778&cid=383059617.1696350022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696350024&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&dt=%E7%89%99%E9%86%AB%E7%B3%BB%E3%80%8C%E8%A6%81%E8%80%83%E9%9B%95%E5%A1%91%E3%80%8D%E2%80%A6%E5%AD%B8%E7%94%9F%E5%A5%94%E8%A3%9C%E7%BF%92%E7%8F%AD%E3%80%80%E3%80%8C%E8%AE%8A%E7%BE%8E%E6%AF%94%E5%81%A5%E5%BA%B7%E6%9B%B4%E9%87%8D%E8%A6%81%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
content-encoding
gzip
cdn-edgestorageid
864
cdn-storageserver
DE-679
cdn-cachedat
09/20/2023 03:54:27
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
301
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
8fed20a80be87a69d5485dc12b887c71
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg728.jpg
imagesrv.adition.com/banners/268/01/09/74/8e/images/ Frame 95C8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/images/bg728.jpg?1674114188898
Requested by
Host: 980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
URL: https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
511eee36fe9776f3f991572906e39faa2d3b1df26d4ed2b0cc93ab455da78d66

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:25 GMT
last-modified
Thu, 02 Feb 2023 11:00:41 GMT
accept-ranges
bytes
etag
"3224661776"
content-length
2628
content-type
image/jpeg
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
09/12/2023 20:49:35
cdn-pullzone
829957
content-length
345356
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
b4d13814873586449760b57a525f2cd1
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ Frame CD40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=3203946015878668&bg=!5uWl5arNAAYEJRtnJCU7ADQBe5WfOCpPOjilyEPXeooGOnIp29EomehFqSTVMgeYtaRNLJSb42ubccKZwuUFx8bJL_ekAgAAAL5SAAAAB2gBBwoAEmuS8Zg72UsRfj6gLlgL_cs3bJkCz-OCpUGgajLOUJTqvDHkv0Wp1kIYFArhMTc3VC8fieQrtylWU-MoGs-93lrA_DeCgWUuCxhvPcVaGNG0FeD91BHan5Rxm1SCnQ6LP2ge8_-TaL9sQXECxY1aTHAO-FM7sSKHgFIMfXOgjJn39bTouaRHOM8LcN7WVWUxXIbSdy6zKeU07m7NpFaP_xwchuUXa-YHBINGOI_19JC1WK5n_B1y9YssY88XYyJuRKJo0PXjM4LYoSNht8GL-JPBMka_FnifvtS8xiftMjk-3f6iK73nFg2FcOMIhkFJ0TAtTVHnds3LZBxRhNpoqnM7cH33BHyBfszFyRB5aIgir9pM643eD380WSaA3sUpzcnv93Sb7PK-HbwATzUS-abTTyun3azyUQICo-wVymABLMqCTOHhrdGQmCFiEeIyJewmwxB_zaLfa7U-BwCv0lRm5lyP90aljhncaP6wuoHiVwUDl5u3L6u4trhG5iqSPUWArheWFc-8JOswFJOM1-PXid00-mMpf_yoiY2TaoUMMkIg6XWx7ssyi9Zay48qYYxs5PtbtbswEoIyPWz7sY7tuwKn9A9klM63ViO7dA0YwY_xdgz8uTIO40KAA0v1wIduNjua_OmXxFxJS1-VZYUUJnCy-M01fQRrxsRtYDFRGo5IGII2JKPjQ2SEEJ-n_xrDtNaHimKT3xKaz8kfj7dFvCOr2bwRM7Pknwf6X9z1yGbEm3H5j_9s45LvSkD3l1xv924HWHJhumVDOPkEhKOPKOeB08sHQTEpDouYKCZ3lGl7JON2TaBVfiuwN9clRthNxumzZgCtRFs29LC4BZIoio7VGFyqcZXIZslCvvz5JXKDEjetBmy-J1YnVeFf5dxIJI5kGKum5PG8Z-FA2JSP8dqO5PYufWtCXgwyLbbxjQC4ns8_3PODuxFNKVxUcBWI_KawP447NueKGnNBtWovYHWI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame B1F7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvboyMXoeekdodgD1uhIYASQo5Xh_KDIpujQP0_vNah3KDuWbYbd-q6SV-2jLLLRDmFPyd1QLQC05VMPUR5XHDP_7cNSsoR2DRrnkSMwfHaHilGAidDiKNN5S7J58kInX2RCkrNAIeNCsBYr1vqyKpatyyc1uafIULuXiBYEEDGrHg_vAiEMTwIfNRUU68Indy3qYxCivfbF7FgypTEhyu_Wr_bqOCIbF7rzPs0jh4yWMIYTF4BIKj5A-iwnLTA_Q_8k0NiMopYRPiARvoOVbUsFCuCkSabCl4oSFGsxih5aW8vWCGqCB4KURjoNJbxCEXl2TmE314iKkll6uPCHeOYBOpAPZjATF3qgrChG2JsLKkIwYPqV0igayYrQ44aVlyUUNIVUWtHFafJqGz7Wqe4RCU6nG06R08ipRRmqZ2wyVstHTnLF_osAHxqiSeGnzqCt_e77O4c6-Ge_BEkyKV25WZiDC0D8wi2fUoVq5qbib1XQyfHS6GTKmC7o-UBzPpiPN2kVuwh19B1iKoEzBLA98dq4OaQdo70sJG7-Bhd53CbtXq-It5W148b3gbTo5eFY26ESpRP-dnO2vTxZAqfoEarERshGknm-0we0CetqPPpU2Gpi22q6oilxtnE9-C3WDnUh4ApU8HKurP5JXG-uQMCx1IhIK_rU9rdWRnzS9tvLLeTQLxfrInvGqPtL0JxWFDagV0YwudI02xyY8kd6Gjh-c38XBuy4aYHwokfAm_lHm4FzcWVOp4NswxuISKvE7Dq1pLCHFH0x8h9AXJJY11XFIa7-A-6KAX_6re2v-0-BxPcsrJWFynqvipJV4Vn7slZLDattnc0lvPas4mBxdXXWl6PgNnN_l3pPRqWItzlZza4DL5zffFZGvgJu5kZ-mQX5sMCsHotcqZw1GP2-UsmW5ErZ5oqlwPSwLyRlqgXK04xtW09OST556385VHoINsSVAm0wko_nAMW__6j29gaQSxtr-tYiVylzAq1FJEq9Z5h4e1IhMbEb8v4gOVeX6lbvGxvXZYBaJDvV6MSKt2Xidsn7HDMF7JteUelZQy24MIwYZYjR-ysqAoWI0WEKX2OlPjpKrc5cJINrt-lDOLH_w8KRqVf-bpNBRNztMV2TGOi3gjhvYSZY6S444mVQ57ki3qjSOA160-IvipxwCRINg7fAxvY9n4bxtUCYx1sTxpvILitowq0arYtCQ4SeokHTev2wsuWGnJRhoavvVjovuEsJheovQCzbfUGvjZkg9_zXqAl6lPalRJvydGCjb9AsOnZHWP_AIktzDe9HEtS1fVpfhIsIgU32af0AkauSBqu2EadgkZIPJLJUFFFZzwlRueZWf72QqN34Qz6lPISUa16oVWj0F0lhtFcYojUjAM5gVELoxCavvNXuAjRs4I8YxaBJwUBgJ5KzbRjI5_WXGh9BtMug9-RKSNg8ePaW4oqXGS75_L8D7hsrXJeNQDsjokg8P_BTh4IsjzyDgFXuuj-simoahoi6c6tiIG05g3ra_k1Dh7b2-V8Ty9ioqA&sai=AMfl-YQarhxepaD-ZE2xxQwlYQ_Hp4Zpgoj6qHcRRV8cNuaqTW3gJEmVbnUlnV3kWq1mzJUOiM49_wYrqMO2jBTeb6oGzqm8QTg3K8G_zOwgk-Hh1L1VSOgq3Q-oxlsl7pieCEsDDczKl4V12HGIBRPTyzvCp48gVAH7dyE&sig=Cg0ArKJSzCfxZoYWJd_OEAE&cid=CAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ&id=ampim&o=236,60&d=728,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=259&tls=1260&g=100&h=100&tt=1260&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_img.png
imagesrv.adition.com/banners/268/01/09/74/8e/images/ Frame 95C8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/images/logo_img.png?1674114188898
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
9595163d2b730aba54f3c7834ddb69c701548f2730566576d4664b29f3cb07d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:25 GMT
last-modified
Thu, 02 Feb 2023 11:23:59 GMT
accept-ranges
bytes
etag
"2491636489"
content-length
1032
content-type
image/png
p6.jpg
imagesrv.adition.com/banners/268/01/09/74/8e/images/ Frame 95C8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/images/p6.jpg?1674114188898
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
81d81845497d49458e89486b94a5720228a885f7ed1fe5bcb1ba53bc22301d17

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:25 GMT
last-modified
Thu, 02 Feb 2023 11:00:41 GMT
accept-ranges
bytes
etag
"3151801262"
content-length
2479
content-type
image/jpeg
par1.jpg
imagesrv.adition.com/banners/268/01/09/74/8e/images/ Frame 95C8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/images/par1.jpg?1674114188898
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
a56c9ae8c8d3cabf870d50326f7741ca9049adc920a89c5c3fb2a76a2cfb844c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:25 GMT
last-modified
Thu, 02 Feb 2023 11:23:58 GMT
accept-ranges
bytes
etag
"3496137698"
content-length
8741
content-type
image/jpeg
par2.jpg
imagesrv.adition.com/banners/268/01/09/74/8e/images/ Frame 95C8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/images/par2.jpg?1674114188898
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
7a541d94de58ec4ebed17ba1b42572d46b492caf0ae8b11ad0b060e304b6a96a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:25 GMT
last-modified
Thu, 02 Feb 2023 11:23:58 GMT
accept-ranges
bytes
etag
"2181845175"
content-length
6377
content-type
image/jpeg
par3.jpg
imagesrv.adition.com/banners/268/01/09/74/8e/images/ Frame 95C8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/images/par3.jpg?1674114188898
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
2bbbc4207f29d8c0eba0666730ad69c2c1369b2731d60f70a78dfb7adbe93cf4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:25 GMT
last-modified
Thu, 02 Feb 2023 11:23:58 GMT
accept-ranges
bytes
etag
"3186087423"
content-length
5644
content-type
image/jpeg
par5.jpg
imagesrv.adition.com/banners/268/01/09/74/8e/images/ Frame 95C8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/images/par5.jpg?1674114188898
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
b803dfc3e59286d11b9956353ac92df4f8ff3f8baadac16e080e80c23a6faad0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:25 GMT
last-modified
Thu, 02 Feb 2023 11:23:58 GMT
accept-ranges
bytes
etag
"2123289512"
content-length
4795
content-type
image/jpeg
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 16:20:25 GMT
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		318 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-654
cdn-cachedat
07/19/2023 19:53:42
cdn-pullzone
829957
content-length
325240
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
649
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
699f8b1dedd81ef5f5f1c9e67be3532c
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
par6.jpg
imagesrv.adition.com/banners/268/01/09/74/8e/images/ Frame 95C8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/images/par6.jpg?1674114188898
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
1372168a99e7dc0c00136cede8e83319b562d2726cd73231d382a2bb5dbec415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:25 GMT
last-modified
Thu, 02 Feb 2023 11:23:58 GMT
accept-ranges
bytes
etag
"4213479038"
content-length
7118
content-type
image/jpeg
top_hide02.png
imagesrv.adition.com/banners/268/01/09/74/8e/images/ Frame 95C8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/01/09/74/8e/images/top_hide02.png?1674114188898
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
51716e8bf4eb74f4bf2ec388040407572cb791289d6299a112e87657f68088af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/09/74/8e/Mueller_Parfuemerie_Produkte_2021_728x90_x_210910_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvDIRRz8cZezTFo6lgAeowrKYAqGZkqtz3oa5kdoQZBABILqEwDNg9ZXOgeAEyAEJqQI9UsqBO5OxPqgDAcgDmwSqBKICT9Dgj5kAkzokSdVtm1T1dBRwV1ZbvP7dtOAuC5I%2DXbEaOHGOIWrEHX3UwH0KiiinJbUtYIQM4nSG06K%2Devg7lKlOvAy1U%2D6P%2D7QF%2DoMmGPDl%5FDoiDUbn8rTzucTNNW5NiUxCbkGtNBaARFTRlQ4%2DbCnrNW9e2Gn2eDpclKOj2KHIWXPP20d9hJQ4r4FYCsAhA4nSqtvitCVbGXPL1rn%2D2F9Ni9%2DwUT7mIQ%5Fv3Jb0hLaIli%2DHzJUbhmTi2LGWGVKi8c8I%2DR7GhwafLZZLsU4W5XXJ0PDJDHqAhZpW4j0ySDvuTdGnC42PqTJbD7MmLbA7TQ7iHU%2D8ivV8vBEi0PzQGXN3twUW9Q47r458REWi4uY5qolvSKosUzfVwZkf2x59v8nABOfmv6ulBOAEA4gFkaLl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIirC5pKTagQMVjhLgCh0ooQwjsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ%26sig%3DAOD64%5F0xu6DNhuXFoXRTcsZGLZoPvZ1P1Q%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DAAPI%2DoJ328U%2D%2DRtqY%2D5a7%2D1SBS0fs3R2bD%5FlQT2G7bSiHtEOHOtceh7VmRMgtTrRf1OGl02Keqid8QKcWSk8%2DdkwmV0zPVzAvdtZwhu4nU5tNiYilJkyMt1%5FfwZCsvGULAOSr8S1vUvZ6aMZAcwl66qJ9LPfUEKyFEdAUyoC%5FEDA4ttHg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCP5%2DZKfS9%5FE9rkZjmr6G8jak2IneySlZi2mVtcvv3kJ8chAVWQUsS%5F%5F7Bd8EdzkZmjt%5FFmQqMfmuWbmqlP5y9WKx%2Dx0%2DsUs%5FhfmTAoF8%5FZMtDDV6A1TVgYM1Xo3fUi1uJXo%2DAhOYwVyTzX6%2DX6VLFuRwOJfS3ILHdz4DUkm7fhuQwxTX0diI5wNQqInYKXgdgT2zElgKGkhucQoQb2OFfpuwubodVzMQ32y%5FUtB4rlaN3dzG2J%2DO2%5FO%2D315Q7uWWZVcAqA%5FiJDRXWYdv%5FFmoMsQVRedFKeLmmrgMcii5Sy07NYEmbNYPVokYuJ1Wo5FXP5FBc7e%2DS1c%5F7FyvcAB4%2DIktzaJq4cRDJmN6qq03n2g7cN54W0RAO%2Dq93K9bYi%2D%5F0I1MQSiX3DeVs%5F29w9eVYs0sjmWJ41FjdHOX9rS7vbMCs32qFdF%2DRG2IxiVpCpiCeLeDplTK4Eg1DXU%5FEeGvwU9OdyqebBjbvD%2DEGs4ojC7KtnitQF8NIWPgYSSmL1fLdhs8qck5wdutg8JQaWfb%2D9kKIckJSCDIBWqF2wpS32Qt%5FkjDEMNT5jCmqOrHbZcqvl%2DIiqVMCe8XIubVkzJT9gEdi3OtAnXqwvVwPARj3Jee7DEeLsDIrLlKZdNczBDe5g4WoSwIWNNeCrdLNOm0sx13bKHxIRdHGQhHNt66is7m1SpYU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285767875653864204%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D48799%2526keyword%253D%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285767875656158217%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285767875650060647%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17396878%2526c%253D61168%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMIrJO7pKTagQMVjhLgCh0ooQwjEAEYASAAEgLHwvD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:25 GMT
last-modified
Thu, 02 Feb 2023 11:23:59 GMT
accept-ranges
bytes
etag
"3142754003"
content-length
9021
content-type
image/png
ysm_bg3.js
ad.sitemaji.com/ Frame 7E12 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:01:44 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:30 GMT
server
nginx/1.12.1 (Ubuntu)
age
1121
etag
W/"6499300e-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Wed, 04 Oct 2023 16:01:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B8B6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQFSQTFgUs7NbiHrcLJEPM0WpfVohbcpCpK_I5FBSjeNrOH1v9SuK-jKCFKVXJ_U8n3Kmhh95rFc2DToJ1zptufXftRXH8L1q3RnQ9q2oiAjCWeSmDY0OBBDBcMu1O&sai=AMfl-YQgw641NAnVtGY8_466nviKYOMN6gxES_UcAHUOzmHdX0Fl0gyVWtNsRQAvi90lHCIAduqVThP76up1SL2eCMwa0udfHpLshKXwwqRvB3h6flAAMMoM7jdcQ321FUCW5C_cxOd-Yn3WaEcrBw&sig=Cg0ArKJSzD79wHRNmLXOEAE&cid=CAQSTADICaaNAR4Fbt6k8HSt7I3nerEU0R8TOoIQWWAvafLMGU381yY8DaQfORmofGmyktBuUYYdks5uHs83w26k2k2qzhEKxSaJLTbW00kYAQ&id=lidar2&mcvt=1008&p=1110,436,1200,1164&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696350023892&rpt=633&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 16:20:25 GMT
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		391 KB
392 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
08/02/2023 03:56:22
cdn-pullzone
829957
content-length
400064
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
86
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
93a44c1c988bea61bd204afd440e6fca
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		320 KB
320 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-576
cdn-cachedat
07/16/2023 19:53:18
cdn-pullzone
829957
content-length
327308
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
276
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
efc502c1746ebe9b70faf995ebc65344
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		333 KB
334 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-197
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
341032
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
8e0d852b81f7726319c66da8c7ce7a6a
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		349 KB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-169
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
357576
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
faa27b049d6d7f65af2b26b67606dea3
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 7E12
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6868
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFWx3dF3pXerNfE3nMFJQFLGEc4xSvgcpB5pGqLZNeVSi3GejvutG2ko4CtARvjOwBVwmXVnFESFBshntR2TAfCaCLhhXQPsmpLH5KZSvwbRNh0tRgJoH%2FNVJOUBUUMHFXa36B%2BzpZIJI%2BXU7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
810683313bfa910a-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-659
cdn-cachedat
07/19/2023 19:53:43
cdn-pullzone
829957
content-length
374496
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
633
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
2ab24f163236882e5c6f0bbf1ff6d095
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-680
cdn-cachedat
08/15/2023 14:35:15
cdn-pullzone
829957
content-length
382956
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
b53884d26cb48465ea701154c4baaf0b
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=191604880031&version=m202309260101&ct=77&x=1&cor=6001562261801801000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696350026165&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1558&pt=237188176&tz=120&viewable=true&ddast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rbcatc_vA!ufm_vG!ul3345_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e4d787d977deaa3b633bd08c19c485581b0696a29e3b97bad2f8be2a4b01cf0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 03 Oct 2023 16:20:26 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1420
x-cache
MISS
x-served-by
cache-fra-eddf8230112-FRA
pragma
no-cache
server
nginx
x-timer
S1696350026.175600,VS0,VE34
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 03 Oct 2023 16:20:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
218950
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
205755
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2c3b078d430bab620b3b2b4fdc9c5586acca7ae247e19e7af6ee6b8cc10e288d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 02 Nov 2023 16:20:26 GMT
pd
adpushup-d.openx.net/w/1.0/ Frame C996
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
749 B
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
85976268a7ddb625c005e1ba67a7abc1b6306ea3f07052f20f814397d7e88c89

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
480
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Oct 2023 16:20:26 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
isyn
prebid.a-mo.net/ Frame A60A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 03 Oct 2023 16:20:26 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame 36C3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 16:20:26 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 7BE3 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8491
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Thu, 05 Oct 2023 16:20:26 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
onetag-sys.com/usync/ Frame DFFE 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1696350022985
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame 869A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
810683309cb14dcb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:26 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 61F5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 03 Oct 2023 16:20:26 GMT
ETag
"623de86a-cf34"
Expires
Wed, 04 Oct 2023 16:20:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 480B 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 03 Oct 2023 16:20:26 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 6621 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
8
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81068330f83799db-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Tue, 03 Oct 2023 20:20:26 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 3C97 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
21540
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 03 Oct 2023 10:21:27 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-id
r0Yii5g5MAZYW1MjkogIgmqLxTkOoWFVtXyXRo8kvUzgcAx5eQyUFA==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
usync.js
eus.rubiconproject.com/ Frame 36C3 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:20:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46296
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:12:02 GMT
13926
g2.gumgum.com/usync/ Frame AA31 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.115.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
92229e6e59ee39f9d773ac79333c5aa2fd71375f7006fc2ff214754ee16ca9d2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 03 Oct 2023 16:20:26 GMT
etag
W/"0049e4c30bb824b6902fc958e2c5993e0"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 8333 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame B871 		832 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
c501c279b40e2895740c35dd2aca24e3aa439605e5a663f782bad406129234c9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
832
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
usermatch
ssum-sec.casalemedia.com/ Frame EEDB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0142b399cb277684abe027eeb471b5b092579d31c8fbe1a15914e142d68e014

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8106833139883cc5-CDG
content-encoding
br
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bi4E8I1B3gKnpLE3yKrVNztc%2BizNLcqpC5vxgacvwtZLULT1tSDGmAqiAnvXYOqNvTofm6Jy5dZqk%2BOmHCCd2gmLQoaYv0QwUwMv%2BsqVnt9NUdflRB9xmIhGJCKCcFp20ngX6ycgnWJ3QA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9DA6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 16:20:26 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 03 Oct 2023 16:20:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 77AD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132373
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Thu, 05 Oct 2023 05:06:39 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame CA36 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
606d5229532ffaca80a36c777be6d88e0182c7b6790ea2a953868cc276931e4c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
1500
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
server
istio-envoy
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-id
KJmkxZL37PBEvba1g1O_0yMbWNOu0iRYcJGVJ2nS8lxdhABj_NYtug==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame EDE9 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Tue, 03 Oct 2023 16:20:26 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0A2D 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.178.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-178-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
13ec901ae75eb060a41695cbaaece22dd49d196a1a260a04e06c9cfb4811dbee

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
713
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4100453253981970744
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4100453253981970744
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
an-x-request-uuid
65ef4d0c-b509-4535-aee1-74bab7aafab0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=4100453253981970744
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HbM0uRZHHfwyd5VITQmlFCO2
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HbM0uRZHHfwyd5VITQmlFCO2
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HbM0uRZHHfwyd5VITQmlFCO2
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 3C97 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 03 Oct 2023 16:20:26 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696350026527
  • https://ad.turn.com/r/cs?pid=45&rndcb=2309748280
  • https://sync.1rx.io/usersync/turn/4271883361042746048?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc472eb64a5b44cba96ceb504af229e62003
content-type
text/html
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5124322328791702166
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5124322328791702166
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5124322328791702166
Date
Tue, 03 Oct 2023 16:20:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=7cb1ebc1-8c0b-4b63-b07a-37c13a5156bb
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=7cb1ebc1-8c0b-4b63-b07a-37c13a5156bb
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-121
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=7cb1ebc1-8c0b-4b63-b07a-37c13a5156bb
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DC...
  • https://ssp.disqus.com/match?bidder=31&buyeruid=3770a831-02ba-4235-90f2-fc5134da4d3a&r=Cid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3...
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz...
  • https://ssp.disqus.com/match?bidder=14&buyeruid=4100453253981970744&r=Cid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnV...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:27 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 3C97 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
sync
ads.servenobid.com/ Frame 3C97
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 03 Oct 2023 16:20:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 03 Oct 2023 16:20:26 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 869A 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
517876
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
810683315d794dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame 61F5 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
an-x-request-uuid
cc75be13-00f5-41ac-8763-483c90de63d1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8699 		2 KB
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd7def18e3755a9b28fea6a3375bb36833f8b7b0fa14e7395773e154424a1aa

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8106833169d43cc5-CDG
content-encoding
br
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7LwVn00zT3UXwLm%2B%2BCjf9Qnm3vb3DcvLF6YBrL%2FclrPOf2qO%2FL1Q%2BtZC7r51sqbW3H02OkU%2Brjtt4CwMinAgGz78GFUVzkklfx6EltAt2tZavw%2FeSZo2BPsBuGVx7h1txrLooI3iFXsxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 9DA6 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:20:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46296
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:12:02 GMT
dcm
s.amazon-adsystem.com/ Frame EEDB 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9ZC5CB9ZKNY8SP54EWKJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EEDB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame EEDB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEE90jrLwAqz2jUO4d2n98s&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEE90jrLwAqz2jUO4d2n98s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FJFu6hCDSXGFTM8P11%2FbBxJKeiN2BWq3jAqRiuIh4dAMsTzD1pGRvEzQOYE9THZVnJim8pvvxYaKeAI0HarJprrm9B1ibzL%2FOUCQh2oEFH%2FQltwapK%2BE5VE3jNuMeVbFa08FOM4CUFwLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81068331f81524be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEE90jrLwAqz2jUO4d2n98s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EEDB 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame EEDB
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1be88fedbe054e40afee0f06768e2d07&expiration=1698942026
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1be88fedbe054e40afee0f06768e2d07&expiration=1698942026
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYptLn0bsfTQtv50q%2BhiyUsQca0tLuqQEs71mlevPCoKBZBpYs%2B%2BL%2BrI3isFXSemseg1Fpf2v07P%2B7t7jgcGj5hWWYzn8Vo%2FVN7NGD7bUM2EgrQSFX1Dh8stIiq3ZeA9t4TWMtiKmNWvNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81068332388724be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:25 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=1be88fedbe054e40afee0f06768e2d07&expiration=1698942026
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EEDB
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329528040792867
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329528040792867
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shDUGbJEEXACH2A6JgN8MEl72cf1gQgHj45Fpzjh%2F%2BVR1mu3cEq2V4lkStP6N2MTjM5zWfT7%2B82eUF3Q0sfT0MLKYxRCoKbInDBCJ4pEoW%2FS8meLJ42NHQ3fWagvdPiy%2BQbyVqaYjMhpmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8106833268dc24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329528040792867
Date
Tue, 03 Oct 2023 16:20:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bridge
cm.adgrx.com/ Frame EEDB 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-1
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
indexexchange
sync.adotmob.com/cookie/ Frame EEDB 		0
0
sync
ads.servenobid.com/ Frame EEDB 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 0D3F 		0
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81068331add14dcb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:26 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 26BD 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
crum
dsum-sec.casalemedia.com/ Frame 8699
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4100453253981970744
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4100453253981970744
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FutwAPgRm35DPV5dgESHFJGmfbJ75zinWxdgyFXGCWFBcmni3IKAvOXI4cEDb5fz2AeIG2IwMMtHXXAM%2FYsEaaQdbyDUcahrJwSF2N9NAYWz27EQkRP6T9FrhBOzGzQx8SRori242EWqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81068332186924be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
an-x-request-uuid
69b1534c-e664-4299-b6c5-872c20492418
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4100453253981970744
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 8699 		43 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1696350026708017-365
Expires
Tue, 03 Oct 2023 16:20:26 GMT
rum
dsum-sec.casalemedia.com/ Frame 8699
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZRw-SgAR4GCtdQA4
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRw-SgAR4GCtdQA4&_test=ZRw-SgAR4GCtdQA4
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRw-SgAR4GCtdQA4&_test=ZRw-SgAR4GCtdQA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zonr2ka02m%2BIQny6tk%2FiZkL3Iq3h5Oa3uPUK1SderOdW32tgVLlnbiaym7rkD277eYSV0tJeH58hMmscZXRMtjENyA2Y0hPldke4uwJbcw%2Bs3EC3Kbwp3LhpUBJPlFSmIqGRHUdmIGn%2BXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
810683338b3924be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230088-FRA
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1696350027.782298,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRw-SgAR4GCtdQA4&_test=ZRw-SgAR4GCtdQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 8699
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4199825767004818112
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4199825767004818112
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GbgKMs3vvJFBm4B3POwKfVToPaR4c2i00xBcvERZRVGxiN%2Fa%2BFUtrn75zfdMqpfcx6BPG1Y2aYaZkNHyN4Y5tuYp5N8MUyLYEm9DmBaBuwzd%2Fn%2BX55Um7VEHJ%2B4URkNc5jKVn7gEM6L7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81068332d9af24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4199825767004818112
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8699
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F7900C4933484875A43E49AF0050F1A0
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F7900C4933484875A43E49AF0050F1A0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5ysv8TK%2BUgfqtUyz6aiBHkxFNBgMOqC4r1u9dlKy1LxRMmye%2Bi4KC%2FDHNd4BcT4Cn4WcBeXceIecareqi9dJg62tvhwK6CRSHY8iwae%2BA2dXrybWFFfcjRS4kJKe%2BR7SRXFT1X%2Bjvu0iw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81068332a95424be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F7900C4933484875A43E49AF0050F1A0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 02 Oct 2023 16:20:26 GMT
ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8699 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 8699
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABmz07KOH8AABk7MLziSw&expiration=1697559626
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABmz07KOH8AABk7MLziSw&expiration=1697559626
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPz8Kttl0zZNUiH2b7RY0XpPBEIBTSFXgSMY5ZzzfD3xcJZllZHyelSq%2FPt0fgdCaP%2FM4GRuA%2FguQrtIATVkKrdtSftUEyRU7TqkcKVrcPzrSjrYqG7rrzMcPYNiuYQLuJyu41PxNWpRDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8106833248a724be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABmz07KOH8AABk7MLziSw&expiration=1697559626
Date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame 8699
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=33e3f415e5eb1734&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIPlZx_wb2iAMXZzfwAAAAAAA&expiration=1696436426&is_secure=true
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIPlZx_wb2iAMXZzfwAAAAAAA&expiration=1696436426&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xcoF7f3QxTSj8lnc8KcztG5pTt56oKFvGmgy1yIxY5uinMyf5xyQODOsuD0c3RREl%2ByT21WnDbpAUItJNcpILjmeCMKKkneOpNcVhg9%2F%2BE%2FP68QYHNVT8%2BD6yu%2BNqZ9bk82JeHz"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
810683338d713cc5-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIPlZx_wb2iAMXZzfwAAAAAAA&expiration=1696436426&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8699 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZRw-SCSPpF-G21atZNsmTAAA%265268
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
78230
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8106833209df99db-CDG
content-length
43
expires
Wed, 04 Oct 2023 16:20:26 GMT
khaos.json
token.rubiconproject.com/ Frame 9DA6 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LNAJ06TG-6-27CT
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 77AD 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38141618&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
468007d409af599657f4624ddf4a6b4ad131099123551bfc51ea9275db67a1ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
ap.lijit.com/ Frame 282E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 03 Oct 2023 16:20:26 GMT
X-Sovrn-Pod
ad_ap3ams1
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 7E12 		975 B
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1456
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAyP9B1Omu4ODKQHB4JeD0vWT%2FVV3vaQsxNruYIcwPl1qN%2FyKSAeKBsaXE4LGFxJ%2FFF%2BpQdvmVl4%2FlzEBnEYcZwZ01xv2mrvPmjCcXVfXcYzrw1%2B5lfvje5gXmHWrMTPSkCyX56ElUGSkvJsOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
810683322cd1910a-FRA
sync
ads.servenobid.com/ Frame 9DA6
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LNAJ06TG-6-27CT
  • https://ads.servenobid.com/sync?pid=323&uid=LNAJ06TG-6-27CT
0
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LNAJ06TG-6-27CT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LNAJ06TG-6-27CT
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
ad_request
ads.aralego.com/ Frame 7E12 		661 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9132237165626182&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:20:26 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.holmesmind.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
a8e44f0a-5198-33c7-8fd9-6f3707dae864
X-Adtype
html
Connection
close
Content-Length
661
sync
ads.servenobid.com/ Frame B871 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3431954353506989175&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
s.ad.smaato.net/c/ Frame B871 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:6000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:19:53 GMT
via
1.1 7cda9a7fe68f979d43fe743d9fbd0db4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
age
33
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
apikpPPv59YMR2XScIn_ej-F4SboSvkjVe915GGsl0FnYzKvQPAfYA==
pixel
cm.g.doubleclick.net/ Frame B871
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MzQzMTk1NDM1MzUwNjk4OTE3NQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MzQzMTk1NDM1MzUwNjk4OTE3NQ==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MzQzMTk1NDM1MzUwNjk4OTE3NQ==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame B871
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7285767875650060647&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7285767875650060647&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7285767875650060647&gdpr=0&gdpr_consent=
Date
Tue, 03 Oct 2023 16:20:26 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
csync.loopme.me/ Frame B871 		0
0
v1
match.sharethrough.com/universal/ Frame AA98
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 03 Oct 2023 16:20:28 GMT

Redirect headers

content-type
text/plain;charset=UTF-8
date
Tue, 03 Oct 2023 16:20:15 GMT
location
https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent=
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4100453253981970744
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4100453253981970744
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
an-x-request-uuid
ed2ac290-fb55-483c-83bb-bc7320ce1abf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4100453253981970744
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_342d5427-b653-4393-bb7b-5560445a6820&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_342d5427-b653-4393-bb7b-5560445a6820&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=cc6f9897-7213-4ba3-a466-1aa04a3dff21&ssp=gumgum2&bsw_param=064e09c4-747f-41dd-8df7-aa6886c11942
  • https://usersync.gumgum.com/usersync?b=bsw&i=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=0&gdpr_consent=&us_privacy=
date
Tue, 03 Oct 2023 16:20:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame AA31
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ukbF4AHUO7yZKO5N93pcbY9tqpguo7CLESiKrFG5CPuBL9j98MdiWwc8sr00WWCh%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_342d5427-b653-4393-bb7b-5560445a6820&obuid=ENC(ukbF4AHUO7yZKO5N93pcbY9tqpguo7CLESiKrFG5CPuBL9j98MdiWwc8sr00WWCh...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:20:27 GMT
Cache-Control
no-cache
X-TraceId
23b2de7bae774e9e3195d32e7dd8011f
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Tue, 03 Oct 2023 16:20:27 GMT
X-TraceId
424dda6c84f9eca4374a3873a434f951
Content-Length
0
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=acda22cc-7526-0a6d-3f8d-4f780f4ff6a1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=acda22cc-7526-0a6d-3f8d-4f780f4ff6a1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 03 Oct 2023 16:20:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=acda22cc-7526-0a6d-3f8d-4f780f4ff6a1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
Date
Tue, 03 Oct 2023 16:20:27 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-RK_jE7ZE2peVxAohdJuxYdzbbkLM6GbTpIJL~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-RK_jE7ZE2peVxAohdJuxYdzbbkLM6GbTpIJL~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-RK_jE7ZE2peVxAohdJuxYdzbbkLM6GbTpIJL~A
content-length
0
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=eb13e72f-8bb6-46fd-8ce8-f13dadae30d8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=eb13e72f-8bb6-46fd-8ce8-f13dadae30d8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=eb13e72f-8bb6-46fd-8ce8-f13dadae30d8
Date
Tue, 03 Oct 2023 16:20:26 GMT
Connection
keep-alive
X-CI-RTID
d42e9a53-43ce-4d53-bf0b-4b876318413a
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame AA31 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_342d5427-b653-4393-bb7b-5560445a6820&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=DeCr5RPIDf5RVw8Xds1k&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RDFINZDKUSQJFCGMNKSKZ3TQWDEOMYWW...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=DeCr5RPIDf5RVw8Xds1k&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=DeCr5RPIDf5RVw8Xds1k&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:27 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=DeCr5RPIDf5RVw8Xds1k&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=112dacbe-dbd4-4045-8a8d-67f1a1e39eae
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=112dacbe-dbd4-4045-8a8d-67f1a1e39eae
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=112dacbe-dbd4-4045-8a8d-67f1a1e39eae
access-control-allow-origin
*
date
Tue, 03 Oct 2023 16:20:26 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=XpKA9M9avpgA&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=XpKA9M9avpgA&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=XpKA9M9avpgA&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-b6f574bf6-69wtf
expires
-1
usersync
usersync.gumgum.com/ Frame AA31
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3431954353506989175
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3431954353506989175
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3431954353506989175
date
Tue, 03 Oct 2023 16:20:25 GMT
content-length
0
sync
ads.servenobid.com/ Frame AA31 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_342d5427-b653-4393-bb7b-5560445a6820
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame DD1C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=6943665478420919866&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=6943665478420919866&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.115.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=6943665478420919866&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 7042 		0
0
pixel
cm.g.doubleclick.net/ Frame 2FA8 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zNDJkNTQyNy1iNjUzLTQzOTMtYmI3Yi01NTYwNDQ1YTY4MjA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C499 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132373
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Thu, 05 Oct 2023 05:06:39 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame E2CB 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 03 Oct 2023 16:20:26 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame CEE4
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZRw-S8Co5tEAAFCv6d8AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZRw-S8Co5tEAAFCv6d8AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 03 Oct 2023 16:20:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 03 Oct 2023 16:20:27 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZRw-S8Co5tEAAFCv6d8AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40207.dc2p.scaleout.jp
X-SO-IP
45.12.222.172
X-SO-Key
ZRw-S8Co5tEAAFCv6d8AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"45.12.222.172","key":"ZRw-S8Co5tEAAFCv6d8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40207"}
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40207
gumgum
cs.admanmedia.com/sync/ Frame 7513 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_342d5427-b653-4393-bb7b-5560445a6820&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 03 Oct 2023 16:20:29 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame B87A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=W237bNMB3dWIoFt3dbV8&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=W237bNMB3dWIoFt3dbV8&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 03 Oct 2023 16:20:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 03 Oct 2023 16:20:26 GMT Tue, 03 Oct 2023 16:20:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=W237bNMB3dWIoFt3dbV8&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame DC12
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 16:20:26 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 03 Oct 2023 16:20:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
video8.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		330 KB
331 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-662
cdn-cachedat
09/09/2023 02:40:34
cdn-pullzone
829957
content-length
338212
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
494
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
63a0b861bfba6af3d9bddaab2c45f419
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/getconfig/ Frame BB68 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
857e6634fbf836d254eea529af865d2b941255e26e3a43716414c811f8ba13a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12266
x-xss-protection
0
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame C996 		0
0
cf20e0f8-cd9f-a072-6921-496038483aae
pr-bh.ybp.yahoo.com/sync/openx/ Frame C996 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/cf20e0f8-cd9f-a072-6921-496038483aae?gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame C996 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0331fac1-4199-89c1-98f8-dd02af2c3c07
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KYWHBG371RE5WDEZ3A04
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame C996 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=5be786bc-5d33-323b-58f6-5f95c71ff7e7&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame C996 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzc4ODU1NzYtOTQ0NC02YzlmLTRkMTYtMDUyYzBkZmQzOTg3
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C996
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPruaOyN-JJNFdOx4CN6ElY&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPruaOyN-JJNFdOx4CN6ElY&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPruaOyN-JJNFdOx4CN6ElY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
sync.targeting.unrulymedia.com/csync/ Frame 243D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=6025152002
  • https://sync.1rx.io/usersync/turn/4271883361042746048?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
43 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
43
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
pragma
no-cache
usync.js
eus.rubiconproject.com/ Frame DC12 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:20:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46296
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:12:02 GMT
a94c0a23-b58d-5214-9db9-16e9f8a529a3
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D9D9
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-6011506098370058169
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/a94c0a23-b58d-5214-9db9-16e9f8a529a3
0
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/a94c0a23-b58d-5214-9db9-16e9f8a529a3
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81068334083d4dcb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:26 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/a94c0a23-b58d-5214-9db9-16e9f8a529a3
usersync.aspx
dis.criteo.com/dis/ Frame BA2D 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:25 GMT
expires
Tue, 03 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
192641
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5E46 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 03 Oct 2023 16:20:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MVA2499694D4V586V35V
Pug
simage2.pubmatic.com/AdServer/ Frame 5D2E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4100453253981970744&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4100453253981970744&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ea480324-d07b-4b80-b9fc-b8fbbb466812
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4100453253981970744&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 4BFF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ILaQ7CXllbg7sZPqdOaMtyG3lbw75ZO4deV9ItkA
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ILaQ7CXllbg7sZPqdOaMtyG3lbw75ZO4deV9ItkA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ILaQ7CXllbg7sZPqdOaMtyG3lbw75ZO4deV9ItkA
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame D538
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7285767875650060647&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7285767875650060647&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 03 Oct 2023 16:20:26 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7285767875650060647&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 05C1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=064e09c4-747f-41dd-8df7-aa6886c11942
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=064e09c4-747f-41dd-8df7-aa6886c11942
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cacc5ec5-a0f6-4c11-b56e-6cd661df5d26&user_group=1&ssp=pubmatic&bsw_param=064e09c4-747f-41dd-8df7-aa6886c11942
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 03 Oct 2023 16:20:27 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=064e09c4-747f-41dd-8df7-aa6886c11942&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 9115
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 03 Oct 2023 16:20:27 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 738A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRw-SgARzSmMeQBV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230088-FRA
x-timer
S1696350027.858335,VS0,VE89

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 03 Oct 2023 16:20:26 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRw-SgARzSmMeQBV
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230088-FRA
x-timer
S1696350027.730797,VS0,VE94
/
csync.loopme.me/ Frame C113 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 5D23
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbXowN0tPSDhBQUJrN01MemlTdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AABmz07KOH8AABk7MLziSw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABmz07KOH8AABk7MLziSw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABmz07KOH8AABk7MLziSw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3431954353506989175&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABmz07KOH8AABk7MLziSw&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABmz07KOH8AABk7MLziSw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 03 Oct 2023 16:20:27 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABmz07KOH8AABk7MLziSw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 7272
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU99ebdce51a454f38a569b4b461737c99
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU99ebdce51a454f38a569b4b461737c99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU99ebdce51a454f38a569b4b461737c99
pragma
no-cache
server
Tengine
bridge
cm.adgrx.com/ Frame A389 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
cm
ipac.ctnsnet.com/int/ Frame 2ADD 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 1162
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528040792867
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528040792867
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 03 Oct 2023 16:20:26 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528040792867
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cs
cs-rtb.minutemedia-prebid.com/ Frame FBA0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7775699054741716146
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
0
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Tue, 03 Oct 2023 16:20:27 GMT
server
istio-envoy
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-id
JocpDjbqFBJUbtc6v_0cXWzyBrr9DWWRs7L1DFmrnIVBwRWbZZS9tA==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
117
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 16:20:27 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
ad.mrtnsvr.com/sync/ Frame F3E2 		0
0
cookiesync
core.iprom.net/ Frame A787 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 03 Oct 2023 16:20:26 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-2111a644810b@version_1.571v3
X-core-time
0ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 9211
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81068334bd560636-CDG
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
810683338b5c0636-CDG
content-type
text/html
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
465
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame BC46 		0
0
sync
ads.servenobid.com/ Frame 7DD2 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Tue, 03 Oct 2023 16:20:26 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 77AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-8D-DgjQS8qWrp9UWy_g8Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=132373
accept-ranges
bytes
content-length
5606
expires
Thu, 05 Oct 2023 05:06:39 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 77AD
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=&ct=y
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.180
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.19.191
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 77AD
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1706388907
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1706388907
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
via
1.1 google
last-modified
Tue, 03 Oct 2023 16:20:26 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
via
1.1 google
last-modified
Tue, 03 Oct 2023 16:20:26 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1706388907
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 77AD
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDcycGdacS1tQ3VTV0tUMmVTNFE5UGxCUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6612935009356825541&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
52.44.10.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-10-91.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 16:20:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 03 Oct 2023 16:20:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 77AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkJDMEZFMEUtMDhEMC00QkNBLTk2QUUtOUY1NDVCMkZFMEYx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 77AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFrWzOKB5PrleQOuivT8SZ8&google_cver=1
42 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFrWzOKB5PrleQOuivT8SZ8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFrWzOKB5PrleQOuivT8SZ8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 77AD 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 02 Oct 2023 16:20:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 77AD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6612935009356825541
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6612935009356825541
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6612935009356825541
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 77AD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 77AD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TMBiU_lE2uX8pjPvGGJbx56vBSw3uIs-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TMBiU_lE2uX8pjPvGGJbx56vBSw3uIs-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TMBiU_lE2uX8pjPvGGJbx56vBSw3uIs-~A&gdpr=0
date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 77AD 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 77AD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e76a5eff-d486-4a96-80a6-d0117a1bf20c-651c3f4a-4348&gdpr=0&gdpr_consent=
42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e76a5eff-d486-4a96-80a6-d0117a1bf20c-651c3f4a-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e76a5eff-d486-4a96-80a6-d0117a1bf20c-651c3f4a-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 77AD
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3d22d84a2d6e1734&is_secure=true&networkId=17100&version=1&nuid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHzEuqU2LFKgNLUuZEAAAAAAA&expiration=1696436426&nuid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&...
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHzEuqU2LFKgNLUuZEAAAAAAA&expiration=1696436426&nuid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHzEuqU2LFKgNLUuZEAAAAAAA&expiration=1696436426&nuid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 77AD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4271883361042746048&gdpr=0&gdpr_consent=&us_privacy=
1 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4271883361042746048&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4271883361042746048&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 77AD
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5fc9781a-d716-4588-bf40-93bc141034f4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5fc9781a-d716-4588-bf40-93bc141034f4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5fc9781a-d716-4588-bf40-93bc141034f4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 03 Oct 2023 16:20:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BB68 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 16:20:26 GMT
khaos.json
token.rubiconproject.com/ Frame DC12 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LNAJ06TG-6-27CT
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 4E30
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
0
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81068335da574dcb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Tue, 03 Oct 2023 16:20:27 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame DC12
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LNAJ06TG-6-27CT
  • https://usersync.gumgum.com/usersync?b=mag&i=LNAJ06TG-6-27CT
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LNAJ06TG-6-27CT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LNAJ06TG-6-27CT
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
6943665478420919866
csync.smilewanted.com/set_partner_userid_get/adform/ Frame D12B
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6943665478420919866
0
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6943665478420919866
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8106833488d14dcb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:26 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 03 Oct 2023 16:20:26 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6943665478420919866
server
nginx
v1
match.sharethrough.com/universal/ Frame 0A2D 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 0A2D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4100453253981970744&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4100453253981970744&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.194.178.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-178-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
an-x-request-uuid
aa0454ce-f513-4616-bddd-a407e49831a3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4100453253981970744&gdpr=0&gdpr_consent=
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0A2D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4100453253981970744
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4100453253981970744
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:27 GMT
an-x-request-uuid
aa30e93e-b7e9-42dc-8b98-a774b0e2ca1e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4100453253981970744
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame 0A2D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=bea94eaac4d9e8ca11914f1e12f5c857&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=bea94eaac4d9e8ca11914f1e12f5c857&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.213.151.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-151-23.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 16:20:26 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=bea94eaac4d9e8ca11914f1e12f5c857&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696350026831020-557
Expires
Tue, 03 Oct 2023 16:20:26 GMT
sync
ads.servenobid.com/ Frame 0A2D 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=lCAdLR0zkp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame F37F 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=66034AE2-D202-4A27-91BB-77AA2EECCDA6&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604%2C44802401&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&dlt=1696350022203&idt=2889&dt=1696350026813&cookie=ID%3De251d757ab4d7eed-220fa0cd2adf00e3%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MYoYkByHafrW2Tp9Ly3XH9rrch1WA&gpic=UID%3D00000c8ba1258626%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MaZRM7jfJawRk8s4u3qyOCy4eYDJw&correlator=2345011173790227&scor=2161939446490615&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A787 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:13:39 GMT
expires
Wed, 02 Oct 2024 16:13:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 63AB 		829 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31a112c1ae56000b73691c6d1a1c3b6d3f2948c9beb86366b788257feb6e2593
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e6S32YaGR9dY9pDjOEnzIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-e6S32YaGR9dY9pDjOEnzIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:26 GMT
expires
Tue, 03 Oct 2023 16:20:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cs
cs-rtb.minutemedia-prebid.com/ Frame CA36
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:6e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
dmfdog265XOi-OWrOWXdSX8FYUnURoRAXP3jxNEItJyaBCdOZIzaSA==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Tue, 03 Oct 2023 16:20:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame CA36
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRw-SCSPpF-G21atZNsmTAAA%265268
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRw-SCSPpF-G21atZNsmTAAA%265268
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:6e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
hUlyEteCG--d9oXo6MUuVhTHaKy0W--M3XBYq4Lufbc9bVNxcrzkuQ==

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwENtvfrkHnraOqkaRL%2FtCdmv7C%2BuUOytPaKOXfCJC3JNMbDBlswRufIwhZB2l6LYzsin4hUMEoP2Qw%2BXJYdyjivMVgFa9XTR6Sd3wP6OmeI2urzM2832VfjBK%2BzLmSYmkloiifqJpuvVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRw-SCSPpF-G21atZNsmTAAA%265268
cache-control
no-cache
cf-ray
81068333bba324be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame CA36
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=c2be64b8-22a1-0d6f-206e-4662871c7d02
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=c2be64b8-22a1-0d6f-206e-4662871c7d02
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:6e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
6kgBGDUbhihINxlIlqhriUx076rsduWHT_3VBqdUO99TCAW6aYMjMw==

Redirect headers

date
Tue, 03 Oct 2023 16:20:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=c2be64b8-22a1-0d6f-206e-4662871c7d02
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
ap.lijit.com/ Frame CA36 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 03 Oct 2023 16:20:26 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Pug
simage2.pubmatic.com/AdServer/ Frame CA36
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4100453253981970744
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4100453253981970744
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:27 GMT
an-x-request-uuid
86613c7a-b9ed-4b00-a46f-0922e86f04f4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4100453253981970744
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-rtb.minutemedia-prebid.com/ Frame CA36
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3084296709723666376038
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3084296709723666376038
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:6e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
nNmdokMEC63_eDhc55Y_Bu-UmaYV4b6UEexO4ZyJ7q4SDjTkAWKIHg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3084296709723666376038
date
Tue, 03 Oct 2023 16:20:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-rtb.minutemedia-prebid.com/ Frame CA36
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=4ee8a36d00747ba48c66715c5afd1ccb
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=4ee8a36d00747ba48c66715c5afd1ccb
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:6e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
Y32Hsy9GlSMbym4RrUn92CM3IK2eKSPaxOnC-xpP2VDm9wfTlW_NFA==

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:26 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=4ee8a36d00747ba48c66715c5afd1ccb
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
content-length
0
expires
0
sync
ads.servenobid.com/ Frame CA36 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=noIdLLj-Cp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
bea94eaac4d9e8ca11914f1e12f5c857
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame E98C
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/bea94eaac4d9e8ca11914f1e12f5c857?gdpr_consent=&gdpr=0
0
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/bea94eaac4d9e8ca11914f1e12f5c857?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81068334487e4dcb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:26 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 03 Oct 2023 16:20:26 GMT
Expires
Tue, 03 Oct 2023 16:20:26 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/bea94eaac4d9e8ca11914f1e12f5c857?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1696350026793094-535
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame A787 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:15:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 15:15:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 63AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230928&jk=3894423243177422&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
v1
match.sharethrough.com/universal/ Frame B0A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 03 Oct 2023 16:20:26 GMT
ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame B35C
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
0
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
810683369b354dcb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 16:20:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Tue, 03 Oct 2023 16:20:27 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
generate_204
tpc.googlesyndication.com/ Frame A787 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KTtGqA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 062D 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
963d8008acfbbb5c0323411e6bb0e73265e40a628b44dd1fbe44f6433cc47075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29314
x-xss-protection
0
server
cafe
etag
182 / 19633 / m202309280101 / config-hash: 18346230598739657090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:20:27 GMT
csi
csi.gstatic.com/ Frame F37F 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnaj08dc&c=8622720980039&slotId=4311360490019.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ Frame 062D 		413 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 13:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
9193
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 02 Oct 2024 13:47:14 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 062D 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2570449748270877&correlator=1700032390137442&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1696350027219&lmt=1696342827&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=d9qjchaad6cw&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1806730850.1696350027&ga_sid=1696350027&ga_hid=854779122&ga_fc=false&dlt=1696350026581&idt=621&adks=1911528252&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df227e29694069527569f0fc540c01a65163493caaa33fda1a40d132c1055486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12055
x-xss-protection
0
google-lineitem-id
6336189971
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437415221
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 062D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78cef58f0112d7b6ca4a0c8e16ae2bfa9e7b8ec0c0092c15aa53ff3b73ca251b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12216
x-xss-protection
0
container.html
2b8db313f9ceb4a4f0c4b1e8b98d363a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7839 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7C21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7GW7Xf9nIlnPygPLf5M_W6MO08zfjbLXOs-3C3nmNYyjlxlteerJLVSdfdjb27AjU-GvtlPggQy-a9sBksa0-SLr3NNGnxQ6Nq_NqwOa3Q0_Ki95uAdYHXCao2i6jdaNR2VR6IubCWG4vtUq7H27oddcsN36B0kVB5OIRpeBVNUDEIhXI5dskekJGlKoJPzLE7tv84Vfyb5jQtaZ2kyS5DJ0v7JntrfZecr2qXLVBXiAFI2Zg6Y_BpGUCZgle-tqJ4ValU00D-5CHig-I1v6CCp2aTysCsB0YYZMAxdaVZNGg0JIq2C6vNhNDjpBrsjKi8-lO551-CSxf&sai=AMfl-YQ_mP9i57gPw9M0p2QzoD4UGscrQKOz5PBiV2TdunfhDXjQhs9AxSzxtx4FiKFACEbhVD9vxA_pOH6g-YRwtMWWLiwauvEPkLwiSw&sig=Cg0ArKJSzLOp_s9NbvPiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame 7C21 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:01:44 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:30 GMT
server
nginx/1.12.1 (Ubuntu)
age
1123
etag
W/"6499300e-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Wed, 04 Oct 2023 16:01:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C21 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:20:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 062D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 16:20:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6FB1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
408
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:13:39 GMT
expires
Wed, 02 Oct 2024 16:13:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 37D6 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
813b98163695192116b59c0c4b935e4cdefd189d670af3acb8f0c7f7a22c96db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nzD1Sa0pXSfhdlDnCFTS2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nzD1Sa0pXSfhdlDnCFTS2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 16:20:27 GMT
expires
Tue, 03 Oct 2023 16:20:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
native.js
s.yimg.com/dy/ads/ Frame 7C21 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
BRJ3FWP3890TWT6P
age
103
x-amz-server-side-encryption
AES256
x-amz-id-2
het4+EdPJbqzDgaoHncgCMtnM6RFNnkARuH9iflT4k3vfBlb4hJBuGziDWZ88KeOV8JKshOliAo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
truncated
/ Frame 7C21 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e165c5132b21980277feb3051e4c31b627d4b4bc3c2ec1ae90a9a7481819b40a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 37D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=2570449748270877&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 6FB1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:15:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 15:15:44 GMT
async_usersync
ib.adnxs.com/ Frame 61F5 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:27 GMT
an-x-request-uuid
7000b6b0-170c-4e9c-804d-cd647bc8fbc5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.172; 45.12.222.172; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6FB1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YYOkoQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame BB68 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230928&jk=3894423243177422&bg=!dXaldjnNAAYEJRtnJCU7ADQBe5WfOJDLuutZNyKlOO85KEjg-DAyiIIjMcq1Q2IX2NC-oQU7_gxrk7ix9JUkSayQ8UO1AgAAAIxSAAAABmgBBwoAX4PRusE9PTUNPnJh0bqhObc1hO_XfpeCoajfCceN5HMskWd-zBwZSS4qGDCVXJfVRtItZkjomI7wJLUvGcBFCDlsWeahklHYNS5ez5Q1n56msDDZTB-5R8I3-xWEiLnYmQLOkWC6G7kt5qUUeDJuu4eWKP13HfiTAh3lUTsc-uAiQnkxCNgYxhGUopMpOfiikw2aIw4Na2g7CrbSCe03PF0i2EyEYlQvRgYH6oAEiKj_1FjHThx2-o2JiqP4SjBunb2mmEj1AinBkJXFqTV_Met4CsxJyrYPn0g29NuMhnVnxSnS5933DESxbaBmGU5bngzQvm1CO_vzNimUSIkogw-Bi5LCysoR76qzKNwqni3NWzQx3_wWHDcqFi5uBqSDPj0v4mSp-WBeBPyl4EA4zWOCXmYhXV1ZbT4JWNRjiRkVvCREX6rJQuZ9Vqei9gZclDysxvVTrYsDNaPbUkSd92pCPV5H5PEAjsMHw_qX5YG2Hltu4rxxV9BYEXYi7aN8oFwagD-h5xZEOdWkcDvsqY60rB693yTIVkVPE4HTVvQnykd4odOtPw5fLYn0jaE0cf1Az25luE_sD5qCDnTXKL5-1zhUZ-_dSSqZMDGkR04ZS96qRV--DKg9QRlgU08AEgjFlp8VfwtjYG1dL7mCLXA-k4u0CCXLFGkosfOW7DFxY4iG9KfYj7zybQAf80TRmE5CtZ7USssnNZyR7_jBMQeJAoujTikpiBxCRxYcfIB3S7p8RY-Dfc1Cl2qXLzaEs5MA-e6fOn8H8oNiImSU_l8hSZk0gRcPcrOLsenyz4deDjiGhr2Yjmt26qM8GQvjnZY-IYi3MbJPEddr_J2vRdBApCo14gj6kO0K8zoFr9l3Uc9WVNBFvnjOKcuxIyRUn8A8QAbXu_EHGUlLEAPp_Uc_CMPihEgr1wqvhNU7BWdcO2O5dw87oAxcM2fazSLanCNHWkAVbZ5cVV1FVfbQy6tpgloNsRH0nEEZSA0HmctOmIwoNb7eq_uHGhb-ehOq20Of9OiVzgCtYUk0pMHxi5wM0mfiVGtPLLatsfo1N8v0Qm-dNNE2Zn0YEU-dHEJPNA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 7C21 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o2.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
f2be64f4bb09d1f9ed9d96a89b369e66d39e161f1cbe1707fd9d81914bf5656b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Tue, 03 Oct 2023 16:20:27 GMT
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
41
x-xss-protection
1; mode=block
x-request-id
d15f651e-b1c1-48be-8760-d8eebde2ad95
b
geo.yahoo.com/ Frame 7C21 		43 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:27 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
ads
pubads.g.doubleclick.net/gampad/ Frame F37F 		1 KB
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F11440465%2FThird_Party%2FTP_VAST_8&description_url=https%3A%2F%2Fzeenews.india.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2895465074119919&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=66034AE2-D202-4A27-91BB-77AA2EECCDA6&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604%2C44802401&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&dlt=1696350022203&idt=2889&dt=1696350027786&cookie=ID%3De251d757ab4d7eed-220fa0cd2adf00e3%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MYoYkByHafrW2Tp9Ly3XH9rrch1WA&gpic=UID%3D00000c8ba1258626%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MaZRM7jfJawRk8s4u3qyOCy4eYDJw&scor=3240992090840510&ged=ve4_td6_tt3_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95b79271f9db2bf9ce2ed28ccfa15349c84f619283c67e678e9c1ae4f21cf73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
851
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642
s.yimg.com/ys/ Frame 7C21 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ys/SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642?cb=ygscb
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 13:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
RWAZ2EBF32HP1H1D
age
2170774
x-amz-server-side-encryption
AES256
content-length
822
x-amz-id-2
XhlAO3ZTXj1EeGCR1GlIYewQXmzYlo8KAAIpssoiQK0GO46rAmiico2R4HdzA9i8DlXjKP8z0h4bhf/iY9vp3g==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 04:05:54 GMT
server
ATS
etag
"fa2aa91ba592d1ae8a4853ad8af8677c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, stale-while-revalidate=30, max-age=2592000
accept-ranges
bytes
c03eeac88e8977a425bd69ce24d09abd.jpeg
s.yimg.com/lo/api/res/1.2/Mp4fSIaZNxll2OAjInJ5fg--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ Frame 7C21 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/Mp4fSIaZNxll2OAjInJ5fg--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/c03eeac88e8977a425bd69ce24d09abd.jpeg
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
6e221e5ccfecc9a8100d2d208d8ec50091e72c44cbf9f94845d44089c4b2f794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:59:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
age
379241
cld_latency
1
edge-cache-tag
222951996107104588174818265057241370295,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
cache-tag
222951996107104588174818265057241370295,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
HIT
x-cache
HIT
expiration
expiry-date="Tue, 27 Feb 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits
1
content-length
20310
x-xss-protection
1; mode=block
cld_by
cache-iad-kjyo7100062-IAD
x-served-by
cache-iad-kjyo7100062-IAD
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 30 Aug 2023 06:46:38 GMT
server
ATS
surrogate-reporting
width=402,height=210,owidth=1200,oheight=627,obytes=150003
x-timer
S1695970787.719274,VS0,VE1
etag
"b4449e7526e75bb139c8b2bfe755ae76"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
gemini.png
s.yimg.com/cv/apiv2/adbuilder/ Frame 7C21 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/cv/apiv2/adbuilder/gemini.png
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 18:22:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
DMX2ZYDQEC1J8Y81
age
2325483
x-amz-server-side-encryption
AES256
content-length
3328
x-amz-id-2
IwE/n6tlKto/3nyTDS2i/KUQHwvfx5brO1Zez2rsmuykmJywtuYjzFjykVt6fV8oneueFimuX04=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Mar 2019 01:45:46 GMT
server
ATS
etag
"99f89d94ebcff9a04ef4c4174c7bc13a"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
truncated
/ Frame 7C21 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 7C21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty4CFxy_kzSQmZvxsbNIlpb8kkNkbG1bNxjJqXOj2vPUT0KH-k8ND1kEipBu7Xqt4bB6i06_r02uAYbfFhaATS62ZuRAi5PnLxWSJ93OXIpY7ALB7gNzNQXUAqhnuVhJm8vi7by5WLSGZ20mhVw_Px_fEXKXhD6S_we-ACjCquEJsIV5t59S1JipOQUd0lBoLQbl0E4_SHFeFa3OWr_FsIdymg9kHdkKUsdXAfurjj9xGyypwGYsIWiunWkk38N4fsaqMwcfjHTB2r_toeAMM-SaKiRfVSiEa5_DuO0-ic72l0YgwWiyB_adM-dCdmSy5CGy5qsrcFDP2V6l4&sai=AMfl-YSvinE5pTfzLZVgjmblUPKauPvOyCaZ04eXZ1T3PnMfrxxfISEbx_296HlR3-n0BljU7IsvmTRHy8964ILOFqPK9VqAatyAj9fwSw&sig=Cg0ArKJSzGGxz8HDc5CaEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 03 Oct 2023 16:20:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 062D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=2570449748270877&bg=!HxylHFPNAAYEJRtnJCU7ADQBe5WfOH6RzJ7-R_4MiP3I3TwkQL62j4_fsXjWvwI7K61TofPqUHTcHSXe3Z4apsoHVw-vAgAAAFJSAAAACmgBB5kDBla3mVVC4Omz2guzErQLEoMGveCq8ciIXffO0_G-PI31ukSP9Bu3uJL0qoBWvlf55eYCttmqgS0pMceAjyw-1IuvMQYZ_-ojoGnID6OHLNbFSl766FcYEjAPxLge3SNhz2Sbk2Ru8yTlEnoW-jIvvsHPtO6XMfqVy9Ma-Y76JmfxKsDVAJ2UhLrBMKe9xaIAMSwIqhdnu1S5qtv6kd93h5AUFc9vej9XhpLe5ecrGbsbECSPDUTV58t9EP4c5_zf42kDAOTov0gr1eVInDr3snSLhcQ3Qxbo0fMoXa9JijoBVIGdUOLoF_Nu2X72WQd-q5tjGfT1zjdrFZ-ZypLEDkzIbVBuoSC2D6phYGYZtOIyFXlfujLo_AKvJa4MH927ux8pQkiqfT71T6mIBQmqCRz9NtEIl2xvfW2a64cmV6JgE6gIN1ibujGIBet_FKJ1BPwzauE-ok5KKhm-_4yN7NrsIzRtVwx5Ywj66cXYr89pe1A_GjZoMYqnQEd-OKiNABWwcH5yNWvjgZYlvSsVyBo1NKIvWMlT8eXZyuq9iDSA8spZXXvXdHsqstPIqdThvpOHaXltfzw9-L3ZbQiAojIRFkRZLJwRDLYRV3Ez20CXmyGTGnc4kS-c6pc1eBkGsOxrZ_x19oBDnNJoxPEAqI3k8T8LbP4GZLMMWiAjGA4IBFQzYF3zk8tdYnGnapPYatiolhQmKoZ66eMCcvBkvIQ-OlGaVYZo6P98wWlQBAc20md1o52JzaGE0pMSNbgg_uFFF11zpLflfo6CQs7m1LJ_tlTyjqBM7MVnbhgRBfT2R-9WGau4lRB7tGU_GFReSzAhFFVqXg8HHwbp0o5nDQaN_6FRiB4rx1t6nvonFWx_5msTVIXTh_mmWDsLhbXs6aMPtSorTL8mQ6Z9_LIvbl71FdVx-mEGCEoP4DYMoWmXWtxNIiT5QV7zQfJBKmgiM6WK1pbwkQ2aY3DWflBKaCzz1nLDy743sedbiG73HAEeajoCuOzjKzvCSNOcX0WEmHityMyOZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame F37F 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=66034AE2-D202-4A27-91BB-77AA2EECCDA6&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604%2C44802401&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&dlt=1696350022203&idt=2889&dt=1696350028571&cookie=ID%3De251d757ab4d7eed-220fa0cd2adf00e3%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MYoYkByHafrW2Tp9Ly3XH9rrch1WA&gpic=UID%3D00000c8ba1258626%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MaZRM7jfJawRk8s4u3qyOCy4eYDJw&correlator=411805126408056&scor=1992173098587902&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video9.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		339 KB
340 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:28 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-199
cdn-cachedat
01/30/2023 07:35:59
cdn-pullzone
829957
content-length
347236
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
275
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
82d4657352f1125eede557e4259561ed
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
csi
csi.gstatic.com/ Frame F37F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnaj09xa&c=8622720980039&slotId=4311360490019.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604%2C44802401
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 77AD 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696350029166&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1558&pt=237188176&tz=120&viewable=true&ddast=V8teECLAZofWdBUrJG3RHQ-s6CpGSNuisAAABgYID-AAktTCPnauRxaya-lVs0sS3cwsFksRa5Jp6FcbdxjEyeISChhWnkXI08bs3Et3KLJraFWziYLNYi18SzMO42jpHJMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZvaDodPte9Xvf73SU-z1zj9yv8yodb-XQLn27lw-_WOvxukdPhd2teb-Hr5dYcXXafW-KyuyWut_DpljjsbonTYXerXU63xOmWOh12t9Zh97l1LrvPLT367T638uG3C01vsx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cA8Myh4M2ml90fAAAAAEAAAAAAkABAQD8sARBjvHfi_________z_GAH3mjYz_____GwY9AB58ADwIAQAA-BhyMFt9U2L-HkekALkIIwAAAAAtDN6sRybpBBWLKv____1WAK4AAAQo2l-x9GXRHZR4CwMAACAwZoEeFr_f7LBr_G6X-f________8383_mH41Qj5lZGiB-5mY1v4AAAGt-AQEA2KgbAIA3AnCCDkErBoPVCYjZAQAAALjz____rweELJaFxbUxTWwOz8LhGDlmq9Fos5h4bCvTxGVYbk9Cp5UDGdMKZJ8NYZn9voOCcnp6zC6DjOUyGcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RHA5QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8kx8C-dwuFaZNja3aOPbuCU2z8atnBg2ltHIZfH4Nm7R62P6OFYb08a2RYIBdXuRPC3SiXJkGY4MM4txMVo5hrPlZrEaLhYzi8u3Ms6Mg4lFLNGcLNKJ7LIvWSwLi2tjmtgcnoXDMXLMVqPRZjHx2Famicuw3Jc8E9_CORyuVaaNzS3a-DZuic2zcSsnho1lNHJZPL6NW_T6mD6O1ca0se0bs-VssxoMJpN9Y7acbVaDwWSy79AZvqvP2agsqyQfmUTsjLm0N6dB4TJYvC_16TwsGAvmk-fo9Jk-z6LO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCK4SCeCh9ntML3cEp9n47eIJUrTRTrRK_zKh1v5dAufbuXD79Y6_G6R0-F3a15v4evl1hxddp9b4rK7Ja638OmWOOxuidNhd6tdTrfE6ZY6HXa31mH3uXUuu88tPfrtPrfy4bcLTW-zRSwRnC7SiehlPF3Uf9RAq7liMpdMJnPFbrJKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403gelT3P____84AAAAMnLoAQAA0O8DygIAAAAAAOBXEJPJbLF_ACrEWq1WtxtrtVoBC2qxGGwm8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!rbcatc_vA!ufm_vG!ul3345_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f732bc32a6a91aef8d822e23a7fa9541fe8646f38ee1004159db0f18d91cb944

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:29 GMT
content-encoding
gzip
server
nginx
machineid
1409
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39r0&_p=127493778&cid=383059617.1696350022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696350024&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&dt=%E7%89%99%E9%86%AB%E7%B3%BB%E3%80%8C%E8%A6%81%E8%80%83%E9%9B%95%E5%A1%91%E3%80%8D%E2%80%A6%E5%AD%B8%E7%94%9F%E5%A5%94%E8%A3%9C%E7%BF%92%E7%8F%AD%E3%80%80%E3%80%8C%E8%AE%8A%E7%BE%8E%E6%AF%94%E5%81%A5%E5%BA%B7%E6%9B%B4%E9%87%8D%E8%A6%81%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F37F 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=66034AE2-D202-4A27-91BB-77AA2EECCDA6&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604%2C44802401&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&dlt=1696350022203&idt=2889&dt=1696350029439&cookie=ID%3De251d757ab4d7eed-220fa0cd2adf00e3%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MYoYkByHafrW2Tp9Ly3XH9rrch1WA&gpic=UID%3D00000c8ba1258626%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MaZRM7jfJawRk8s4u3qyOCy4eYDJw&correlator=3420174321578861&scor=3263693146358705&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C499 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71536966&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5891b523d4bd1702f105f039a66a382d9db2c7bc2bd31fafd8c080f01a65bf67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 03 Oct 2023 16:20:27 GMT
content-length
1239
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 77AD 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63782051&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5891b523d4bd1702f105f039a66a382d9db2c7bc2bd31fafd8c080f01a65bf67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 03 Oct 2023 16:20:29 GMT
content-length
1239
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame A0C4 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 03 Oct 2023 16:20:29 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame D87A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=43068a6bda2346ea7bb715cdf8527dad&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 36CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 03 Oct 2023 16:20:29 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame C738
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 16:20:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 03 Oct 2023 16:20:29 GMT
expires
Mon, 02 Oct 2023 16:20:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 53BA
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3217481196
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3217481196
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 03 Oct 2023 16:20:29 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 03 Oct 2023 16:20:29 GMT
etag
RXc472eb64a5b44cba96ceb504af229e62003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3217481196
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
usersync
usersync.gumgum.com/ Frame 6417 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 03 Oct 2023 16:20:29 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame C499 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:29 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
810683464f489225-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame C499
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:40 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:40 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame C499
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=84ef86093be0eb3a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=43068a6bda2346ea7bb715cdf8527dad&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:29 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
mw
mwzeom.zeotap.com/ Frame 77AD 		95 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:20:29 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
810683464f4a9225-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 77AD
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:40 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 16:20:40 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
52799
stags.bluekai.com/site/ Frame 77AD
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=ace67d7e6206f574
62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/52799?id=ace67d7e6206f574
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 03 Oct 2023 16:20:30 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://stags.bluekai.com/site/52799?id=ace67d7e6206f574
content-length
0
match
c1.adform.net/serving/cookie/ Frame 8F83 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 03 Oct 2023 16:20:29 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame C73E
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=43068a6bda2346ea7bb715cdf8527dad&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 03 Oct 2023 16:20:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhjVQgbbhhVVXjTT&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame D4C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 03 Oct 2023 16:20:29 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 35EF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 16:20:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 03 Oct 2023 16:20:29 GMT
expires
Mon, 02 Oct 2023 16:20:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7900C4933484875A43E49AF0050F1A0&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 01DF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4215457303
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4215457303
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 03 Oct 2023 16:20:29 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 03 Oct 2023 16:20:29 GMT
etag
RXc472eb64a5b44cba96ceb504af229e62003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4215457303
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame C29A 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Tue, 03 Oct 2023 16:20:29 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=12611&tvi50=12261&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
66
date
Tue, 03 Oct 2023 16:20:30 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
65300
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230112-FRA
pragma
no-cache
server
nginx
x-timer
S1696350030.985151,VS0,VE66
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ads
pubads.g.doubleclick.net/gampad/ Frame F37F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1d3a4d56ccfb169a2d9d83be30989d82.jpg?w=800&h=600&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/97d1ed8d3e41f487f2c525f36c8f4174.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c9ec9f7a1e494bf7b0bedb47475b880f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e2654063ba2b8c44ec528072c79aea64.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/8f91a71ff32d125f60a8302f35c20552.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9fd0210f020b82863d6116496739802d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/47dc22bc02780370eb129ac4ae9b6344.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/2071ad06acda4988910955922513b2b2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/5dbb6f94afb61dff6b4406be609b58a9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f201040137fa55b2e60b8da99213018f.jpg?w=800&h=600&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/ae23b43703743ab7e30b848f93e8ea00.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ab6fef3cf6b600542d02f64a0a75cb51.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/7f1b7a44fda67cd8bde5fe80be9486b2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2cfa7d51ec920835e6d79c3039e32ae6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0cc6352291d9cf29a09e16298b96ff35.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/6847ad075153397e1b0fab2cc89bab80.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/aa55013bf0365c04ac2f3e14d57a3cac.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/a9c9004038aa3b4f44d1664fc0fd408f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/9ed75ef25ff37e0e3cfbeb3719d98c6f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/01c46e10f06b68766c46d9e8651288e9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b7fb3a1c467573f01006525c31f99a2f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b95049b36a754a118f29fd204cdbc4f8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/cdd360a02315177ea6d31ab25a880f80.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202206/5a45a59892da7389abfc4fc263d8ea92.jpg?w=150&h=100&q=100
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
2b8db313f9ceb4a4f0c4b1e8b98d363a.safeframe.googlesyndication.com
URL
https://2b8db313f9ceb4a4f0c4b1e8b98d363a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F11440465%2FThird_Party%2FTP_VAST_8&description_url=https%3A%2F%2Fzeenews.india.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3575166853708742&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=66034AE2-D202-4A27-91BB-77AA2EECCDA6&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604%2C44802401&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fya-yi-xi-yao-kao-diao-su-xue-sheng-ben-bu-xi-ban-bian-mei-bi-jian-kang-geng-zhong-yao.html&dlt=1696350022203&idt=2889&dt=1696350030339&cookie=ID%3De251d757ab4d7eed-220fa0cd2adf00e3%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MYoYkByHafrW2Tp9Ly3XH9rrch1WA&gpic=UID%3D00000c8ba1258626%3AT%3D1696350023%3ART%3D1696350023%3AS%3DALNI_MaZRM7jfJawRk8s4u3qyOCy4eYDJw&scor=2458639152648377&ged=ve4_td8_tt5_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| unibots function| _statcounter object| AMP function| _typeof object| TRC object| _tblConsole undefined| msg object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| adRecover object| googletag object| ggeac object| google_js_reporting_queue object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| regeneratorRuntime object| totm object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| google_measure_js_timing undefined| $ undefined| jQuery function| jqAlias string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| runAnimCheck object| google_reactive_ads_global_state number| google_unique_id object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| Criteo object| ucf object| request string| paramsString function| quantserve function| __qc object| ezt object| _qoptions function| checkFrameandInitStartFun function| processData string| nam object| placementData object| cmTag object| _cm_wfCounters string| lastWfUrl function| startCMTagMain string| category boolean| descriptionPage function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ubp_pbjsChunk object| ubp_pbjs object| _ubp_pbjsGlobals object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| io function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun function| clientJsFunction object| _google_rum_ns_ object| google_persistent_state_async function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| vttjs function| WebVTT function| videojs object| $jscomp object| canAutoplay function| videojsPlaylist function| videojsIma function| videojsContribAds function| isValidVideo string| myPlayerGabywa object| oldScript object| attr object| closure_lm_39047 object| closure_lm_116349 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 function| prepareAdRequest

160 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1696350022.75D7026B35484FDB2C481138207B7BEB.1.1.1.1.1.1.1.1.1
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1696350022.1.0.1696350022.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.383059617.1696350022
.statcounter.com/ Name: is_unique
Value: sc12918656.1696350022.0
.statcounter.com/ Name: is_visitor_unique
Value: 1696350022748920487
www.bg3.co/ Name: __AP_SESSION__
Value: 167430fa-7816-4d9b-abdb-f3b26a44b109
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: c4339307-f130-429f-9f9f-09337f48992e
.prebid.a-mo.net/ Name: __amc
Value: 1_1696350022_1696350022
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwx_7wqAY4AUABSAEQx_7wqAYYAA..
.adnxs.com/ Name: uuid2
Value: 4100453253981970744
.omnitagjs.com/ Name: ayl_visitor
Value: 4ee8a36d00747ba48c66715c5afd1ccb
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dd3b7a988-e4cf-4c7c-bf3c-9b0c24debc7c-tuctc15c4c6
.rubiconproject.com/ Name: khaos
Value: LNAJ06TG-6-27CT
.quantserve.com/ Name: mc
Value: 651c3f47-22ebe-87443-f27cf
.teads.tv/ Name: tt_viewer
Value: 27ab1324-3f65-4aa6-8075-9b60e94ac5e9
.bg3.co/ Name: __qca
Value: P0-1523039640-1696350022984
.aralego.com/ Name: sspid
Value: a8e44f0a-5198-33c7-8fd9-6f3707dae864
.aralego.com/ Name: euconsent-v2
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUk_7O4_eP1J1CMjEI0QIuuT4GlSlYVFFHfV8HTH6fZS_HuEV8UKy-wqOp6oVX8
.bg3.co/ Name: __gpi
Value: UID=00000c8ba1258626:T=1696350023:RT=1696350023:S=ALNI_MaZRM7jfJawRk8s4u3qyOCy4eYDJw
.bg3.co/ Name: __gads
Value: ID=e251d757ab4d7eed-220fa0cd2adf00e3:T=1696350023:RT=1696350023:S=ALNI_MYoYkByHafrW2Tp9Ly3XH9rrch1WA
.adfarm1.adition.com/ Name: UserID1
Value: 7285767875650060647
.yahoo.com/ Name: A3
Value: d=AQABBEg_HGUCEElxIDSRuJGIaK2ZAeias1oFEgEBAQGQHWUmZQAAAAAA_eMAAA&S=AQAAAlJEg9GTP0Uqxk_PgY7iQ0k
.casalemedia.com/ Name: CMPS
Value: 2126
.casalemedia.com/ Name: CMID
Value: ZRw-SCSPpF-G21atZNsmTAAA
.casalemedia.com/ Name: CMPRO
Value: 5268
.bidr.io/ Name: bito
Value: AABmz07KOH8AABk7MLziSw
.bidr.io/ Name: bitoIsSecure
Value: ok
.adfarm1.adition.com/ Name: lv_5626024
Value: w=4787112|t=1696350023
.primis.tech/ Name: csuuid
Value: 651c3f484ba73
.linkedin.com/ Name: bcookie
Value: "v=2&6518da3e-8a08-4c0e-8560-0e0973ff9c1d"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTYzNTAwMjQ7MjswMjGSpCPwh1eT29ZWRz7zs822mpurhyL+NE+aeOV8mYstVQ==
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3139:u=1:x=1:i=1696350024:t=1696436424:v=2:sig=AQH3YL4dPbXI7K6I7WSHXMgcx7_pbeH3"
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1696350024.1.0.1696350024.0.0.0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adfarm1.adition.com/ Name: lv_5609187
Value: w=4389191|t=1696350023
.hb.yahoo.net/ Name: data-mag
Value: LNAJ06TG-6-27CT~~63
.ipredictive.com/ Name: cu
Value: eb13e72f-8bb6-46fd-8ce8-f13dadae30d8|1696350024580
.amazon-adsystem.com/ Name: ad-id
Value: AzMVRUt2-ELcjiAF6Ut-SZk
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1696350024.1.0.1696350024.0.0.0
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-03T16%3A20%3A26%22%7D
.openx.net/ Name: i
Value: 884bb9e5-f4b4-0dcc-0220-977da338c41a|1696350026
.servenobid.com/ Name: pid_339
Value: y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
.servenobid.com/ Name: pid_337
Value: y-sHKPQXRE2uGBSPgznltPuA1sdKQpdLS.kujySl8-~A
.openx.net/ Name: pd
Value: v2|1696350026|vMgavPkWgyiK
.servenobid.com/ Name: pid_333
Value: ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB
.lijit.com/ Name: ljt_reader
Value: HbM0uRZHHfwyd5VITQmlFCO2
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.servenobid.com/ Name: pid_312
Value: 4100453253981970744
.smartadserver.com/ Name: pid
Value: 3431954353506989175
.gumgum.com/ Name: vst
Value: e_342d5427-b653-4393-bb7b-5560445a6820
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjAwMTC3NLIwMxfiM9Q1LPEpibIwNUgp9o8AAI6J-iAlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjAwMTC3NLIwMxfiM9Q1LPEpibIwNUgp9o8AAI6J-iAlAAAA
.servenobid.com/ Name: pid_353
Value: 0000EEA
.bidswitch.net/ Name: tuuid
Value: 064e09c4-747f-41dd-8df7-aa6886c11942
.bidswitch.net/ Name: c
Value: 1696350026
.bidswitch.net/ Name: tuuid_lu
Value: 1696350026
.servenobid.com/ Name: pid_324
Value: 5124322328791702166
.servenobid.com/ Name: pid_317
Value: 3431954353506989175
.simpli.fi/ Name: suid
Value: F7900C4933484875A43E49AF0050F1A0
.servenobid.com/ Name: pid_310
Value: HbM0uRZHHfwyd5VITQmlFCO2
.turn.com/ Name: uid
Value: 4271883361042746048
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
.pubmatic.com/ Name: DPSync3
Value: 1697500800%3A201_245_241_235
.contextweb.com/ Name: V
Value: XpKA9M9avpgA
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0eaf0c07f8bcc68b
.creativecdn.com/ Name: u
Value: W237bNMB3dWIoFt3dbV8
.creativecdn.com/ Name: ts
Value: 1696350026
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003%22%7D
.quantserve.com/ Name: d
Value: EOYBCwGMKvijAA
.adform.net/ Name: C
Value: 1
.ads.stickyadstv.com/ Name: UID
Value: bea94eaac4d9e8ca11914f1e12f5c857
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZRw_SCSPpF_G21atZNsmTAAAFJQAAAIB
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlmbGpgYGRmbmL0C5lvZmAEAMuAXUMgAAAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2e9s:19e0~2e9s:196n~2e9s:18z8~2e9s"
.ctnsnet.com/ Name: cid
Value: 1be88fedbe054e40afee0f06768e2d07
.servenobid.com/ Name: pid_316
Value: FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1
.go.sonobi.com/ Name: __uis
Value: 7cb1ebc1-8c0b-4b63-b07a-37c13a5156bb
.go.sonobi.com/ Name: HAPLB8G
Value: s85121|ZRw/T
.yellowblue.io/ Name: wrvUserID
Value: lCAdLR0zkp_s
.dotomi.com/ Name: DotomiTest
Value: 3d22d84a2d6e1734
.360yield.com/ Name: tuuid
Value: 112dacbe-dbd4-4045-8a8d-67f1a1e39eae
.360yield.com/ Name: tuuid_lu
Value: 1696350026
.metadsp.co.uk/ Name: ruuid
Value: cc6f9897-7213-4ba3-a466-1aa04a3dff21
.metadsp.co.uk/ Name: c
Value: 1696350026
.metadsp.co.uk/ Name: ruuid_lu
Value: 1696350026
.weborama.fr/ Name: AFFICHE_W
Value: TiTHeumUDCNO93
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: a94c0a23-b58d-5214-9db9-16e9f8a529a3
.betweendigital.com/ Name: ss
Value: 1
.minutemedia-prebid.com/ Name: wrvUserID
Value: noIdLLj-Cp_mm
.adx.opera.com/ Name: UID
Value: OPU99ebdce51a454f38a569b4b461737c99
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZRw-SgARzSmMeQBV
.adform.net/ Name: uid
Value: 6612935009356825541
.sitescout.com/ Name: ssi
Value: e76a5eff-d486-4a96-80a6-d0117a1bf20c#1696350026823
.servenobid.com/ Name: pid_332
Value: 7cb1ebc1-8c0b-4b63-b07a-37c13a5156bb
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003%22%7D
.betweendigital.com/ Name: ut
Value: ZRw_SgAM4OC36kk_vv_6XZqas0V1POh-vZQ2cg==
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-c669641f-8e08-31b6-ac60-f89a647c57ec
.servenobid.com/ Name: pid_352
Value: lCAdLR0zkp_s
.3lift.com/ Name: tluid
Value: 3084296709723666376038
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4100453253981970744&KRTB&23339-4100453253981970744
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7285767875650060647&KRTB&23369-7285767875650060647
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4271883361042746048&KRTB&23150-4271883361042746048&KRTB&23527-4271883361042746048
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHzEuqU2LFKgNLUuZEAAAAAAA&KRTB&22713-AAAHzEuqU2LFKgNLUuZEAAAAAAA&KRTB&22715-AAAHzEuqU2LFKgNLUuZEAAAAAAA&KRTB&23519-AAAHzEuqU2LFKgNLUuZEAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6612935009356825541&KRTB&23263-6612935009356825541&KRTB&23481-6612935009356825541
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFrWzOKB5PrleQOuivT8SZ8&KRTB&23025-CAESEFrWzOKB5PrleQOuivT8SZ8&KRTB&23386-CAESEFrWzOKB5PrleQOuivT8SZ8
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ILaQ7CXllbg7sZPqdOaMtyG3lbw75ZO4deV9ItkA&KRTB&19420-ILaQ7CXllbg7sZPqdOaMtyG3lbw75ZO4deV9ItkA&KRTB&22979-ILaQ7CXllbg7sZPqdOaMtyG3lbw75ZO4deV9ItkA&KRTB&23403-ILaQ7CXllbg7sZPqdOaMtyG3lbw75ZO4deV9ItkA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5133329528040792867
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU99ebdce51a454f38a569b4b461737c99&KRTB&23485-OPU99ebdce51a454f38a569b4b461737c99&KRTB&23524-OPU99ebdce51a454f38a569b4b461737c99
.pubmatic.com/ Name: PugT
Value: 1696350026
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NjM1MDAyNjg1OH0
.adsby.bidtheatre.com/ Name: __kuid
Value: 5fc9781a-d716-4588-bf40-93bc141034f4.465564026
.de17a.com/ Name: guid
Value: 1.7775699054741716146
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1n7n|7dN.0.AABmz07KOH8AABk7MLziSw|7bq.0.1
.servenobid.com/ Name: pid_348
Value: noIdLLj-Cp_mm
.servenobid.com/ Name: pid_321
Value: RX-c472eb64-a5b4-4cba-96ce-b504af229e62-003
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-e76a5eff-d486-4a96-80a6-d0117a1bf20c-651c3f4a-4348&KRTB&23418-e76a5eff-d486-4a96-80a6-d0117a1bf20c-651c3f4a-4348
.pubmatic.com/ Name: SyncRTB3
Value: 1696896000%3A15_223_2%7C1698883200%3A203%7C1697587200%3A35%7C1697155200%3A63%7C1697500800%3A166_21_233_46_249_204_81_55_220_54_8_214_71_176_3_13_56_238_254_161_251_22_165_264_234
.pubmatic.com/ Name: pi
Value: 161683:3
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 43068a6bda2346ea7bb715cdf8527dad
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7775699054741716146
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.smartadserver.com/ Name: csync
Value: 49:7285767875650060647|127:AABmz07KOH8AABk7MLziSw
.outbrain.com/ Name: obuid
Value: 772ba753-1df5-46da-9f70-996275956b2e
ads.playground.xyz/ Name: connect.sid
Value: s%3AtxBUf9T5PO96PAvoA0B14GoveGKT-nHT.t3Arpq2pDFmMiEVM1ApwxReLtlM0EljUi3dNrf%2BgjqQ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoyHEU7L7C6flqbBgMWySGKnddJL2ro259nQzSmeaMh0RFiF7wrSocGaGpIWSLMGcohVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.zemanta.com/ Name: zuid
Value: DeCr5RPIDf5RVw8Xds1k
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-73f9e74a-1c2d-5408-7c31-b11ae59682f8.DZtf7e0KKAasuv3Kfl2TyVlEH9uOKYOWK%2Bu8OwUiLdg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-73f9e74a-1c2d-5408-7c31-b11ae59682f8.DZtf7e0KKAasuv3Kfl2TyVlEH9uOKYOWK%2Bu8OwUiLdg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ac_nnShwtVAh8MbEa5ZaC-C0M3qw.hnPB%2FZtPs9Ajx4t%2Fsr3rIBoJ4MPGdcjdDKvIR0IbLCs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ac_nnShwtVAh8MbEa5ZaC-C0M3qw.hnPB%2FZtPs9Ajx4t%2Fsr3rIBoJ4MPGdcjdDKvIR0IbLCs
.servenobid.com/ Name: pid_323
Value: LNAJ06TG-6-27CT
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABmz07KOH8AABk7MLziSw
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-c_nnShwtVAh8MbEa5ZaC-C0M3qw&KRTB&23334-c_nnShwtVAh8MbEa5ZaC-C0M3qw&KRTB&23417-c_nnShwtVAh8MbEa5ZaC-C0M3qw&KRTB&23426-c_nnShwtVAh8MbEa5ZaC-C0M3qw
.us.ck-ie.com/ Name: CID
Value: 6bd911faa366cb0f3ef9278196a4e9d0b89a13e8
.tribalfusion.com/ Name: ANON_ID
Value: aOntPKSyZaRHRT8vnPIvClrZdgIqT8vvT4w0p6Yf4MdhjZd8arZcuc0RZdsWxjheRlPKhxgnCivbAI719nIpYFfxcQuZdUDda4
.servenobid.com/ Name: pid_309
Value: e_342d5427-b653-4393-bb7b-5560445a6820
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFfmwgzuAmxxYy8b38bHMACRSyK88MyT8gOkF33LZF7TEHwYBCDL_vCoBjABOgTwi70wQgTNVgPO.ZjF7Gv4c4J1m2fOXjcWZyhxuStA0OHzD3Ral%2FyVZXYg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFfmwgzuAmxxYy8b38bHMACRSyK88MyT8gOkF33LZF7TEHwYBCDL_vCoBjABOgTwi70wQgTNVgPO.ZjF7Gv4c4J1m2fOXjcWZyhxuStA0OHzD3Ral%2FyVZXYg
.shb-sync.com/ Name: smart_usr
Value: 3770a831-02ba-4235-90f2-fc5134da4d3a
.shb-sync.com/ Name: smart_r
Value: 32095
.audrte.com/ Name: arcki2
Value: d72pgZq-mCuSWKT2eS4Q9PlBQ!20220908!1696350027159!ip#45.12.222.172
.audrte.com/ Name: arcki2_pubmatic
Value: FBC0FE0E-08D0-4BCA-96AE-9F545B2FE0F1!20220908!1696350027162
pool.admedo.com/ Name: tuuid
Value: cacc5ec5-a0f6-4c11-b56e-6cd661df5d26
pool.admedo.com/ Name: c
Value: 1696350027
pool.admedo.com/ Name: tuuid_lu
Value: 1696350027
.smilewanted.com/ Name: sw_user_params_infos
Value: o0rxANzJCY1nm3c3vhhI9yBhBt5B%2BPitlLN3noDJ7RMoyfMc%2FeMFRSV6ueon5Vxc4UPEX%2BCsxeh66hHN4MWoa8DsSGAiLf%2FLB8iC2J34cGk7oE34hyWuDG0HYGTQSv0gBVOEggUH%2FV6iuf3Rg15x1MGj8zWfwiO4uuktWZxnF8Igrmoq1Vcxt5dGlTgzJNdgQRJGTBYzWYTQ%2BxbDsZAHlBX0%2Bm0T0eVDQdb1gLV%2FoU3WsoDiPerqEbya55foho8XtJvbo%2Fu8vixBShU2FAT42La%2FHxrlKhRHlozpSei4Po4n4wjajPYuN0gZmkKUfel3tuuS8QxH%2BrzLG%2FjA1VNZbgwbrWEK%2BmBhmcokO5DX%2F%2Fn3idlAKP%2BV%2FNhmIEyeK8ByMzGrrp7GFMm7qFr2du4xmddvACdjjX3egScTSLERg1NyoC4WHjPPZDWbelnU6lVa
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-064e09c4-747f-41dd-8df7-aa6886c11942
.bluekai.com/ Name: bku
Value: ikG99WLdcsD9XSz2
.bluekai.com/ Name: bkpa
Value: KJhz0X+03M9R9mY7iEFNXswxeUwssLnaJByYxER5CnHkFBHJLOlf2JNrrrMbZt2oh6AFyUUVZddMTOm21fM/RFvYidop6ypVmzt1cAqMF6lEpuJliT9iGW4cw3f2TA+4rrFDn4glYyJb+2gRhfPcx/d7rp8N/ynS5I4pLK+wwXIk9lvJK//GUCWjhDloRuj8lDSChNnmZpeaEc91YoQA93LdFkjOhGeU3rx+mlOHCE+UHgp0Nm2nj1unxhHAuHb6kRuY6ai6jaIPKDJl/H4fz+Ib1kzAuwkO3DEV3ziSfDGZSjrg6W+ysvQuVehfcVfsdpKftIKqsEIbdrWfXd7XKy9gqalT
.audrte.com/ Name: arcki2_ddp2
Value: d72pgZq-mCuSWKT2eS4Q9PlBQ!20220908!1696350027330
.socdm.com/ Name: SOC
Value: ZRw-S8Co5tEAAFCv6d8AAAAA
.servenobid.com/ Name: pid_346
Value: ua-c669641f-8e08-31b6-ac60-f89a647c57ec
.audrte.com/ Name: arcki2_adform
Value: 6612935009356825541!20220908!1696350027549
.richaudience.com/ Name: pdid
Value: b6878508-261e-4095-ac84-1zz1696350015
.pubmatic.com/ Name: SPugT
Value: 1696350027

29 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/5dbb6f94afb61dff6b4406be609b58a9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/47dc22bc02780370eb129ac4ae9b6344.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/8f91a71ff32d125f60a8302f35c20552.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c9ec9f7a1e494bf7b0bedb47475b880f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e2654063ba2b8c44ec528072c79aea64.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9fd0210f020b82863d6116496739802d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/2071ad06acda4988910955922513b2b2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/97d1ed8d3e41f487f2c525f36c8f4174.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1d3a4d56ccfb169a2d9d83be30989d82.jpg?w=800&h=600&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/ae23b43703743ab7e30b848f93e8ea00.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2cfa7d51ec920835e6d79c3039e32ae6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f201040137fa55b2e60b8da99213018f.jpg?w=800&h=600&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ab6fef3cf6b600542d02f64a0a75cb51.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/a9c9004038aa3b4f44d1664fc0fd408f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/6847ad075153397e1b0fab2cc89bab80.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0cc6352291d9cf29a09e16298b96ff35.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/9ed75ef25ff37e0e3cfbeb3719d98c6f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/7f1b7a44fda67cd8bde5fe80be9486b2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/01c46e10f06b68766c46d9e8651288e9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b7fb3a1c467573f01006525c31f99a2f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/cdd360a02315177ea6d31ab25a880f80.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202206/5a45a59892da7389abfc4fc263d8ea92.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b95049b36a754a118f29fd204cdbc4f8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/aa55013bf0365c04ac2f3e14d57a3cac.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EveWEteWkteGkteWFvLWthby1kaWFvLXN1LXh1ZS1zaGVuZy1iZW4tYnUteGktYmFuLWJpYW4tbWVpLWJpLWppYW4ta2FuZy1nZW5nLXpob25nLXlhby5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 498)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js(Line 10)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

073ceec2d61676674541e8ab5f743dd2.safeframe.googlesyndication.com
2b8db313f9ceb4a4f0c4b1e8b98d363a.safeframe.googlesyndication.com
980b793f5bf3899d77628a3b51e35358.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.sitemaji.com
ad.turn.com
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
casale-match.dotomi.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.socket.io
cdn.taboola.com
cdn.unibotscdn.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.yahoo.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imagesrv.adition.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pro.ip-api.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
socket.unibots.in
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
unibots.b-cdn.net
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
us.shb-sync.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
vjs.zencdn.net
wf.taboola.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
2b8db313f9ceb4a4f0c4b1e8b98d363a.safeframe.googlesyndication.com
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
csync.loopme.me
pubads.g.doubleclick.net
static.bg3.co
sync-tm.everesttech.net
sync.adotmob.com
103.231.174.251
104.18.25.18
104.18.26.193
104.18.27.193
104.20.218.77
104.22.69.131
13.248.245.213
139.144.5.218
141.226.228.48
141.94.170.64
141.94.171.212
141.95.171.142
145.40.97.66
151.101.193.44
151.101.194.49
151.101.65.44
152.199.21.70
162.210.196.208
162.55.120.196
162.55.233.29
169.197.150.7
172.217.16.194
172.217.16.198
173.231.180.197
178.250.1.9
18.156.139.59
18.66.147.106
18.66.97.112
185.106.33.48
185.184.8.90
185.255.84.151
185.255.84.152
185.64.190.78
185.64.190.79
185.64.190.81
185.86.138.153
185.86.138.154
185.89.210.141
188.42.34.65
192.96.203.13
193.0.160.130
193.108.153.21
195.5.165.20
198.47.127.20
198.47.127.205
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
208.93.169.131
209.54.182.161
211.120.53.204
213.155.156.169
216.52.2.16
216.52.2.30
217.79.188.21
217.79.188.46
217.79.188.60
23.201.255.110
23.212.88.20
23.218.208.23
23.218.209.56
23.218.210.30
23.32.184.180
23.32.184.192
23.50.131.75
23.97.225.52
2400:52e0:1e00::722:1
2400:52e0:1e00::865:1
2400:52e0:1e00::874:1
2404:6800:4006:80f::2003
2600:1f18:24e6:b900:1230:dee4:99dd:baf6
2600:9000:223c:1a00:6:44e3:f8c0:93a1
2600:9000:223c:8000:0:e06c:e940:93a1
2600:9000:223f:6e00:1f:4c18:bd40:93a1
2600:9000:2251:4a00:1a:5235:f980:93a1
2600:9000:25e8:6000:1b:5138:8a40:93a1
2602:803:c003:200::44
2606:4700:10::ac43:db6
2606:4700:20::ac43:47fe
2606:4700::6810:5514
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1288:110:c204::b000
2a00:1288:80:807::2
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a02:2638:d::2
2a02:2638:d::a
2a02:2638:d::d
2a02:26f0:480:f::213:7ed6
2a02:fa8:8806:12::1370
2a04:4e42:400::729
2a04:4e42:600::649
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd
3.120.96.101
3.75.19.28
3.75.62.37
34.102.253.54
34.111.129.221
34.120.63.153
34.194.178.11
34.247.233.198
34.98.64.218
35.186.193.173
35.186.215.140
35.186.253.211
35.204.74.118
35.210.239.72
35.210.53.219
35.71.131.137
37.157.6.232
37.157.6.237
44.194.225.44
46.228.174.117
51.77.64.70
51.89.9.254
52.18.182.246
52.211.253.239
52.213.151.23
52.44.10.91
52.59.116.26
52.94.222.140
54.198.183.8
54.72.115.16
54.83.160.255
63.34.177.0
63.35.57.217
64.202.112.31
64.227.64.62
69.166.1.35
69.173.144.137
69.173.144.138
69.173.144.139
69.173.151.100
70.42.32.95
72.246.169.24
77.243.51.122
77.245.57.72
8.2.108.175
8.2.110.33
80.77.87.161
82.145.213.8
85.114.159.93
87.248.100.137
98.98.134.241
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0f617c0cd92380e936d7649108858bdb2a87099bbe857647b70a80ec8c9cd0
0eff24c4c0dfd7d3d6b5f697a31a318c2aeac30b11434072aa4173fa04952d94
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5
108d5bf69f661dc1cd268f82db93e50a0fdac720a9b96c778d928835956064d9
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1372168a99e7dc0c00136cede8e83319b562d2726cd73231d382a2bb5dbec415
13ec901ae75eb060a41695cbaaece22dd49d196a1a260a04e06c9cfb4811dbee
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
1435d59c21d9849804e80e058bcbf2edebcb11c75eabcd28c2f14402ccf3ba6c
16c1a8284ac22bac6889f84dcbc193f8ffd78f080d9e4378406b3a67b6b555b3
16ee74e54ed4fc6ef7ecc38b845beadd752839bbf3b7c5c3ce0471c0711622ad
183dfec5cf1f6b3a375fda455ca34845f0dde81eb23330157e582eec0cca23ea
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1d9a990a2a2aba6243e0eb9e5771ffaa1c28daa936d6e835ece7812ac01f3beb
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
22448f459d343be586255d8f7f412d32ac59a854ee4a193e037170a55c7bccac
2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2bbbc4207f29d8c0eba0666730ad69c2c1369b2731d60f70a78dfb7adbe93cf4
2bd7def18e3755a9b28fea6a3375bb36833f8b7b0fa14e7395773e154424a1aa
2c3b078d430bab620b3b2b4fdc9c5586acca7ae247e19e7af6ee6b8cc10e288d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
3112999f3c49fd4b1cd9ae0a87069378f8d54c638cd6946c25bb8b5b30903f56
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a112c1ae56000b73691c6d1a1c3b6d3f2948c9beb86366b788257feb6e2593
3518aec29d9d15101a5c9a36164c0d18bf4cc9a38f870a5174ad9e3292201867
35d039f1c7b97b8b48833a12db7880b3fdc9a23debfd778299669f57fce38138
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37aa638d975433ed399c89193f3b62ef42f6af56fdb78702c7fabe63ca9586ac
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
3bd784bb1b4b19a5bab9e589cf577ece64242030d19f9c310e11648d02ee0923
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc
464857ce2cd39f577e1aee4380de452b3032f2746c94be5b8d71508e0733ca40
468007d409af599657f4624ddf4a6b4ad131099123551bfc51ea9275db67a1ff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b301ce279a842b7ad830152c18a8914cb098586018915c5d5e2372f32939c2
472873bfc7fdc0b159467112d2570b00395682df4ae8512df0f4f39aa3c6e2e6
478bf656d14a54eb37d140e2ab2035b97d3f48e9eeeae540661f1a0f4c44bfca
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
4865ab655137e66b9b58f697af6b13c2ec7cf714852668ede44150846143a186
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e642d00afcb3f47c8b418e9322522e6f32cb0bc6d0e6ff0f69bdb890a0c1e10
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
4ee797ac55455ff08f6d9dc8c733734b73e9f47cc1487230845a4bd02687b8b3
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e36641a19080622e16bcdbb895234da506068d72a77636fc1cd734d37d4c29
511eee36fe9776f3f991572906e39faa2d3b1df26d4ed2b0cc93ab455da78d66
51716e8bf4eb74f4bf2ec388040407572cb791289d6299a112e87657f68088af
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5891b523d4bd1702f105f039a66a382d9db2c7bc2bd31fafd8c080f01a65bf67
5980a644111865c17f116417e51593a3a427e7a25130c6029bf2da0d10d79146
59c12859eca282c159661e4bd57844a9fdb6a8739d341a485f2c41b7e6feed8f
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5a4a0b2d357363e3c4dcc8cef8dbb67b273ba61bad258a84d298968055bdce42
5e79e3732bbbae1bf9807c0bb412a312efaf38da68ca7a90e4558c192af2ee24
606d5229532ffaca80a36c777be6d88e0182c7b6790ea2a953868cc276931e4c
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63499d6c49a6a813ee86e89bdfff444d23c29917fc366ff8fa18ab7244fdfd2e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
686e25b07bf001dc76dff0ddcf9f4e4e429b4a0f168d3d72abc3696939e2591b
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6dbdad506c9135c1771abd56e7070028cae1d01bb18b6f15cb0743f264ced0f7
6e221e5ccfecc9a8100d2d208d8ec50091e72c44cbf9f94845d44089c4b2f794
6e3fa34990839e7c5fb9dd46aa37b80bd888ea11e32d116adcd670def665a435
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6
78cef58f0112d7b6ca4a0c8e16ae2bfa9e7b8ec0c0092c15aa53ff3b73ca251b
7a541d94de58ec4ebed17ba1b42572d46b492caf0ae8b11ad0b060e304b6a96a
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
813b98163695192116b59c0c4b935e4cdefd189d670af3acb8f0c7f7a22c96db
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81d81845497d49458e89486b94a5720228a885f7ed1fe5bcb1ba53bc22301d17
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
857e6634fbf836d254eea529af865d2b941255e26e3a43716414c811f8ba13a7
85976268a7ddb625c005e1ba67a7abc1b6306ea3f07052f20f814397d7e88c89
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a699c50dfb7042fb0b8b00489e1b467d26cbfb1cfed4c584503d4413f0eb30d
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f087a2d64fde28ecd95784b677c3ef5241a1c9c5beba6c0f40ac187fb3c7ca6
906ae728d9078876df2664b1d0d47975400fbe3bad207fef4a562d26cd50a680
90c5cb30608837e3f31706fad97926bf58dc6e8e586f25b26cd9575bb48f7706
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
92229e6e59ee39f9d773ac79333c5aa2fd71375f7006fc2ff214754ee16ca9d2
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9286e644d9ba9484d2293c04e0ebc84619d8d436d6c995642f18b7df9189cfb6
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9595163d2b730aba54f3c7834ddb69c701548f2730566576d4664b29f3cb07d5
95b79271f9db2bf9ce2ed28ccfa15349c84f619283c67e678e9c1ae4f21cf73b
963d8008acfbbb5c0323411e6bb0e73265e40a628b44dd1fbe44f6433cc47075
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
992400be6fb1bf1022df091d16168b01e7707c02c3723f2b385852898f3b3fdd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cdaca743c6e093b1c63ce23430a59a8642e95e1c279dcaa1a5eb44fab044bf6
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9de209d9f9f34aace4afa4888a57fcaf84c715d990a9709aca1e3aa126ee5415
9e375ee99a7a4af0cc927d735a33fbe22a1e130933d219144c8ee186cb3668bd
9e4d787d977deaa3b633bd08c19c485581b0696a29e3b97bad2f8be2a4b01cf0
9ec35e6b295b5a215d8e1d3772adf9be32b179c0366cd63388a019b99f0832ea
9f8e3daabdc6a334fbaf144d5ad810b28378bfaa9532bbe0a1b833996f54775f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a52f8196f53da810aa8dd44a33a4272cf8c483a7c24d5d1a5dd32a25d6ff13ae
a56c9ae8c8d3cabf870d50326f7741ca9049adc920a89c5c3fb2a76a2cfb844c
a595a70a7c50d21c4253c9e2b7cf37204ec07ad621fb3615960a1e730b85e516
a60571a59a4329d1aea983f97de4d70fb55f5b52b69aa17382a1473e51a8fcd3
a8647c3cdde2a08bb1de628a786e9607c1cfd69f8620f0b004b1e0eb13e9c501
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa64ff458d93e79b8853fd55ac7a09f6d6d1e102382f334d50a3c42c21717ab3
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ada6435de11f15eba4e529b72fcd1bb6bc28e68e58400715586648a9ca330c88
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b9332dfd35b7ef73d224abd884a0bf13cce6f89042e1a228fa12ee1ae97655
b376ae3aaaab994fb0ae5576f599ef9e374dd26004f0518ae5213ada66ddd23e
b60b0182287c737c56da3e2d3d201a5fd23c492e64a97f8456fff803f800d3a5
b803dfc3e59286d11b9956353ac92df4f8ff3f8baadac16e080e80c23a6faad0
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169
b995a6ed1c2aca7349e66a202e5416060d3cb6cd75143bbda4f71efd08e7c21b
b9ca88ff32a453c0d8a5bd64d52474826dd9225343b12bca882251daf5448682
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdfaf1d248b4e4b93894b61afe0f7aa8457fe3dcf7b57923ba36bb8159931214
be4d8091871d2fa3b3449d1cb4d5b609eecd29926ff53e1b10b5e8212cd0cadc
c0142b399cb277684abe027eeb471b5b092579d31c8fbe1a15914e142d68e014
c1046a7b5f56b3c23e1162005cfc50b1f0af39546ed1f194f63a1613acf2dea4
c15ccf4d265cf5f2b9bf8a4f591ccfaf190f264d0227fa1d37f4390fb14d5f87
c19a172ebf3d96937926b3aba6ad177fdea8e4cdd19acdc7fb056b15bff2d00b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c4fdd0f1c05515e5ffe58554e808dccc5b5b5aa42f0348d03bed6350a6aaf950
c501c279b40e2895740c35dd2aca24e3aa439605e5a663f782bad406129234c9
c8fdfd348a95fb4e85481e88f6b81c6adf4cd5c1a483412c67b3310c18277f01
c930218a7329f9a602afceefc667804448908afb5048d9db9bbb31ea85486562
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
ca7a8672a07fab48b90d072b49a0b88a112113c195f43526dd9ab8c60145ecd7
ccee0cdfa08b1ee2618fb5c97c7d202947f6f7015fcff81a067e0a5356f6248e
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6388c7f2943f39c5b6cb609bfa367efe2b2b47bbab1cfe8e7e57e9e67e3257
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d4ad80d7d73b7f24ebf06c45f0c0440cb9be0f663436a81dd259d4706d1e03a7
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
dea582ef1baf5e03535a91a5b3dc94658a3622fe76b34aa07634a7f3078ca007
df227e29694069527569f0fc540c01a65163493caaa33fda1a40d132c1055486
df8f5ceac07210857c47b64727c5abe725cba27e9701e9fac0ad38c021e6c27e
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0d9dcb0630c51f1e8bb9f1131d51c4b4bc5b31c28fd1e49526baa64a27388a4
e165c5132b21980277feb3051e4c31b627d4b4bc3c2ec1ae90a9a7481819b40a
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
e7e3417346ea531f7f1bf4e36bc79b11aaa3685eece0b1fed1f47152be48ba6e
e94a8e6e28e661a381e35833873364bd314bf411f8b9352b7384be5d58e72f25
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f2be64f4bb09d1f9ed9d96a89b369e66d39e161f1cbe1707fd9d81914bf5656b
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
f4a216dd4949d99919c7521bfa8843b050a2fb103bc03b2af2cc2c37ed05f757
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cf7f6b545e3bca01c1d76754a14719ce1329ab67177bd145767c2f2bc75fd8
f732bc32a6a91aef8d822e23a7fa9541fe8646f38ee1004159db0f18d91cb944
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
f89e829205e0bc7e6d98c46db7d83c847f5533809beb18f0df0875b158695cd5
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
fa23b7d5325e06f0085b3b46ad110499e513c9f2545de9e74b595a6b9491f836
fbece9bb2b1bfc60d3f3b00b26f9707d1fe0d0329daf3305206f12a6eb1967b8
fc039cc872b9d66044e9bca57840b0eaf717cd110bafe9fdb7d6487ce9f299dd
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e