urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-li...
Submission: On September 10 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 142 IPs in 14 countries across 130 domains to perform 696 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 754565.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
15 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
2 8 162.210.196.208 30633 (LEASEWEB-...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 152.199.21.70 15133 (EDGECAST)
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
40 151.101.129.44 54113 (FASTLY)
45 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (STACKPATH...)
5 10 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2600:9000:230... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
24 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
9 23.97.225.52 8075 (MICROSOFT...)
24 190.2.150.148 49981 (WORLDSTREAM)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 185.106.33.48 200478 (TABOOLA-AS)
1 141.95.98.64 16276 (OVH)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
3 6 2620:116:800d... 16509 (AMAZON-02)
10 104.22.69.131 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
3 20 104.18.39.155 13335 (CLOUDFLAR...)
1 18.196.65.44 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 9 51.89.9.254 16276 (OVH)
1 5 35.186.253.211 15169 (GOOGLE)
1 185.255.84.151 200271 (IGUANE-)
20 52.30.209.60 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 3.73.61.181 16509 (AMAZON-02)
3 5 147.75.86.239 54825 (PACKET)
10 14 37.252.171.85 29990 (ASN-APPNEX)
1 95.101.149.35 16625 (AKAMAI-AS)
2 178.250.1.11 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
1 1 54.38.197.123 16276 (OVH)
13 15 18.196.86.219 16509 (AMAZON-02)
3 3 203.195.121.142 7979 (SERVERS-COM)
1 185.180.220.208 49981 (WORLDSTREAM)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
26 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 141.226.228.48 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 10 35.244.159.8 15169 (GOOGLE)
4 4 104.64.126.246 16625 (AKAMAI-AS)
12 95.101.149.233 16625 (AKAMAI-AS)
7 11 2a05:d018:d29... 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:1f18:24e... 14618 (AMAZON-AES)
3 2a02:2638:d::4 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
10 3.33.220.150 16509 (AMAZON-02)
3 5 3.75.62.37 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 6 37.157.3.20 198622 (ADFORM)
2 5 52.94.223.167 16509 (AMAZON-02)
15 47 142.250.185.66 15169 (GOOGLE)
1 1 31.220.27.155 39572 (ADVANCEDH...)
4 4 54.167.186.89 14618 (AMAZON-AES)
2 3 178.32.210.231 16276 (OVH)
1 1 52.45.175.185 14618 (AMAZON-AES)
3 3 193.0.160.131 54312 (ROCKETFUEL)
5 175.110.113.211 49981 (WORLDSTREAM)
3 178.250.7.9 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 178.250.7.11 44788 (ASN-CRITE...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a02:2638:3::10 44788 (ASN-CRITE...)
7 2a02:2638:3::1a 44788 (ASN-CRITE...)
5 8 69.173.144.138 26667 (RUBICONPR...)
1 2 8.43.72.98 26667 (RUBICONPR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 52.46.151.131 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 3 178.250.1.9 44788 (ASN-CRITE...)
2 95.101.148.20 16625 (AKAMAI-AS)
5 52.57.130.135 16509 (AMAZON-02)
2 4 185.86.139.104 201081 (SMARTADSE...)
1 104.75.89.75 16625 (AKAMAI-AS)
3 5 76.223.111.18 16509 (AMAZON-02)
1 2 37.157.6.233 198622 (ADFORM)
1 2 185.255.84.153 200271 (IGUANE-)
1 3 52.214.255.27 16509 (AMAZON-02)
2 3 52.48.146.251 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 3.65.188.50 16509 (AMAZON-02)
2 4 64.202.112.159 23352 (SERVERCEN...)
1 20 198.47.127.205 3257 (GTT-BACKB...)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.35.237.75 16625 (AKAMAI-AS)
1 34.255.244.27 16509 (AMAZON-02)
1 3.126.31.96 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 185.84.60.20 198622 (ADFORM)
1 52.214.105.145 16509 (AMAZON-02)
1 3.141.87.90 16509 (AMAZON-02)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 154.59.122.79 174 (COGENT-174)
2 2 52.210.221.60 16509 (AMAZON-02)
2 3 2.18.160.23 16625 (AKAMAI-AS)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
5 130.211.44.5 15169 (GOOGLE)
1 23.32.184.180 16625 (AKAMAI-AS)
1 13.32.99.115 16509 (AMAZON-02)
2 104.18.38.76 13335 (CLOUDFLAR...)
6 6 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 34.253.17.140 16509 (AMAZON-02)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 23.206.81.43 16625 (AKAMAI-AS)
1 34.250.67.227 16509 (AMAZON-02)
3 23.32.184.192 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 18.208.74.11 14618 (AMAZON-AES)
2 2 216.52.2.48 32475 (SINGLEHOP...)
2 5 216.52.2.16 32475 (SINGLEHOP...)
6 7 46.228.174.117 56396 (AMOBEE)
3 3 2001:678:cb4:... 56396 (AMOBEE)
1 1 69.166.1.66 27630 (AS-XFERNET)
3 3 18.210.34.36 14618 (AMAZON-AES)
3 3 8.2.108.194 46636 (NATCOWEB)
1 1 8.2.110.24 46636 (NATCOWEB)
3 3 50.31.142.95 23352 (SERVERCEN...)
1 1 52.58.177.150 16509 (AMAZON-02)
2 2 3.76.148.198 16509 (AMAZON-02)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
2 80.77.87.162 46636 (NATCOWEB)
2 3 23.50.131.87 20940 (AKAMAI-ASN1)
10 10 52.50.109.207 16509 (AMAZON-02)
3 6 151.101.66.49 54113 (FASTLY)
3 64.95.96.108 32475 (SINGLEHOP...)
3 3 35.214.220.38 15169 (GOOGLE)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 17 52.210.15.1 16509 (AMAZON-02)
2 2 35.210.239.72 19527 (GOOGLE-2)
1 1 52.204.145.156 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
1 1 104.76.200.221 16625 (AKAMAI-AS)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
1 5 198.47.127.19 3257 (GTT-BACKB...)
11 95.101.148.38 16625 (AKAMAI-AS)
1 1 124.146.215.42 2514 (INFOSPHER...)
8 34.249.177.138 16509 (AMAZON-02)
5 5 185.64.190.79 62713 (AS-PUBMATIC)
2 2 31.172.81.172 44066 (DE-FIRSTC...)
1 1 141.95.32.71 16276 (OVH)
3 4 162.55.236.225 24940 (HETZNER-AS)
2 11 185.64.191.210 62713 (AS-PUBMATIC)
3 4 34.249.118.122 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 54.174.89.161 14618 (AMAZON-AES)
4 198.47.127.20 62713 (AS-PUBMATIC)
4 4 142.250.186.166 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.51.122 42697 (NETIC-AS)
3 3 51.222.80.231 16276 (OVH)
2 2 188.166.17.21 14061 (DIGITALOC...)
4 4 98.98.134.242 21859 (ZEN-ECN)
1 1 82.145.213.8 ()
1 1 34.102.163.6 ()
1 35.186.193.173 ()
2 2 213.155.156.169 ()
1 1 141.95.172.216 ()
2 2 141.94.170.64 ()
1 195.5.165.20 ()
1 1 34.102.253.54 ()
696 142
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
15    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
aabd529e31ce7dd774f0db284c9455d1.safeframe.googlesyndication.com
47ab540382b6c5487d3ea0bfc970e42f.safeframe.googlesyndication.com
19    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
8    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
4    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
5    2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.adpushup.com
40    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
45    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
10    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2600:9000:2304:600:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
24    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
9    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
24    190.2.150.148 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-150-148.hosted-by-worldstream.net
ad.vidverto.io
6    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d-9584005791704894627.ampproject.net
17    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
6    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
10    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
20    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
r.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    18.196.65.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-65-44.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
20    52.30.209.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    3.73.61.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-61-181.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
5    147.75.86.239 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: omni-am6-hz4jiuhczvnn
prebid.a-mo.net
14    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
7    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
imasdk.googleapis.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
15    18.196.86.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-86-219.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    203.195.121.142 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidver.to
1    2606:4700:e0::ac40:6402 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
1    2600:9000:223c:9800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
26    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
am-wf.taboola.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
adpushup-d.openx.net
u.openx.net
4    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
11    2a05:d018:d29:3602:e201:bdb5:e43c:2ec (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:1f18:24e6:b901:b58:f655:b2f0:bc51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
3    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
10    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
5    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
47    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
4    54.167.186.89 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-186-89.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    178.32.210.231 (France)

ASN16276 (OVH, FR)
PTR: ip231.ip-178-32-210.eu
ssbsync.smartadserver.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
3    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
p.rfihub.com
5    175.110.113.211 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-211.hosted-by-worldstream.net
cdn.vidverto.io
3    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.fr3.eu.criteo.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
7    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
5    52.57.130.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
match.sharethrough.com
4    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
5    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
3    52.214.255.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-255-27.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    52.48.146.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-146-251.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    3.65.188.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-188-50.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
4    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
20    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
1    2600:1f18:612b:4216:65bd:bf52:226a:b097 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    34.255.244.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-244-27.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    3.126.31.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-31-96.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
7    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
7    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
1    52.214.105.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-105-145.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.141.87.90 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-87-90.us-east-2.compute.amazonaws.com
s.thebrighttag.com
6    2a02:26f0:3500:d::1732:83c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
4    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    52.210.221.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-221-60.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
hbx.media.net
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
5    130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com
rtb0.doubleverify.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    13.32.99.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-115.fra60.r.cloudfront.net
public.servenobid.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
6    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
openx2-match.dotomi.com
pubmatic-match.dotomi.com
2    34.253.17.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-17-140.eu-west-1.compute.amazonaws.com
ads.avct.cloud
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    23.206.81.43 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-81-43.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
1    34.250.67.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-67-227.eu-west-1.compute.amazonaws.com
g2.gumgum.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:223f:e00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    18.208.74.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-74-11.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
5    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    18.210.34.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-34-36.compute-1.amazonaws.com
ssp.disqus.com
3    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
3    50.31.142.95 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    52.58.177.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-177-150.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    3.76.148.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-148-198.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
3    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    23.50.131.87 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-87.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
10    52.50.109.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-109-207.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
6    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
3    35.214.220.38 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 38.220.214.35.bc.googleusercontent.com
csync.loopme.me
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
17    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    52.204.145.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-145-156.compute-1.amazonaws.com
sync.ipredictive.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
5    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
11    95.101.148.38 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-38.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
secure.flashtalking.com
1    124.146.215.42 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
8    34.249.177.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
cs.minutemedia-prebid.com
5    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    141.95.32.71 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-006.roqad.pl
ws.rqtrk.eu
4    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
11    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    34.249.118.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-118-122.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    54.174.89.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-89-161.compute-1.amazonaws.com
a.audrte.com
4    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
4    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
2    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
2    213.155.156.169 (None, )

ASN- ()
d5p.de17a.com
1    141.95.172.216 (None, )

ASN- ()
green.erne.co
2    141.94.170.64 (None, )

ASN- ()
pixel-eu.onaudience.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
79 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
pubads.g.doubleclick.net — Cisco Umbrella Rank: 430
ad.doubleclick.net — Cisco Umbrella Rank: 183
623 KB
75 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
aabd529e31ce7dd774f0db284c9455d1.safeframe.googlesyndication.com
47ab540382b6c5487d3ea0bfc970e42f.safeframe.googlesyndication.com
740 KB
66 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1076
trc.taboola.com — Cisco Umbrella Rank: 674
vidstat.taboola.com — Cisco Umbrella Rank: 2913
il-trc-events.taboola.com — Cisco Umbrella Rank: 17784
images.taboola.com — Cisco Umbrella Rank: 1811
imprammp.taboola.com — Cisco Umbrella Rank: 13424
am-match.taboola.com — Cisco Umbrella Rank: 13561
wf.taboola.com — Cisco Umbrella Rank: 3138
am-vid-events.taboola.com — Cisco Umbrella Rank: 12698
sync.taboola.com — Cisco Umbrella Rank: 1143
vidstatb.taboola.com — Cisco Umbrella Rank: 5470
sync-t1.taboola.com — Cisco Umbrella Rank: 1485
am-wf.taboola.com — Cisco Umbrella Rank: 14755
1 MB
48 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 896
ads.pubmatic.com — Cisco Umbrella Rank: 572
image6.pubmatic.com — Cisco Umbrella Rank: 869
image8.pubmatic.com — Cisco Umbrella Rank: 746
image2.pubmatic.com — Cisco Umbrella Rank: 1056
image4.pubmatic.com — Cisco Umbrella Rank: 1271
simage4.pubmatic.com — Cisco Umbrella Rank: 1301
46 KB
40 criteo.net
static.criteo.net — Cisco Umbrella Rank: 653
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8975
csm.eu.criteo.net — Cisco Umbrella Rank: 8658
231 KB
32 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 981
fastlane.rubiconproject.com — Cisco Umbrella Rank: 557
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1188
eus.rubiconproject.com — Cisco Umbrella Rank: 656
pixel.rubiconproject.com — Cisco Umbrella Rank: 385
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1232
token.rubiconproject.com — Cisco Umbrella Rank: 662
80 KB
29 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 31959
cdn.vidverto.io — Cisco Umbrella Rank: 43491
504 KB
26 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 455
bidder.criteo.com — Cisco Umbrella Rank: 866
mug.criteo.com — Cisco Umbrella Rank: 2500
ads.eu.criteo.com — Cisco Umbrella Rank: 8559
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9434
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9381
widget.fr3.eu.criteo.com — Cisco Umbrella Rank: 16538
dis.criteo.com — Cisco Umbrella Rank: 633
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15092
169 KB
21 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2661
public.servenobid.com — Cisco Umbrella Rank: 5257
11 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 645
r.casalemedia.com — Cisco Umbrella Rank: 1668
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
dsum.casalemedia.com — Cisco Umbrella Rank: 1573
28 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1688
usersync.gumgum.com — Cisco Umbrella Rank: 2138
6 KB
17 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1391
rtb.openx.net — Cisco Umbrella Rank: 796
google-bidout-d.openx.net — Cisco Umbrella Rank: 1399
eu-u.openx.net — Cisco Umbrella Rank: 2750
us-u.openx.net — Cisco Umbrella Rank: 518
adpushup-d.openx.net — Cisco Umbrella Rank: 25659
u.openx.net — Cisco Umbrella Rank: 724
3 KB
16 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490
ups.analytics.yahoo.com — Cisco Umbrella Rank: 352
8 KB
16 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1197
x.bidswitch.net — Cisco Umbrella Rank: 369
21 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 279
secure.adnxs.com — Cisco Umbrella Rank: 500
acdn.adnxs.com — Cisco Umbrella Rank: 643
27 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15734
e3.adpushup.com — Cisco Umbrella Rank: 18621
282 KB
12 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 1051
cdn.flashtalking.com — Cisco Umbrella Rank: 1249
secure.flashtalking.com — Cisco Umbrella Rank: 2675
185 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
54 KB
11 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 530
rtb0.doubleverify.com — Cisco Umbrella Rank: 884
tps.doubleverify.com — Cisco Umbrella Rank: 555
tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 9707
230 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 122
3 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 399
218 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 632
5 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
3 KB
10 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6963
csync.smilewanted.com — Cisco Umbrella Rank: 3056
static.smilewanted.com — Cisco Umbrella Rank: 11944
17 KB
9 adform.net
c1.adform.net — Cisco Umbrella Rank: 660
cm.adform.net — Cisco Umbrella Rank: 1256
adx3.adform.net — Cisco Umbrella Rank: 62285
dmp.adform.net — Cisco Umbrella Rank: 3578
5 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 799
4 KB
8 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5532
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 4352
4 KB
8 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 37628
sync.aralego.com — Cisco Umbrella Rank: 3214
4 KB
7 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1071
ap.lijit.com — Cisco Umbrella Rank: 747
3 KB
7 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 906
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 730
3 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
5 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
imasdk.googleapis.com — Cisco Umbrella Rank: 521
820 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
1 KB
6 dotomi.com
openx2-match.dotomi.com — Cisco Umbrella Rank: 5071
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3625
2 KB
6 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1977
www.google-analytics.com — Cisco Umbrella Rank: 49
751 B
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1453
contextual.media.net — Cisco Umbrella Rank: 712
cs.media.net — Cisco Umbrella Rank: 1635
c21lg-d.media.net — Cisco Umbrella Rank: 2693
hbx.media.net — Cisco Umbrella Rank: 1338
12 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 666
eb2.3lift.com — Cisco Umbrella Rank: 440
2 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1322
pixel.quantserve.com — Cisco Umbrella Rank: 1108
cms.quantserve.com — Cisco Umbrella Rank: 933
11 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
340 KB
5 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3243
pixel-eu.onaudience.com
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 624
3 KB
5 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 610
137 B
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1027
663 B
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 770
2 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1294
2 KB
4 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3456
spl.zeotap.com — Cisco Umbrella Rank: 3359
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2910
3 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 957
1 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2211
1 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 962
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 886
1 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 773
2 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15983
42 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 617
3 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1063
707 B
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1513
847 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 605
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1767
1 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 597
2 KB
3 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3508
cs.admanmedia.com — Cisco Umbrella Rank: 1127
542 B
3 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3341
2 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1432
1011 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 991
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 596
978 B
3 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2700
ads.yieldmo.com — Cisco Umbrella Rank: 752
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 743
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 234
3 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249
15 KB
3 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 3654
p.rfihub.com — Cisco Umbrella Rank: 982
3 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1606
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4269
visitor.omnitagjs.com — Cisco Umbrella Rank: 1072
1 KB
2 de17a.com
d5p.de17a.com
562 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2801
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20565
498 B
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3871
1 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5047
908 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 935
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1052
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1332
842 B
2 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2275
cs.yellowblue.io — Cisco Umbrella Rank: 2753
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4809
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 733
cdn.indexww.com — Cisco Umbrella Rank: 1763
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1180
811 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9350
505 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
90 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1581
criteo-sync.teads.tv — Cisco Umbrella Rank: 2585
656 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351
3 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 828
id5-sync.com — Cisco Umbrella Rank: 432
31 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 820
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27806
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16086
c.statcounter.com — Cisco Umbrella Rank: 10633
15 KB
1 playground.xyz
ads.playground.xyz
464 B
1 iprom.net
core.iprom.net
279 B
1 erne.co
green.erne.co
412 B
1 ctnsnet.com
ipac.ctnsnet.com
369 B
1 mrtnsvr.com
ad.mrtnsvr.com
308 B
1 opera.com
t.adx.opera.com
553 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3832
352 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1207
827 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 628
770 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1148
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1099
465 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1737
350 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 7018
343 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1120
625 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1988
160 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1373
668 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2521
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 745
339 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2249
44 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4660
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 29811
580 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2893
398 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1358
885 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 3488
274 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 405
864 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 13837
520 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11052
292 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1255
635 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 23946
3 KB
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 55771
154 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10548
257 B
1 ampproject.net
d-9584005791704894627.ampproject.net
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1537
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1891
3 KB
1 bg3.co
www.bg3.co — Cisco Umbrella Rank: 754565
static.bg3.co Failed
19 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
696 130
Domain Requested by
45 pagead2.googlesyndication.com cdn.ampproject.org
www.bg3.co
ads.aralego.com
pagead2.googlesyndication.com
imasdk.googleapis.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
39 cm.g.doubleclick.net 15 redirects google-bidout-d.openx.net
www.bg3.co
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
eus.rubiconproject.com
googleads.g.doubleclick.net
g2.gumgum.com
26 tpc.googlesyndication.com www.bg3.co
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
24 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
24 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdn.adpushup.com
static.criteo.net
20 simage2.pubmatic.com 1 redirects ads.eu.criteo.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
public.servenobid.com
20 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
19 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
17 usersync.gumgum.com 1 redirects g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
17 il-trc-events.taboola.com www.bg3.co
cdn.taboola.com
15 x.bidswitch.net 13 redirects am-match.taboola.com
ads.eu.criteo.com
14 images.taboola.com www.bg3.co
14 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 eus.rubiconproject.com ads.aralego.com
am-match.taboola.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
11 image2.pubmatic.com 2 redirects ads.pubmatic.com
public.servenobid.com
11 pr-bh.ybp.yahoo.com 7 redirects imprammp.taboola.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 match.prod.bidr.io 10 redirects
10 match.adsrvr.org imprammp.taboola.com
google-bidout-d.openx.net
am-match.taboola.com
eus.rubiconproject.com
cdn.adpushup.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
10 gum.criteo.com 5 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
9 cdn.flashtalking.com servedby.flashtalking.com
cdn.flashtalking.com
googleads.g.doubleclick.net
www.bg3.co
9 imageproxy.eu.criteo.net ads.eu.criteo.com
9 www.google.com 1 redirects www.bg3.co
tpc.googlesyndication.com
googleads.g.doubleclick.net
9 googleads.g.doubleclick.net www.bg3.co
pagead2.googlesyndication.com
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
9 ib.adnxs.com 6 redirects cdn.adpushup.com
acdn.adnxs.com
9 onetag-sys.com 1 redirects cdn.adpushup.com
ad.vidverto.io
googleads.g.doubleclick.net
public.servenobid.com
www.bg3.co
csync.smilewanted.com
9 e3.adpushup.com www.bg3.co
8 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
8 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
ads.eu.criteo.com
7 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
7 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 csi.gstatic.com imasdk.googleapis.com
7 csm.eu.criteo.net ads.eu.criteo.com
6 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 cdn.doubleverify.com googleads.g.doubleclick.net
cdn.doubleverify.com
www.bg3.co
cdn.flashtalking.com
6 us-u.openx.net 1 redirects google-bidout-d.openx.net
adpushup-d.openx.net
6 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
googleads.g.doubleclick.net
5 image8.pubmatic.com 5 redirects
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 ap.lijit.com 2 redirects public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
5 eb2.3lift.com 3 redirects ads.eu.criteo.com
cdn.adpushup.com
5 match.sharethrough.com ads.eu.criteo.com
public.servenobid.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
csync.smilewanted.com
5 secure.adnxs.com 4 redirects ads.eu.criteo.com
5 cdn.vidverto.io www.bg3.co
ad.vidverto.io
5 aax-eu.amazon-adsystem.com 2 redirects google-bidout-d.openx.net
eus.rubiconproject.com
ads.pubmatic.com
5 c1.adform.net 3 redirects ads.pubmatic.com
5 ups.analytics.yahoo.com 3 redirects imprammp.taboola.com
ads.eu.criteo.com
5 prebid.a-mo.net 3 redirects cdn.adpushup.com
5 rtb.openx.net 1 redirects cdn.adpushup.com
adpushup-d.openx.net
5 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
eus.rubiconproject.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 pixel-sync.sitescout.com 4 redirects
4 pubmatic-match.dotomi.com 4 redirects
4 uipglob.semasio.net 2 redirects public.servenobid.com
ads.pubmatic.com
4 ad.doubleclick.net 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
4 sync.outbrain.com 2 redirects ads.eu.criteo.com
g2.gumgum.com
4 rtb-csync.smartadserver.com 2 redirects ads.eu.criteo.com
ssbsync.smartadserver.com
4 token.rubiconproject.com 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 cms.quantserve.com 3 redirects f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
4 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
4 secure-assets.rubiconproject.com 4 redirects
4 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 pixel.onaudience.com 3 redirects
3 mwzeom.zeotap.com public.servenobid.com
ads.pubmatic.com
3 simage4.pubmatic.com ads.pubmatic.com
3 bh.contextweb.com 3 redirects
3 csync.loopme.me 3 redirects
3 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 dsp.adfarm1.adition.com 3 redirects
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 b1sync.zemanta.com 3 redirects
3 us.ck-ie.com 3 redirects
3 ssp.disqus.com 3 redirects
3 ad.turn.com 3 redirects
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 creativecdn.com 3 redirects
3 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
ads.pubmatic.com
3 ad.360yield.com 2 redirects www.bg3.co
3 dpm.demdex.net 1 redirects www.bg3.co
ssum-sec.casalemedia.com
3 dis.criteo.com 1 redirects ads.eu.criteo.com
www.bg3.co
3 cdnjs.cloudflare.com ads.eu.criteo.com
3 cat.fr3.eu.criteo.com ads.eu.criteo.com
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 ads.eu.criteo.com cdn.adpushup.com
googleads.g.doubleclick.net
3 www.gstatic.com www.bg3.co
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
3 ads.betweendigital.com 3 redirects
3 fonts.googleapis.com cdn.taboola.com
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
www.bg3.co
3 htlb.casalemedia.com cdn.adpushup.com
3 trc.taboola.com cdn.taboola.com
3 ads.aralego.com 1 redirects ads.aralego.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 tpsc-ew1.doubleverify.com cdn.doubleverify.com
2 adservice.google.com www.bg3.co
2 am-wf.taboola.com vidstat.taboola.com
2 secure.flashtalking.com googleads.g.doubleclick.net
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 sync.bumlam.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 tps.doubleverify.com cdn.doubleverify.com
2 cs.admanmedia.com ssbsync.smartadserver.com
g2.gumgum.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 p.rfihub.com 2 redirects
2 sync.targeting.unrulymedia.com 1 redirects csync.smilewanted.com
2 ce.lijit.com 2 redirects
2 ads.avct.cloud 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 ads.yieldmo.com 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 r.casalemedia.com 1 redirects ads.eu.criteo.com
2 visitor.omnitagjs.com 1 redirects ads.eu.criteo.com
2 cm.adform.net 1 redirects ads.eu.criteo.com
2 contextual.media.net ads.eu.criteo.com
cdn.adpushup.com
2 s.amazon-adsystem.com eus.rubiconproject.com
ssum-sec.casalemedia.com
2 pixel-us-east.rubiconproject.com 1 redirects eus.rubiconproject.com
2 fonts.gstatic.com ad.vidverto.io
2 www.google-analytics.com www.bg3.co
2 sync.taboola.com am-match.taboola.com
2 cat.nl3.eu.criteo.com www.bg3.co
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 mug.criteo.com www.bg3.co
2 prebid.smilewanted.com cdn.adpushup.com
2 oajs.openx.net 1 redirects www.bg3.co
2 f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 ads.playground.xyz 1 redirects
1 core.iprom.net ads.pubmatic.com
1 green.erne.co 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 t.adx.opera.com 1 redirects
1 spl.zeotap.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 ws.rqtrk.eu 1 redirects
1 u.openx.net 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 tg.socdm.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 sync.admanmedia.com 1 redirects
1 hbx.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 servedby.flashtalking.com googleads.g.doubleclick.net
1 static.smilewanted.com csync.smilewanted.com
1 c21lg-d.media.net contextual.media.net
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 cs.media.net 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 s.thebrighttag.com www.bg3.co
1 beacon.krxd.net www.bg3.co
1 adx3.adform.net imasdk.googleapis.com
1 47ab540382b6c5487d3ea0bfc970e42f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 aabd529e31ce7dd774f0db284c9455d1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 e1.emxdgt.com ads.eu.criteo.com
1 sync-criteo.ads.yieldmo.com ads.eu.criteo.com
1 ad.yieldlab.net ads.eu.criteo.com
1 a.twiago.com ads.eu.criteo.com
1 criteo-partners.tremorhub.com ads.eu.criteo.com
1 exchange.mediavine.com ads.eu.criteo.com
1 matching.ivitrack.com ads.eu.criteo.com
1 criteo-sync.teads.tv ads.eu.criteo.com
1 sync-t1.taboola.com ads.eu.criteo.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 widget.fr3.eu.criteo.com ads.eu.criteo.com
1 vidstatb.taboola.com www.bg3.co
1 a.rfihub.com 1 redirects
1 im.bluevoox.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 eu-u.openx.net google-bidout-d.openx.net
1 s0.2mdn.net imasdk.googleapis.com
1 pixel.quantserve.com www.bg3.co
1 stats.g.doubleclick.net cdn.ampproject.org
1 google-bidout-d.openx.net oa.openxcdn.net
1 imprammp.taboola.com vidstat.taboola.com
1 rules.quantcount.com secure.quantserve.com
1 amp.analytics-debugger.com cdn.ampproject.org
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 a.teads.tv cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 id5-sync.com cdn.id5-sync.com
1 d-9584005791704894627.ampproject.net cdn.ampproject.org
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.tidaltv.com Failed ssbsync.smartadserver.com
0 sync-dmp.aura-dsp.com Failed f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
0 static.bg3.co Failed www.bg3.co
696 232
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
cdn.adpushup.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
ad.vidverto.io
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
cdn.vidverto.io
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
itm.ivitrack.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-11 -
2023-11-12		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-08-07 -
2024-09-05		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-04 -
2024-05-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh

This page contains 130 frames:

Primary Page: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Frame ID: D8ABB8B93AC46EE8B03E1EF6DE6D1588
Requests: 212 HTTP requests in this frame

Frame: https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F0BCC8109A7718A6476E8948CD6A40B9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsux2kZG3W_hO1TEVaQhednYpM_SkQZEcTXt07_ZA8QsSLAgA-6UY4icFR42iQToJ7X5-2BVTVStZYUpZ80wfBvg7nQTVaoPMrY1jQqKOZswxsssD53ATqT80_GhyPpP7BvAY76eWAMIK0d6kGj21IqhxRMgbR0bKXRBn5g3JIykM4pisNYiQcdzPs52DCcErgGx_w0nn_aT2dJv_qUaIL32JEVh5SBDu0_lCfDBHY_XThi5tyzLoy4q33QVrujwGfvRepwDT8Wc19HH9DtIHcIan4Bx2oxRKrD_vD3SH8UY42VuRDZDq2PEfkK64pDsBQZGLw&sai=AMfl-YTy93zQQuIsRPqru8LnLGL80dTzDvre1xknrrPgD0j2dQJ2Nj950laIm6eZ87b8TLR3Or-H3Az4Rw1HT2Ju0WxB28MB3N49qib6I29tk0rWFisIOKqoz2VXqrc_HSpyC9mo_ob0iZ3Rl-3TYmY&sig=Cg0ArKJSzHExnOMZBqoWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2149A831D9611BAB65AF415B8CB23EC5
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Frame ID: 0A7382A479EA86D1408B9172B20EA038
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 53412AB2725DD679DB55212C42BEC244
Requests: 1 HTTP requests in this frame

Frame: https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C97BFD2FFC338B20DD75D2C521D69176
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 66C53EF7D0230E4312EC66A259225128
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DB42DFDFD3975D2D7BCF7A73619BCA4C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28C045C9BE1A27E1DA3312E8C5C2E4B7
Requests: 9 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&cmcv=&pix=undefined&cb=1694336829345&uv=3335&tms=1694336829345&abt=nonrv_vA!pl1549_vB!ufm_vD!ufrlt_vA!ul3335_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2ab1f621-a5f4-445b-a53b-3a4bffc8d040&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: EFDA4C4C5313BC389BE5F6D8519E248D
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 1A44CFF5CE52F4CA709A7E40C48A7356
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1209178E76846602D216ABE0F334FC20
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: C2BED1752E1CEE2DE171454808621F35
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 7D58E4797DA702026290CFA90F648A68
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: CDDF88CC10B8D7C00F2EA41F56BA244B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 36667AC9E533AD912C5CD116C4C581BC
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 98A99948801253114ADA09B91149DEB3
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 42AD0B17DA3CC3BF6998EC631B92F299
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvCT09srdV2fq4SwuBJuor0ZfdeDSd1NDbjNrBI6J9b_liR8PYJ4jFzgaSb2xioOGb8kVqJqcXQEiAeXsUwyZPfvkDNwMy_iyG8WvstwTJ_Iq6DPkIomHrUDLGzAwU_-XVrcKXmApceyKW5LKbMxHmZay1HpLfv_RjuZ0cFZU16m3un8lA_6fd4-3yF1-q7WkjKsaOPnsuZZwX16GW0OSAwbRIcMudy-EozY523B-0CkkkAy4zbGjoFpyRz_EsAxjUDHJULEeqGZTL_dIVUt6VpnifqG8R2VCuZ9mZAGgtJlhjsvwdz_JWXlUSEtb29aze&sai=AMfl-YQUnuyNfta-iG-EvyZbWutkffgtgJeDRi5fcwaqf0EHi6fTFyILpNM2rWWa-kxECWiei_x4Jq7fajPJYWr_O4BMiaQU6ctY1C9phTwbZxVGSY-Jn08-Bzz2LUJHPg&sig=Cg0ArKJSzEabW-TS1pkCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 739F2413AC40B4E75D370BA6F7E5E2C1
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Frame ID: 30B9F06AED9AE09D2C129B1F6BBAB53F
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Frame ID: 0050D1BD3CB49080B8D9FBA31593DC00
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1B51E0D49B35DB8FCE3FCE5475BECD45
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: B92A7CD9EC3375FCAFF8188C4FB9D474
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: A42F6BDA9BCC82B17863047F027169BE
Requests: 4 HTTP requests in this frame

Frame: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fd873da59d9cb20016a306040487a2&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Frame ID: 0316B95372F255B3B12F6BF88C1050E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: A06F5C14C704383D3127F26F2145CAAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: 384A5C240F190EE9EEFDEED242E93CA9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQfxdCOy8edmOnG0nIVd0EVT5o0opI2PVVUlqIl0UUPBKX3XqkR_xcjyJeMuLswuJ9iUae6trtc-2o9cbvcIOSYJWxqrLhYkq9ENRNsnBcRynqarmiGxYAAMilWis964psG8r_YSTZm8f0MQx23mPAEaIvnWy9I-vc6NksFuw_NcthVORXf_QEYnvu957h_vJslO18pL27_IYIjeA5vh-K1NpLMNzd6nZe4lC1nLG9W4XeoSv4Op4ZCekDdf8mXpmCCp0BXARS0tyzA8jmCUZDAcpIw6GSyNpcQCNQHTQD8CUpxvR5KubSZ-VZrchN_FSf&sai=AMfl-YR6dezu-YRQ57vWa6bpZM3_at4Kn6BD9GNZKRQijpSrGiEzHElc5zeT4vs15UUYpARhS2GYYOYaxCExafZj3b0q7OW6dVLQZ2OmnzaYkqrrApQuIClhbqX5HT1laA&sig=Cg0ArKJSzNLvbfPcVzwPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2C8C1E11D34E2638D7086FC24262A323
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Frame ID: EAF61227150BAF0814DC2E10825864BF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-26521745401216895036&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3080&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=5482005498&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&ga_hid=658876816&dt=1694336829874&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&bdt=2302&dtd=106&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 0D2E613156237772B98895D7BD3D28ED
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Frame ID: F0580DE734A9AB0249E1430FFDE4F019
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1B328019F9AA4A69C5C0C05CC6F3C492
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1kAiLK55AUNErAyKSwMkYGYHQenNlvubNWQthw&google_gid=CAESEPq3A3p7okk7EsTT30Ze0kA&google_cver=1&google_ula=913071,0
Frame ID: 656D7A58E0EB48C482D885E2DED7481C
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Frame ID: 9576B1310E0BA12AE92923BE966BE86B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Frame ID: D23C5E8B5418EB85AEEDFFFF852ECF4F
Requests: 8 HTTP requests in this frame

Frame: https://aabd529e31ce7dd774f0db284c9455d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 206BF5A233AC06550E74CE7BFF1C21C0
Requests: 1 HTTP requests in this frame

Frame: https://47ab540382b6c5487d3ea0bfc970e42f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B626071EF3D9DFBBD5B0E98955C3653A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C8CAB2305D97C099FC1A38F7C1130B58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 567056957E33C41926439272B23A62A2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5939EF42E1BDDB4E3333527F870ED76F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 02B19E5FA7376A783461DF8837C199E6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwJ6f6QEwAQ&v=APEucNXBkVfpgeGzvACgh1tB2lKsBZpixpnn7VJ3PAE3Cw9Yu--JhIW1rq-eTmAGODjMPT5DoZf4qSC7uyjEj_F3MPe1qqQvjw
Frame ID: 4D79E5DEB05C43A5714EA930EAF5E8BA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1D13D4E863C5B237AD5EA305A4D3B1A6
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: E21EB045F2CDFEFECE4860FBC901A4B7
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8E81C958ABC17F679D9F7DEC139D6E0
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Frame ID: 5223A2EA52F2369CC8166CEB7945E8DE
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 662756453AEA5FE09597F2B26443FD0D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 79A48C7598AA0FD07287B54789C3F4B4
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1694336829043
Frame ID: 6B2F67E9F7902646FE5704E999C80BD2
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 6347E0B59C011CE3EFF6520CB248BC95
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B5293ADC6D17DEB578ACA828665A4B66
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: E60D5E96A3F21B221F05318B0588A2C1
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 311F847C3AF9CBFBCEB403AA97B70A6E
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: EBE6EF05534BABCBDCF1B7EC9AFF937D
Requests: 14 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: E37A67F56204BC27D119F5019E415275
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 98B08F088EBDF6207B0846DCC529BC3F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E1CFF9D0D632F5627B4329DCFC24FF4E
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 67F3393A3D9E94E91BB698410FF02964
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4648.js
Frame ID: 5431FDEE37470BC3D46EC69F32EBEE72
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4E8AAA386420EDC72A572F3DE72EE8C3
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AA105685DBC61D6D9BB87321105F9681
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: EB0E4EC26043BD40F97875B737A1EE3F
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: F3026D8BC2BB13E17405363B67BB9B71
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 5E0841832036C83084DB1E88B3C660C3
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 1930A07558062499293C3B3C40D571A6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 30E4D5089E0E69392589F80F13095669
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: C9A0B7AE10186625C734C7DF4E922A05
Requests: 22 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: C0E1962966C0071E47B992BA2AF0F0EA
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: CAF8073BBAEAAE9E16E13DFCDB234364
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 35C84721382AFC3554C28FA86B13672B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A8042A86BE270A53B28D6547F4B7C9E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8965D417C77D7F90D7C689F05F14740A
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: C49E637EF19537A87DF21931E6C4EFE8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZP2HQQAPOYX7WQBY&gdpr=0&gdpr_consent=&_test=ZP2HQQAPOYX7WQBY
Frame ID: 3B60D9F3A6CFC58C1B0EA75C6684313A
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYzBhN2U3OC1iN2NjLTQwYzEtOGRjYi1kMzdiNWMzNjUzNWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: C8005DAA8B1F97BE636756D17A09DB6E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 9305104C4031F7C27E5C6AD2034B5E27
Requests: 11 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: EEDE545E032E9A557183DC8571379E90
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZP2HQcCo8XwAALBFmTIAAAAA
Frame ID: 51EBA8A5EB4C7DAC863EB4C018BD0F45
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 9C49B1BA3AFD7539442C5CA6E9685F5D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=duA9zx5Ik5RxMay7Ymjn&pi=gumgum
Frame ID: 1AE6930D4A79BA083B2887CFC641B16C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 090B3377CFE20E26A818B6D8465AD6C5
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 583230C177F5CE80961682AECFD4CBF8
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: FB3B7CD991A1DA121E9E4624D68EA471
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAFmsU7J-w8AACYTu7-ULg
Frame ID: 112A46AC09CD87197A5752A5919B88EC
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
Frame ID: 0795E2CD0196B304D7F168B06A563FD7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 29122E3963007B3D195EFE0134714C81
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&redir=true&gdpr=0&gdpr_consent=
Frame ID: 2E86BDB6DF070C8DC28AB17D89930DCF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DEzWQwJPg0MXHIUWDBudHw0ZiBIXStYfXhuqi5ri
Frame ID: C14A7179C266149D93AF0CFE9CC74857
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Frame ID: A5802A9E2C1C84BC871E005F6B0359FF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/50f1e3a5-b9bf-54fd-96db-4a6ef226cd51
Frame ID: D45D76F10E242A5B192B93F68AECB33B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/155251/4198896/index.html
Frame ID: 8A2E1954974978B349AB78A7C5537EE2
Requests: 8 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/01dd9dac6618ae494ff52f036aa9334130fdc95bca3a70f963095b3470b0300a
Frame ID: 6652E26BB8BA0274CCBC6899BC5ECD74
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6691273950527159550
Frame ID: 78E14A272D668D83D29DE02BC2BE062D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4648.js
Frame ID: E45968364C3F280011D64805CE540819
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/40cae9ad28f2598873c7356787afa123?gdpr_consent=&gdpr=0
Frame ID: 10ED5AEA2F8659732248912AC1846F36
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: DA079B0867DDC66F5D1A565E8FBB312C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/679ae3d04fb9237c0525c782cd5acb8f1f65bead7b05008d691cc846cb362555
Frame ID: 8D42F0884BDB71C9A0BD1158372E0C76
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD45DDA14FB7C5227433C96FB6A8EFBA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D5716D7698D9027CF3FE059E0BE1864
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
Frame ID: 9C99861EDC1A9EFC8F66038C6419EDDD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
Frame ID: 69BB76FD9FEC7DDFBC42327FD83F4A88
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
Frame ID: EEE52D036CDD97EA990C120BA0E0C08D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
Frame ID: E20BCF725205742DCE2C2EBCEC4FE847
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 07EA6A5F636F5C8A96794067A960C9D8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: C947258BCFDAC45A920310A32B6A5928
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: CBA8DA68EBF8FECC89FCFAAD89D49D0F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
Frame ID: 037A083F3BFDC67E8D0B7DB9D3206BF7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Frame ID: DD4353529D12C20634CE5B03936067DC
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
Frame ID: 7069556695267BED7E2CB06C62108D90
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
Frame ID: 46ECDB24A07B846F8468B6221647AB2C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
Frame ID: 3E57B70481E954097A2923EE27B88D64
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
Frame ID: A7448A0AA362A016DF39E730433F8FC7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7F9A96ACAD3ABF8106DDD2F81EEA8827
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: ED5D7B5AD8E4E005488C661DCA65E45D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 58320CC970DBD16CBBF15FC3A914A268
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
Frame ID: 6C5AB7B358D5885E11A018DFE8B941A4
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Frame ID: D20AFF37396B32395F252743CDB874A8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 0399AB4EB80EF9D095BEF189A2753BBE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5548C2274C5DD0FE67B17DE96161776B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F506478C54AD82E0353EAE41525EF57
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1f6082619725431d8be9fd0101edea4c
Frame ID: 5DC2BB921DEFE7BEFA280F8F80FE15FE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=4463025857368766481
Frame ID: 83DCC3680071AE43564C4AF0489CB23B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
Frame ID: D58CBB5AFC2F154C6B03466D071ED52A
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 5BEA3EE984DD773236B615E34093C7C1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667051755788886163
Frame ID: EA23A24261894E117E9DBA58612FF7DF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYQRWYnTSMXhRbajX&gdpr=0&gdpr_consent=
Frame ID: B2887542E530CF258BFC2C5BF4145668
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3EDF9F104068799B0682FDC1821192CF
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 894313C1A0B53C2D0B291CEBB6B67EF6
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6CDC292927297274A7503261A1419723
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Frame ID: 9A63ED8671C42C29E708838B8567E2BE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

全聯甜點正夯!專家揪「NG前3名」 冠軍1天吃1片就免驚啦~ - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

696
Requests

80 %
HTTPS

26 %
IPv6

130
Domains

232
Subdomains

142
IPs

14
Countries

6037 kB
Transfer

22922 kB
Size

192
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 88
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&rid=esp&cc=1
Request Chain 129
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=YV1jVnx3WHJ0U0QwUFFwL3dLNnBoeUltcEllVGQ3SGVGWk13bVAwdjFsOTFIb3RzOXVpZCtMZWgwbXNkM3pKVmppcFhVenVHblpxQzJKNHM4OExrZmZEc25UeHp4a21oeEx5UmlQck9ZV0hDRDNueXlheXUxNG1rK1h5QUdkTEUyekdOdUtGTlNkbGk0VnBOdUZ0VS9PZEk0S1ZiK2NITGdSQnlPekFsbE5aa3RGUHh4cmtubjRyYTNvRWxUUTltYjJKNGd2dTJVSHczOWcrM2NGbHVTNFNmaDVVTXMvaEVkNXBpb0pzOWIyZDFrMFZXTk0va0hWMFVEd0xsTFBLRm9KeUhycnkrdTNUVmcwbGJycERVTzI0RmNXZz09fA&cppv=2
Request Chain 149
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D2c781e3a-1878-4a1c-852d-0bb1d796d868%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=2c781e3a-1878-4a1c-852d-0bb1d796d868&p_id=23
Request Chain 150
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=2c781e3a-1878-4a1c-852d-0bb1d796d868&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=2c781e3a-1878-4a1c-852d-0bb1d796d868&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-5972559919040122022 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=50f1e3a5-b9bf-54fd-96db-4a6ef226cd51&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&p_id=15
Request Chain 183
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 184
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/88f0f25e-2902-3538-a19b-e07f667d4a73?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-gmRi93hE2oWxNqlP02DRkevB0cJf_aBxtHIh9IQ-~A&redirect=
Request Chain 186
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 217
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6691273950527159550
Request Chain 218
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=86128798-bca4-c86c-2b2a-ec6fca5a766a HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=86128798-bca4-c86c-2b2a-ec6fca5a766a&dcc=t
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2M1fWpnFqOBwWcdp8wFsQ&google_cver=1
Request Chain 223
  • https://pr-bh.ybp.yahoo.com/sync/taboola/a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iO_7fPhE2oS2Nows.e7EV8ufDwE8KV6KkvgI3Q--~A
Request Chain 225
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEAiUlYP3S73d9UGs4WkyxFI&c_param1=AXcoOmRdNjxkgMsfZiZQzF9uRJEyx3GsZ6z53qF57f2WpRiquLMU1R3b0qnXQNQKGaCZ8vYPVlX2EGTwcFfmEIQG2bFwQm_V8OgmsA&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRdNjxkgMsfZiZQzF9uRJEyx3GsZ6z53qF57f2WpRiquLMU1R3b0qnXQNQKGaCZ8vYPVlX2EGTwcFfmEIQG2bFwQm_V8OgmsA
Request Chain 226
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEH1MCHtHgGSNVod9Mkb-KOI&google_cver=1&google_push=AXcoOmRuY8ZYhKFyJACf38nD6QWDWJ-oHOUwooqbik5a8L5-G25fkcEMltC5rNqaTWPZ6ru4ZJ6TaLWIo_ZwqgfYnNJ7AdigQ97E9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=oTH_VbrlVgVmDbqD-xfSKS0M3qs&google_push=AXcoOmRuY8ZYhKFyJACf38nD6QWDWJ-oHOUwooqbik5a8L5-G25fkcEMltC5rNqaTWPZ6ru4ZJ6TaLWIo_ZwqgfYnNJ7AdigQ97E9w
Request Chain 227
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEC2tM7l0xw7YWVE5yYuPZQA&google_cver=1&google_push=AXcoOmQtm8cdQOk-LweYrkATj1SL3rJM1P1zjX4siEuv2Ntor4YgPTRmjeXwwF5EmO9KBdJfrKzMlNO-HeTjFJmSOu_FkwnyH1Ou5g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQtm8cdQOk-LweYrkATj1SL3rJM1P1zjX4siEuv2Ntor4YgPTRmjeXwwF5EmO9KBdJfrKzMlNO-HeTjFJmSOu_FkwnyH1Ou5g&google_hm=Njk1ODU2Mzk3NDYxMjgyMDk0NQ%3D%3D
Request Chain 228
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECrP1MVR6n53mdyY0-lDnQw&google_cver=1&google_push=AXcoOmT0kcRQrd8fwHFsrgXc0tnnq3Oz6zDT8isvh_7lvU_V3irGF05Z87yozDYjv1iOd3bwm31ESsAoO-LHo3CYoYVka46thvwH6-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmT0kcRQrd8fwHFsrgXc0tnnq3Oz6zDT8isvh_7lvU_V3irGF05Z87yozDYjv1iOd3bwm31ESsAoO-LHo3CYoYVka46thvwH6-Q&google_hm=QlMuNjQwNi1lZTIzLTQ1NjEtYmMzMg==
Request Chain 229
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECLaO1sROpe-rYCgbxXE9cw&google_cver=1&google_push=AXcoOmQjH4kbeLIH8QK0NLyhaX7HPqjtDP9Adcf7IHhrapP-DSb0khw4nVODSB_68LzMsIvyHeL5NKJIoYPmylboM5QnClPGPuoV2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQjH4kbeLIH8QK0NLyhaX7HPqjtDP9Adcf7IHhrapP-DSb0khw4nVODSB_68LzMsIvyHeL5NKJIoYPmylboM5QnClPGPuoV2g&google_hm=NDQ2MzAyNTg1NzM2ODc2NjQ4MQ==
Request Chain 258
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 267
  • https://pr-bh.ybp.yahoo.com/sync/taboola/a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iO_7fPhE2oS2Nows.e7EV8ufDwE8KV6KkvgI3Q--~A
Request Chain 283
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMD8EGDL-1V-CZFC HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMD8EGDL-1V-CZFC
Request Chain 299
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NjMjFjNTE1MWYwYjBmYWNlODVhMGNhYTcyNjc1NWMzNzQ2MDM0MQ
Request Chain 300
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UeYNPcjQTiiuSj-5KgOUwA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=UeYNPcjQTiiuSj-5KgOUwA
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIRXNotQXpWFxTN9Sp0pGS0&google_cver=1
Request Chain 302
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1EOEVHREwtMVYtQ1pGQw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECnzV5tBsgzzr8h1yGlBma0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EOEVHREwtMVYtQ1pGQw==&google_push=
Request Chain 304
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMD8EGDL-1V-CZFC
Request Chain 305
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Dt_00QNQe6MuRtdTjoULlcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PfvbXcpE2oJckmM56SGh2zyN3MAypRGgmkrjxw--~A
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-1kAiLK55AUNErAyKSwMkYGYHQenNlvubNWQthw&google_cm&google_hm=ay0xa0FpTEs1NUFVTkVyQXlLU3dNa1lHWUhRZW5ObHZ1Yk5XUXRodw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1kAiLK55AUNErAyKSwMkYGYHQenNlvubNWQthw&google_gid=CAESEPq3A3p7okk7EsTT30Ze0kA&google_cver=1&google_ula=913071,0
Request Chain 308
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7194115729736594569
Request Chain 309
  • https://secure.adnxs.com/setuid?entity=52&code=k-abl6Q655AUNErAyKSwMkYGYHQenyZVBPNQVqLQ HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-abl6Q655AUNErAyKSwMkYGYHQenyZVBPNQVqLQ
Request Chain 320
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xDfZ-q55AUNErAyKSwMkYGYHQemctpijWV5Amg HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xDfZ-q55AUNErAyKSwMkYGYHQemctpijWV5Amg&C=1
Request Chain 321
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Qirj7Q1pK36xxGzc5bTIGoefCqtoposI HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Qirj7Q1pK36xxGzc5bTIGoefCqtoposI
Request Chain 322
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-V_4j1q55AUNErAyKSwMkYGYHQeljCUBDOySS-w HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-V_4j1q55AUNErAyKSwMkYGYHQeljCUBDOySS-w
Request Chain 361
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=VMWJU7mLYmeIq624OeczVxqudD2f4Wlm
Request Chain 371
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=n8SxLJe3X8J5TgbDBhhxC8i_6zP7PzX8
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4BsgRIgnhNTItifxxmtxQ&google_cver=1
Request Chain 392
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP2HP-VkQFCZ8keQV-TbuwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4BsgRIgnhNTItifxxmtxQ&google_cver=1
Request Chain 410
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIrNSCqbGzwuzSPTyy2obtI&google_cver=1&google_push=AXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24co&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24co%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIrNSCqbGzwuzSPTyy2obtI&google_cver=1&google_push=AXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24co&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24co%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 411
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEMW3JRCWvJwM5Dj6UFBq4y0&google_cver=1&google_push=AXcoOmSeUnE1MauYMoKcEdTU6DswcwbIskloau85nR6Yu_NOzjcYsewsGjl9ZbTko25lyxCiv1VOSd-hDDDOhCPZChlnCzy668k5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=825575633393
Request Chain 412
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAYOQJ74aCurSo7R8gtG33k&google_cver=1&google_push=AXcoOmTLX2KmCdCfF6_Vysg6vrea8OvLAPtRIuPtpdtKUch2H9eOyrMqFuBilcvyD5uEa9UhVAjku79Qp29pW5GADQW5Y0CPRamX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLX2KmCdCfF6_Vysg6vrea8OvLAPtRIuPtpdtKUch2H9eOyrMqFuBilcvyD5uEa9UhVAjku79Qp29pW5GADQW5Y0CPRamX&google_hm=eS1FNTNVNUtSRTJwSFBWM0kzaXhvc3JmZVQzV0RuWWx0UX5B
Request Chain 413
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEBziTdJ9B_yVQG_ssswXxMQ&google_cver=1&google_push=AXcoOmQIsqCweQWark_4p6eMpeQpA7yZuC8h0tckDfa2anY9RnDuhtEyHULOfIdNS0SGdgS-fHYcVigQdo4nB0smfmUGlO2kg0_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQIsqCweQWark_4p6eMpeQpA7yZuC8h0tckDfa2anY9RnDuhtEyHULOfIdNS0SGdgS-fHYcVigQdo4nB0smfmUGlO2kg0_1&google_hm=M1JlYVRIUnNzVlJqaEpOUW9LdjU=
Request Chain 414
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEK6jN4kZhD5f9xCnPPd1Q5o&google_cver=1&google_push=AXcoOmSfWHUncTDSEQOk48_NjKc9sqOVyIWGv_QtI-pt8CWy3VkFMvk28s4FR93GBo7XvZkXN3xnurTf5U-BNAInB_XBSfXgi0av HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSfWHUncTDSEQOk48_NjKc9sqOVyIWGv_QtI-pt8CWy3VkFMvk28s4FR93GBo7XvZkXN3xnurTf5U-BNAInB_XBSfXgi0av&google_gid=CAESEK6jN4kZhD5f9xCnPPd1Q5o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYyNzUwNTgzNDQwNjM3MTE1OTI3Mw%3D%3D&google_push=AXcoOmSfWHUncTDSEQOk48_NjKc9sqOVyIWGv_QtI-pt8CWy3VkFMvk28s4FR93GBo7XvZkXN3xnurTf5U-BNAInB_XBSfXgi0av
Request Chain 415
  • https://cs.media.net/cksync?type=g&google_gid=CAESEC-BRQEGw0UhVGc4sEpi7jk&google_cver=1&google_push=AXcoOmTFKGEmfauPe4Zm44Wnfquoki7nL67OIUA5ZrD7bsi5QFSLuJv0oL5jf4ZxYB0Q2A5W-j1Z3C1utOzJ5NwTIa00uJj6yzEa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3MzM4NDMxMTgxNTUyNDAwMFYxMA%3d%3d&mn_hm=MzM3MzM4NDMxMTgxNTUyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTFKGEmfauPe4Zm44Wnfquoki7nL67OIUA5ZrD7bsi5QFSLuJv0oL5jf4ZxYB0Q2A5W-j1Z3C1utOzJ5NwTIa00uJj6yzEa&gdpr=&gdpr_consent=
Request Chain 416
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESED8LQPfIryPnV5uHLQ83Pvk&google_cver=1&google_push=AXcoOmT7jIDoWsC1M8XaKzvIzTXLKS872cYER9YeIrxHdy8Vl1NylMw_KKy5K5N5FUwtqvL2NstFK8f03iLKLtYYfkdR_7EPUttVDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT7jIDoWsC1M8XaKzvIzTXLKS872cYER9YeIrxHdy8Vl1NylMw_KKy5K5N5FUwtqvL2NstFK8f03iLKLtYYfkdR_7EPUttVDA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 461
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=7190dcd5930123f7&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIVRMuSuSxCgNH5_JsAAAAAAA&expiration=1694423232&nuid={OX_USER_ID}&is_secure=true
Request Chain 462
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=AZJx2QmIyrgNUCJPcXCHMA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 464
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=c8136c3f-8761-4535-b0b3-6413699b34b2&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 465
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=duA9zx5Ik5RxMay7Ymjn&pi=openx&gdpr=0&tc=1
Request Chain 466
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=zzBn88EzMvPUYDSmz2csr85lOaLUNmevnWfYHLQ_
Request Chain 480
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 485
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7194115729736594569
Request Chain 486
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HTAjrGZHC1kSg52IQqyLrwKK
Request Chain 488
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1694336832864 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4605379176 HTTP 302
  • https://sync.1rx.io/usersync/turn/7031372384577410706?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fab17d08-88f3-4b0d-9586-f5759b535701-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-fab17d08-88f3-4b0d-9586-f5759b535701-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
Request Chain 489
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=4463025857368766481
Request Chain 490
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=a535217a-1240-4591-b31a-47fbd5b57c47
Request Chain 491
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 492
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
Request Chain 493
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQyAh4GOAE=%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=30&buyeruid=01dd9dac6618ae494ff52f036aa9334130fdc95bca3a70f963095b3470b0300a&r=Cid1YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQyAh4GOAE=&gdpr=&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQyAh4GOAI=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQyAh4GOAI=&buyeruid= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-8044c00d-f143-3530-b556-f1ed0ccb8af4
Request Chain 494
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
Request Chain 496
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 497
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=dc0e5e02-155c-41af-8a8b-25e49bda20de
Request Chain 505
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZP2HP_VkQFCZ8keQV_TbuwAAFBwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFKYX_PjFTE27jNJ4C7hnLo&google_cver=1
Request Chain 506
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7194115729736594569
Request Chain 507
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 508
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7194115729736594569
Request Chain 509
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_35d6d734-9b6c-4ca3-8da8-eb814eed8451&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 510
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Tz84BUE8bQVUb2tQT2hzWU5qZlRUOThZHWg5MDby
Request Chain 514
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBIXdSGW1jm180ndeNqo9G4&google_cver=1&google_push=AXcoOmQwzVI_4s6Mz4p_ATbDHvljkDzllW4w8Jcp-zOtV4sZvPYiPLZDf2zz0H-wZkHvtSLUXS6goE4b0IE5_xJx_ZKQmQUSbZwA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBIXdSGW1jm180ndeNqo9G4&google_cver=1&google_push=AXcoOmQwzVI_4s6Mz4p_ATbDHvljkDzllW4w8Jcp-zOtV4sZvPYiPLZDf2zz0H-wZkHvtSLUXS6goE4b0IE5_xJx_ZKQmQUSbZwA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TjVyTUlWUW8xUUZncHE1&google_gid=CAESEBIXdSGW1jm180ndeNqo9G4&google_cver=1&google_push=AXcoOmQwzVI_4s6Mz4p_ATbDHvljkDzllW4w8Jcp-zOtV4sZvPYiPLZDf2zz0H-wZkHvtSLUXS6goE4b0IE5_xJx_ZKQmQUSbZwA
Request Chain 516
  • https://um.simpli.fi/gp_match?google_gid=CAESEP1Qu-0Pnub0WJQB1FekkhA&google_cver=1&google_push=AXcoOmTvx9QpsbCcZvV1-VKmvrGg-z_Lu4OZf9VI75HbonG-RWKi6Tf8S1zUb-MUWPpTmm8et3PTPns76iVaUNkWYTlN8qiJqaye HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=35D12EF780EE4009BB829DD55E9E0604&google_push=AXcoOmTvx9QpsbCcZvV1-VKmvrGg-z_Lu4OZf9VI75HbonG-RWKi6Tf8S1zUb-MUWPpTmm8et3PTPns76iVaUNkWYTlN8qiJqaye
Request Chain 517
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAYOQJ74aCurSo7R8gtG33k&google_cver=1&google_push=AXcoOmRcVO-dnxtLRpfjPPoONxY62ysvzRLgWbWVtd052zX9N9fO9YdYjwpp37lWwl0v_qBXG4y_gcg1PL57IcgFSuMQHnhj08Ku HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRcVO-dnxtLRpfjPPoONxY62ysvzRLgWbWVtd052zX9N9fO9YdYjwpp37lWwl0v_qBXG4y_gcg1PL57IcgFSuMQHnhj08Ku&google_hm=eS1FNTNVNUtSRTJwSFBWM0kzaXhvc3JmZVQzV0RuWWx0UX5B
Request Chain 518
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECnzV5tBsgzzr8h1yGlBma0&google_cver=1&google_push=AXcoOmT2stadDsm4I2-OwVsXw2gAmz42Ms4s04jmyWteDv-nUXeyooxUVcqDxLfH6J7ut9j9WrtlojDKmjleCBNh2h_1CFwTXeFX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EOEVHREwtMVYtQ1pGQw==&google_push=AXcoOmT2stadDsm4I2-OwVsXw2gAmz42Ms4s04jmyWteDv-nUXeyooxUVcqDxLfH6J7ut9j9WrtlojDKmjleCBNh2h_1CFwTXeFX
Request Chain 519
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECAT21sdl7P5CnIGxmkKYnI&google_cver=1&google_push=AXcoOmQBpSICnSvbQKjQXQ-O3s6bX3l3wTHIw4SRTvRnvQATTL4zPZMjcb__T9TW4YKbfIqj3ldnRssE1E_2GNw5NW490iKrSDk HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECAT21sdl7P5CnIGxmkKYnI&google_cver=1&google_push=AXcoOmQBpSICnSvbQKjQXQ-O3s6bX3l3wTHIw4SRTvRnvQATTL4zPZMjcb__T9TW4YKbfIqj3ldnRssE1E_2GNw5NW490iKrSDk&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQBpSICnSvbQKjQXQ-O3s6bX3l3wTHIw4SRTvRnvQATTL4zPZMjcb__T9TW4YKbfIqj3ldnRssE1E_2GNw5NW490iKrSDk&google_hm=HTAjrGZHC1kSg52IQqyLrwKK
Request Chain 520
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEBziTdJ9B_yVQG_ssswXxMQ&google_cver=1&google_push=AXcoOmS0Z07d-mraIPFm9MvQ8AOWxtZwSZdsjcBSgxrzkVgcKXPNs7O9AjDuBu1eNvmpbR8fjKSTsSumSIlOzqpbEw6gYqyiZvb8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS0Z07d-mraIPFm9MvQ8AOWxtZwSZdsjcBSgxrzkVgcKXPNs7O9AjDuBu1eNvmpbR8fjKSTsSumSIlOzqpbEw6gYqyiZvb8&google_hm=M1JlYVRIUnNzVlJqaEpOUW9LdjU=
Request Chain 523
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7277121281869478046&gdpr=0&gdpr_consent=
Request Chain 530
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFmsU7J-w8AACYTu7-ULg&expiration=1695546433
Request Chain 531
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZP2HQQAPLnX5tgAN
Request Chain 533
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=57d2a313-eaca-4255-97c5-5c7f17e2adf6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 535
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3bb2cb4c-8f5a-b65f-27a3ebdd
Request Chain 538
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7194115729736594569
Request Chain 539
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=26a715cb-f765-4600-b5f1-c0cfec966d82&ssp=gumgum2&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 540
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28WrOVq4zFB0LA6I12-LX050ju5eVNl2DqfOO3_tcWuGl3wZ70O4m3Lcc9tPg6SDbM%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28WrOVq4zFB0LA6I12-LX050ju5eVNl2DqfOO3_tcWuGl3wZ70O4m3Lcc9tPg6SDbM%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d&obuid=ENC(WrOVq4zFB0LA6I12-LX050ju5eVNl2DqfOO3_tcWuGl3wZ70O4m3Lcc9tPg6SDbM)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 541
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=29f95f95-881b-4bc0-8c5f-7e156a39bccc
Request Chain 542
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a131ff55-bae5-5605-660d-ba83fb17d229$ip$45.12.222.171
Request Chain 543
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-age7lwJE2pfbDttBFU6pAzzuRt74OQ2D2PS8~A
Request Chain 544
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=7c68c353-add7-4411-9764-3afe2dcb19ff
Request Chain 546
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=o6XWJzRep4IfjfXzIeZX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23ZWLBLUU6SSMVYDISLGNJTFQ6SJMVNFQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23ZWLBLUU6SSMVYDISLGNJTFQ6SJMVNFQJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=o6XWJzRep4IfjfXzIeZX&us_privacy=1---
Request Chain 547
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=1f604e30-d393-4ef2-be92-9572071bcbd6
Request Chain 548
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=abIQXEofxPTt&ev=1&pid=558355
Request Chain 549
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6958563974612820945
Request Chain 555
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZP2HQQAPOYX7WQBY HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZP2HQQAPOYX7WQBY&gdpr=0&gdpr_consent=&_test=ZP2HQQAPOYX7WQBY
Request Chain 559
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZP2HQcCo8XwAALBFmTIAAAAA
Request Chain 561
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=duA9zx5Ik5RxMay7Ymjn&pi=gumgum
Request Chain 562
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 563
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LMD8EGDL-1V-CZFC HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LMD8EGDL-1V-CZFC
Request Chain 566
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=b6a7f4dffbbe13372d6dfb2728058d9&gdpr_consent=&gdpr=0
Request Chain 567
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjBjvanBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEG59nv5PuRHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGY4NjIwYWQ1LWEzYzEtNGFhOS1hYzc5LTBlNDE3MTUxYmQxZg** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=6e7d9efe-4fb9-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 569
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Request Chain 570
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZP2HP-VkQFCZ8keQV-TbuwAA%265148
Request Chain 571
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D%26ismms2s%3D1 HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=1508ac3d5f8fa7a695e8e648b4136b26&ismms2s=1
Request Chain 572
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1479d19e1-df9c-4cc2-93bc-770fe26a376f
Request Chain 573
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3627505834406371159273&ismms2s=1
Request Chain 574
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 579
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAFmsU7J-w8AACYTu7-ULg
Request Chain 581
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6961462133 HTTP 302
  • https://sync.1rx.io/usersync/turn/7031372384577410706?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
Request Chain 583
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 585
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DEzWQwJPg0MXHIUWDBudHw0ZiBIXStYfXhuqi5ri
Request Chain 587
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=k5g_IT-kSX-_Ul57mryolA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 588
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=&ct=y
Request Chain 589
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2652814803
Request Chain 590
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=93983F21-3FA4-497F-BF52-5E7B9ABCA894 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Nzk3bjhXVGJXLTZTci1tYy1PVmtwMHo4dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6691273950527159550&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 591
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTM5ODNGMjEtM0ZBNC00OTdGLUJGNTItNUU3QjlBQkNBODk0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&ismms2s=1
Request Chain 592
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAOhpcUSnjAzJv8spocHy88&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&ismms2s=1
Request Chain 594
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6691273950527159550 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7031372384577410706&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 597
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GWKOcudE2uWbFgrigJhHQJzcDtSfiU8-~A&gdpr=0
Request Chain 598
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/50f1e3a5-b9bf-54fd-96db-4a6ef226cd51
Request Chain 603
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/01dd9dac6618ae494ff52f036aa9334130fdc95bca3a70f963095b3470b0300a
Request Chain 604
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6691273950527159550
Request Chain 605
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMD8EGDL-1V-CZFC HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LMD8EGDL-1V-CZFC
Request Chain 611
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/40cae9ad28f2598873c7356787afa123?gdpr_consent=&gdpr=0
Request Chain 614
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/679ae3d04fb9237c0525c782cd5acb8f1f65bead7b05008d691cc846cb362555
Request Chain 636
  • https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1694336835925850 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CJv998nYn4EDFQ_lmgodKvsMuQ;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1694336835925850 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CJv998nYn4EDFQ_lmgodKvsMuQ;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1694336835925850
Request Chain 637
  • https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1694336835925479 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CJCH-MnYn4EDFUuimgodDl8NYw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1694336835925479 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CJCH-MnYn4EDFUuimgodDl8NYw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1694336835925479
Request Chain 643
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
Request Chain 644
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
Request Chain 645
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
Request Chain 648
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 649
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGbXNVN0otdzhBQUNZVHU3LVVMZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFmsU7J-w8AACYTu7-ULg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6958563974612820945&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFmsU7J-w8AACYTu7-ULg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6958563974612820945%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6958563974612820945&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFmsU7J-w8AACYTu7-ULg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
Request Chain 652
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 653
  • https://pixel.onaudience.com/?partner=214&mapped=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bb098b59686a7c3e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=74b8e63af99c78ae05a10253917b3bd9&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=3d943e78f2b910c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3f13211-db15-492f-75cd-d719573dfd43&reqId=9d932ac7-91e1-4cd0-5ab1-6191030618e8&zcluid=3d943e78f2b910c2&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKzNgZxm3YmkBrOY2zdozmY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3f13211-db15-492f-75cd-d719573dfd43&reqId=9d932ac7-91e1-4cd0-5ab1-6191030618e8&zcluid=3d943e78f2b910c2&zdid=1332
Request Chain 654
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=62ff19ca327923f7&is_secure=true&networkId=17100&version=1&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM0gXEcuaJBANzPUdWAAAAAAA&expiration=1694423236&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 655
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c62150fe-aac9-4455-9338-d55307e4b730&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 656
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348&gdpr=0&gdpr_consent=
Request Chain 658
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 659
  • https://pixel.onaudience.com/?partner=214&mapped=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 661
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
Request Chain 662
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
Request Chain 663
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
Request Chain 664
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=19396a9b6fb92416&is_secure=true&networkId=17100&version=1&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMxwJVc5_cEwMJkp4-AAAAAAA&expiration=1694423236&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 667
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 668
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFmsU7J-w8AACYTu7-ULg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=1&userid=6958563974612820945&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFmsU7J-w8AACYTu7-ULg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26userid%3D6958563974612820945%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&userid=6958563974612820945&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=2&ev=AAFmsU7J-w8AACYTu7-ULg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
Request Chain 669
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9543a50c-832b-4260-88f4-3fac8ed52ed4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 670
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348&gdpr=0&gdpr_consent=
Request Chain 678
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=7tidNF82YkljUE5XSzNPUUZUdUladXB4TXFad0ZWYzVOeDBzMHMlMkI0YVNuelFKaTRYQVl2VnBnQ3pITDBEM3UzY2RHaEFxS0ZGU2lsMFZzY2ZOM0NtazZReWJ3VGNWVkMwVGc4Y3o2akRPJTJGeDJxTXVRNyUyRmtHbHlFZmxqYSUyQkh5U2s5ZHJyZUQxSEpsbW9lREYwYzZ0WEdjQWplZyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=--ez-Xw0aWN0RmZYY1hxOFFUaytFSStkTTRnWTJUM1ZaSkpmSnVMODdUZkVCUnZ5VWxkOTMyc00reDBBTGIxMXJFSmd1NVcwRStKMEwwSlNWbGdJK25VQnF2Tms3ODBONkRBS0czaEVtK0p2RTdyNTRBV0hreENGcmJ4U05aVXhIYlJ4bkZBZnhyQk93VTdZeHBXUzFzbG5ySVl6bXNmN1BHdkZDbzZ1NUplNUh6aGxXNXJhSTdZVm1JaUgvcDBpa0FmL2tUNytpRXRsMUFjQnFBekZPLzNtNkhua1I1dXdianlqc2lUQTNPbUEyc3ovaHlrRGdUUEFFRXp0QWtZa2JWclAxd09PcWI1ZEh0ejhRZy85Z2JyeGRRZz09fA&cppv=2
Request Chain 693
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1f6082619725431d8be9fd0101edea4c
Request Chain 694
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=4463025857368766481
Request Chain 695
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
Request Chain 697
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667051755788886163
Request Chain 698
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYQRWYnTSMXhRbajX%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=74b8e63af99c78ae05a10253917b3bd9&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNrGB8F9IYQRWYnTSMXhRbajX%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYQRWYnTSMXhRbajX&gdpr=0&gdpr_consent=
Request Chain 703
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7194115729736594569

696 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
www.bg3.co/a/ 		61 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4397f902ee61f7cbcacf6edeae4127dfafa438b3bd6207eb0489fe0367c11b72

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 10 Sep 2023 09:07:07 GMT
etag
"f377-mr100HOvdF4tWC8MwlVE+8L4Uhc"
expires
Sun, 10 Sep 2023 09:08:07 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 10 Sep 2023 09:07:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72941
x-xss-protection
0
server
sffe
etag
"1fd4dd9eff57c430"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 10 Sep 2023 09:07:07 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 10 Sep 2023 09:07:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9642
x-xss-protection
0
server
sffe
etag
"02dd63e520ffd2e6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 10 Sep 2023 09:07:07 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 10 Sep 2023 09:07:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7559
x-xss-protection
0
server
sffe
etag
"7e5f99ff05e5cd4c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 10 Sep 2023 09:07:07 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
045e41472d44f47e489bc0bd1cb437c3713700afc4b5bff211cd7bca29f52527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29304
x-xss-protection
0
server
cafe
etag
380 / 19610 / 31077684 / config-hash: 18345592501010170579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:07 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 16:30:31 GMT
server
cloudflare
age
24658
etag
W/"64fb4c27-a067"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
804684d5596a1c3a-FRA
expires
Sun, 10 Sep 2023 14:16:09 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10562
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqoH%2Bzv%2FySrQyXDeMFc67DLxk97oQiSPyrBxh2dZG7IX9hk8JrYQ6K9fEw%2BQTnR4BrKRjIl3qR2lKP0rIYarZVsUqaIN%2BLfaWbxSfil%2FHzf%2B766YmQFlr3njV%2BU9qCidHSl6ME275Usj0gpiQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
804684d919b59c0a-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
3c0d9e37e84dce8c7cbdcf693b07b616bf8f1b6cfcba0eb651a159d8be031f8c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sun, 10 Sep 2023 09:07:07 GMT
content-encoding
gzip
age
180307
x-cache
HIT
x-client-device
desktop
content-length
10580
x-ap-device
MOBILE
last-modified
Fri, 08 Sep 2023 07:00:32 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
BE
expires
Sun, 10 Sep 2023 10:07:07 GMT
adpushup.js
cdn.adpushup.com/42753/ 		662 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5b118e1496dca781d14a6f7e0dee34cc5cdb3d5b78f26d77b54089da8dbe7a1c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 10 Sep 2023 09:07:07 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Fri, 08 Sep 2023 14:04:50 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1694336827731_34831752_793189948_707_1457_35_80_146";dur=1
content-length
142572
expires
Sun, 10 Sep 2023 10:07:07 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		493 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
200c95532c53da0912b3934fa9e60970a0c49c8a8a37dae3f1498d38abce6c12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
B7ESEqt9U0d0JJqnlCaJeGglIiWiYfbN
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:07 GMT
x-amz-request-id
M8KTDED15FFV5SQY
age
8684
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
10
x-amz-replication-status
FAILED
content-length
54398
x-amz-id-2
PeebFKthYa+lzMvb/Rp8HgESk2o9wVbuQW3cu9d+CU/HGvCw+XOYLChP4M9/hhSXN+PGnVcz6dw=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Fri, 08 Sep 2023 13:34:47 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336828.731364,VS0,VE4
etag
"6fb51dfa23be660faa52da0d0dc4ee59cef3a7e7"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
26
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
ab01d85492333fea5f77789e8848b94d.jpg
static.bg3.co/imgs/202105/ 		0
0
1e0f23653f25e38b315344b5ffe4e891.jpg
static.bg3.co/imgs/202105/ 		0
0
66f4a96d29e1a7f1531d165447783496.jpg
static.bg3.co/imgs/202106/ 		0
0
5ea47cb7bfc4eb9f33b2ca16b085b32d.jpg
static.bg3.co/imgs/202105/ 		0
0
24296dbd30ee6af16375414e2ec7c9b0.jpg
static.bg3.co/imgs/202109/ 		0
0
db72f8b77dc9b7f0a90d3b144312d1ce.jpg
static.bg3.co/imgs/202105/ 		0
0
36dcd2513448401f7fe865347b48d70b.jpg
static.bg3.co/imgs/202106/ 		0
0
f38c96664cd1569ef85b608d422a8747.jpg
static.bg3.co/imgs/202106/ 		0
0
2b16fd9571f8c17077d425b24825eea3.jpg
static.bg3.co/imgs/202105/ 		0
0
07d81349bdc5dc0124952b6ce4050d54.jpg
static.bg3.co/imgs/202105/ 		0
0
562aeeb959fdcbc49e73ca19f2aca75f.jpg
static.bg3.co/imgs/202309/ 		0
0
19a75d91960294b81fd7c07359db1a36.jpg
static.bg3.co/imgs/202112/ 		0
0
8c7fa2ff3244458dc4860eb6223c51bb.jpg
static.bg3.co/imgs/202105/ 		0
0
f0d7c7b30b9b93e991a51f775405cabb.jpg
static.bg3.co/imgs/202106/ 		0
0
26a2ff5e43cbe959519c81ab0b410f58.jpg
static.bg3.co/imgs/202106/ 		0
0
15695bbfe3f9937b93f683200026c13f.jpg
static.bg3.co/imgs/202106/ 		0
0
aec644a07195f4b2bf375a665cd34fc2.jpg
static.bg3.co/imgs/202201/ 		0
0
b28f4b79a02cee0e662ff6dc4233b286.jpg
static.bg3.co/imgs/202106/ 		0
0
661e12fdc1b91b9526582e0b023f5962.jpg
static.bg3.co/imgs/202105/ 		0
0
ba09f9d63fcc97bbdd1839e647fea8ea.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:30 GMT
age
400837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2968
x-xss-protection
0
server
sffe
etag
"20a8808a3fce3085"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:30 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
400836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23124
x-xss-protection
0
server
sffe
etag
"91fba5c7cd59114d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dd10c4eabe829c55b6dc7b0b3c581ef3809a309008d16aa34ba0ba092f2b1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
555
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
400836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3948
x-xss-protection
0
server
sffe
etag
"a02df160e36bd176"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
t.php
c.statcounter.com/ 		192 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=59A63CFA21A44FF3D27A9CB71F03FD35&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&t=%E5%85%A8%E8%81%AF%E7%94%9C%E9%BB%9E%E6%AD%A3%E5%A4%AF%EF%BC%81%E5%B0%88%E5%AE%B6%E6%8F%AA%E3%80%8CNG%E5%89%8D3%E5%90%8D%E3%80%8D%20%E5%86%A0%E8%BB%8D1%E5%A4%A9%E5%90%831%E7%89%87%E5%B0%B1%E5%85%8D%E9%A9%9A%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2283&sc_rum_e_e=2297&sc_rum_f_s=0&sc_rum_f_e=2185&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
804684d67aea1c3a-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
impl.20230905-4-RELEASE.js
cdn.taboola.com/libtrc/ 		804 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
68c9b585e4b7bed0162034533ab90f9a0c90d308b059fddc9a21a483c6d065ab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DHSY4h5zVk1UjTokLGTmT4IpOCy1UIOB
content-encoding
br
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:07 GMT
x-amz-request-id
KTJ5G1T2ZY79WG4Y
age
27473
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170225
x-amz-id-2
N19IwH4/N/0qjpx6UPvM4DrF7NvGmP8xnhrV6k24mww9BeCqS8cdgMqnU30S0hJvfiOoiWuNEek=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Tue, 05 Sep 2023 09:28:59 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336828.961837,VS0,VE0
etag
"02e831e0d003d619395b9b4db0013950"
vary
Accept-Encoding
content-type
application/javascript
abp
93
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5853
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/ 		407 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
540dfacb5653359db263f2d751b3494596b42b5acae30bc379eec33e87ed40bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 08:59:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
453
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131474
x-xss-protection
0
server
cafe
etag
4360487527687814013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 09 Sep 2024 08:59:34 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1694336828.dop229.fr8.t,1694336828.cds220.fr8.hn,1694336828.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1694336828.dop229.fr8.t,1694336828.cds220.fr8.hn,1694336828.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
400837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10339
x-xss-protection
0
server
sffe
etag
"6b0a8d436e5c7ad3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:47:09 GMT
age
400799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57751
x-xss-protection
0
server
sffe
etag
"df3f5bf96724b1a9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:47:09 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
207810
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		73 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=11%3A07%3A08.199&lti=deflated&data=%7B%22id%22%3A879%2C%22ii%22%3A%22%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694336828195%2C%22cv%22%3A%2220230905-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html%22%2C%22vpi%22%3A%22%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3305%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3202.578125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d6c56cff36e9b220cc02928038af86ac251683a17c542dd413a0470aec426925

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
310
date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
59850
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230076-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694336828.224525,VS0,VE310
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:600:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Sun, 10 Sep 2023 03:41:04 GMT
Via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-P1
Age
19565
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
ihawcSkl61FHXpXDSqPAuJUPJbgmADNzJhMpju9WN5xN9512sdqYsA==
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 09:30:49 GMT
server
cloudflare
x-amz-request-id
K8M291YY143Y9NV6
age
1676
etag
W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
804684d918c8906d-FRA
x-amz-id-2
gmcu4s9gLW9PLFYvfvWWpbf/F5rb9XAshtYMwJ+B139RAcEjhW+CY3Yb6q076EjxehpIKxQE2k8=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30177
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StIZM%2BGi5WmZFSD7RKxfHPM5su4TdRKmhdKzUZCHdT9FEG8cDD0QLWD%2BbyQbO4NB2THu3F7Hlvc6wC%2BpcLm7vbWlbUybwG2MgAuV8DECN3m2I30O7%2BVLTt%2FArO8GJ6hJCNLY0mGWTNUaWegepWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
804684d918085250-MXP
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Sep 2023 09:07:08 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 04:27:21 GMT
content-encoding
gzip
age
1139987
x-guploader-uploadid
ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 27 Aug 2024 04:27:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2751421224017173&correlator=1790311702969518&eid=31076399%2C31076480%2C31077748%2C31077684%2C31077700%2C20222283&output=ldjh&gdfp_req=1&vrg=202309060101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694336828247&lmt=1694329628&adxs=220&adys=228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&vis=1&psz=760x0&msz=760x0&fws=4&ohw=1600&ga_vid=743386227.1694336828&ga_sid=1694336828&ga_hid=658876816&ga_fc=false&dlt=1694336827572&idt=633&adks=3605545259&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4c3a8faa349fdce75018086cf89ad9b5977de24a701c1730c16e9ed3d408599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12539
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F0BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:08 GMT
expires
Mon, 09 Sep 2024 09:07:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1694336828365_34831752_793190808_688_1304_32_64_146";dur=1
content-length
122286
expires
Mon, 09 Sep 2024 09:07:08 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694336828430_34831752_793190809_181_692_32_0_146";dur=1
content-length
211
expires
Mon, 09 Sep 2024 09:07:08 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1694336828429_34831752_793190810_683_1446_32_0_146";dur=1
content-length
18371
expires
Sun, 10 Sep 2023 10:07:08 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQzMzY4MjgzNjEsInBhY2tldElkIjoiMDAwMEE3MDEtODAyNzA4MDItYjMwMC00ZWNhLTk1NmEtMzNkZDc0ODAwZTQxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3F1YW4tbGlhbi10aWFuLWRpYW4temhlbmctaGFuZy16aHVhbi1qaWEtaml1LW5ncWlhbi0zbWluZy1ndWFuLWp1bi0xdGlhbi1jaGktMXBpYW4taml1LW1pYW4tbGlhbmctbGEuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2764.7999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1694336828453
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 09 Sep 2024 09:07:08 GMT
date
Sun, 10 Sep 2023 09:07:08 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
2066504
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
view
securepubads.g.doubleclick.net/pcs/ Frame 2149 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsux2kZG3W_hO1TEVaQhednYpM_SkQZEcTXt07_ZA8QsSLAgA-6UY4icFR42iQToJ7X5-2BVTVStZYUpZ80wfBvg7nQTVaoPMrY1jQqKOZswxsssD53ATqT80_GhyPpP7BvAY76eWAMIK0d6kGj21IqhxRMgbR0bKXRBn5g3JIykM4pisNYiQcdzPs52DCcErgGx_w0nn_aT2dJv_qUaIL32JEVh5SBDu0_lCfDBHY_XThi5tyzLoy4q33QVrujwGfvRepwDT8Wc19HH9DtIHcIan4Bx2oxRKrD_vD3SH8UY42VuRDZDq2PEfkK64pDsBQZGLw&sai=AMfl-YTy93zQQuIsRPqru8LnLGL80dTzDvre1xknrrPgD0j2dQJ2Nj950laIm6eZ87b8TLR3Or-H3Az4Rw1HT2Ju0WxB28MB3N49qib6I29tk0rWFisIOKqoz2VXqrc_HSpyC9mo_ob0iZ3Rl-3TYmY&sig=Cg0ArKJSzHExnOMZBqoWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Sep 2023 09:07:08 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 10 Sep 2023 10:07:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2149 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:08 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQzMzY4Mjg2MTYsInBhY2tldElkIjoiMDAwMEE3MDEtODAyNzA4MDItYjMwMC00ZWNhLTk1NmEtMzNkZDc0ODAwZTQxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3F1YW4tbGlhbi10aWFuLWRpYW4temhlbmctaGFuZy16aHVhbi1qaWEtaml1LW5ncWlhbi0zbWluZy1ndWFuLWp1bi0xdGlhbi1jaGktMXBpYW4taml1LW1pYW4tbGlhbmctbGEuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3018.2999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQzMzY4Mjg2MjYsInBhY2tldElkIjoiMDAwMEE3MDEtODAyNzA4MDItYjMwMC00ZWNhLTk1NmEtMzNkZDc0ODAwZTQxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3F1YW4tbGlhbi10aWFuLWRpYW4temhlbmctaGFuZy16aHVhbi1qaWEtaml1LW5ncWlhbi0zbWluZy1ndWFuLWp1bi0xdGlhbi1jaGktMXBpYW4taml1LW1pYW4tbGlhbmctbGEuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3028.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQzMzY4Mjg2MjksInBhY2tldElkIjoiMDAwMEE3MDEtODAyNzA4MDItYjMwMC00ZWNhLTk1NmEtMzNkZDc0ODAwZTQxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3F1YW4tbGlhbi10aWFuLWRpYW4temhlbmctaGFuZy16aHVhbi1qaWEtaml1LW5ncWlhbi0zbWluZy1ndWFuLWp1bi0xdGlhbi1jaGktMXBpYW4taml1LW1pYW4tbGlhbmctbGEuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3031.7000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		173 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2751421224017173&correlator=1577681440060439&eid=31076399%2C31076480%2C31077748%2C31077684%2C31077700%2C20222283&output=ldjh&gdfp_req=1&vrg=202309060101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&arp=1&abxe=1&dt=1694336828638&lmt=1694329628&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=743386227.1694336828&ga_sid=1694336828&ga_hid=658876816&ga_fc=false&dlt=1694336827572&idt=633&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0_pv%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6600d2c86d9e08dac16091c9d0975439adcfa26515f513c6b98153465dc8cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50875
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl_page_level_ads.js?cb=31077684
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0dab040fd6fa463bebc0f42e4c70a353720ccd683d2e74ebed51f8249061ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:36:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
81017
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13608
x-xss-protection
0
server
cafe
etag
11769501363590505998
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Sep 2024 10:36:51 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:30 GMT
age
400838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32129
x-xss-protection
0
server
sffe
etag
"d5ab003501cb3fb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:30 GMT
nameframe.html
d-9584005791704894627.ampproject.net/2308242321000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-9584005791704894627.ampproject.net/2308242321000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
floating-unit.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6b7babf84ce7797789a5680401cb436cdc9118988848a158ca54418412d1083

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
V1rselWEQkmv8ejM_YOT9pvQ4PsP3pyq
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:08 GMT
x-amz-request-id
YMYSCWQ4HDFV88QA
age
323603
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
uc/TxTGKFcoM/JlekznaoFnw684uXNLIBkSY9K6l8dG1BXVc/d0aUPhpx7nxrtygWl9fxEaNMqY=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:13:46 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.701259,VS0,VE0
etag
"9b0b24e2992039edeafef2deb5f869d2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5886
taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9da2d7a84e76c27b93b2c4cacf7d94664404afa4c832a51b61516c3e510467c8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nyBLekRqWpLwFsYJ1PM2htL48qH2exXE
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:08 GMT
x-amz-request-id
GG3SZN1QSGHYAPZ8
age
323582
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
o+B0AKbDwwOufquBUhKM603c+EpaE5eo//GnTgnjAMIFfA/OIdq8E/w8MrYBJjugsAxyTQGJywI=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:14:06 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.701279,VS0,VE2
etag
"fcf081c3f2e178fc5d019b3ef2860ee1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4869
distance-from-article.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2667c5a21fcde467613da8c09a1137467ff3ddbefd3cd4a8cc9f1b794524fba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
em2XoJWhDIGX2pPbKxuWmMDgPsr_r4ef
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:08 GMT
x-amz-request-id
VB7GC7DNR3DBAGXN
age
323614
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
MwndNzSFMrfPZuXlmjg+CH3RvIMFhrFGJpJWlIU4n1N0LM64WpnV/AGfobY9J5d7i0GAmvKutRg=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:13:35 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.729671,VS0,VE0
etag
"0a16ddc5535f3ec9c04adb198a63ab57"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
19
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
89299
article-detection.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f149685a7ee57be9021e9195fe13705d2656c54b066f08be7c06a22c91b30585

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VYQg0KzRzVKgsOUVIwoGWUZcIizdfOKZ
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:08 GMT
x-amz-request-id
F29PXCZ8HNKVHJH3
age
323621
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
v/a7T3HLPP9VJKIs/ZoINAzTkQ4zUgmrWpgtYsjY3+QlOMnzxtML84PR9LAS30+tHp6+1yAQ708=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:13:28 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.729636,VS0,VE0
etag
"a684a25a6af049d0fee39485c35b845e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
78
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
88861
article-and-feed-area-scanner.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
888f76105fb77df4b08a77b9fbf0746568ac052c7bc8597e5e0880565b86e895

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fOyTBhgqz5FQ3RMtRWBYfaMIjaTXG7F_
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:08 GMT
x-amz-request-id
1WEMZ831J5J8E5XZ
age
323623
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1149
x-amz-id-2
OrBIsnOl8DMNGGS+8zZCwQJfqpV+dw6hLQncralM7SnlVvXy/dxHSngBJ+U15R4jYfoyiZDTLdQ=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:13:26 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.729914,VS0,VE0
etag
"5b5131281ce111f3314a114c7f4e6b93"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
26508
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.0/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
345753
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36498
x-served-by
cache-fra-eddf8230081-FRA
last-modified
Wed, 06 Sep 2023 09:01:32 GMT
server
AmazonS3
x-timer
S1694336829.791727,VS0,VE0
etag
"1865860838c0a4f202ab61510882ea01"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MBwNQWWoasK9QdVBzfrJSMb4dGtXeyY63MWPfWLulxwQ0SOIpiRafA==
x-cache-hits
35832
feed-card-placeholder.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c0b56e48f5c453c09b9229d70e9e85aead182f70b1ff39245061bf60af6bc0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.8WMZOWcDpNm0.Ccx52jyM8r4MC6976_
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:08 GMT
x-amz-request-id
3KKZJT1BHCRVXYWY
age
323608
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
k6bhlbvN6KLmcGsQRfjoz7YptQAdyVlsTRKrgkvp9A4tCI+2N2yMesYwCKScEwY2BQFGyzS5cgE=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:13:40 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.729901,VS0,VE0
etag
"a682091ea54d189e1c90f84edb66dc6a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
31
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
58907
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:08 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
29
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.732761,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
44
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
51
userx.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
659c04daa2a54bef52f7966dc3500b8e702c6c8cd1c4a3bf5516234d3fb10a74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
s_CdpOrxd5OMAuEV0GJ7BKn.ddN4GAhu
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:08 GMT
x-amz-request-id
J4VM1AJYK6QJHX3G
age
323579
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
FIq2NZRhejRV5eG0EITjnAVmFsTjNMpRi7giTA5FIjJKU6MUOB1ZCrrt1gNGOY6UXpqajzBu4iw=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:14:10 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.735908,VS0,VE0
etag
"22ce59d71c04e51e63a2870100dee4d6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
78
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
33362
explore-more.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfb968ff7ebcfc502af4bee0e5b4fce1b3ddfc29b883947aa18737c7ddf4dc05

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nTny9pOwUaN6ss1oAQu2PcehWgBYcg1r
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:08 GMT
x-amz-request-id
NASXNJWVBD4GEBA1
age
323610
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8803
x-amz-id-2
V0wstXoV0n2+bJL8i51/PcQ4dHD4ffSYa39uaMHin2aUHH5b6pD7SOELnFltwMEFSga3o5C2Ra0=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:13:38 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.753783,VS0,VE0
etag
"0da94878b067376092df0c027b53d238"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
41
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
35432
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=11%3A07%3A08.687&id=7758&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1694336828688%7D&tim=11%3A07%3A08.688&id=2805&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1694336828699%7D&tim=11%3A07%3A08.699&id=2536&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A07%3A08.741&id=1292&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A07%3A08.744&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2308&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
79867
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A07%3A08.747&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1003&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
79867
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A07%3A08.759&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=5604&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
79867
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A07%3A08.762&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=8950&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
79867
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A07%3A08.769&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=8595&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
79753
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5389
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSkc1J96Q%2BXryoGm8h7Yt5qRuw%2FjskRGA11EyDEvYv7sPfdftb2jc4CYxZ9AG6e4DI3do9XXb2YVumacanCOhv5wrLvbTWs3r7b%2FpHqdR55jAXi0w%2BuE4nVXl5HggLYuadnqlv6SlLNan2oU1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
804684dbfd1f9c0a-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
ab256a1fe117fb9da19588d614a4cff6828fe520714adc174d600f45202634d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
ab256a1fe117fb9da19588d614a4cff6828fe520714adc174d600f45202634d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
increment
id5-sync.com/api/esp/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 10 Sep 2023 09:07:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&rid=esp&cc=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3f298aa9d222ca8c24ed9c250d1b373904b3d39d68416e89c7edd702e436963

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-zvgmCX/+ynR06pDOS6/ufa33hc4"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.bg3.co
location
/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQzMzY4Mjg2MTYsInBhY2tldElkIjoiMDAwMEE3MDEtODAyNzA4MDItYjMwMC00ZWNhLTk1NmEtMzNkZDc0ODAwZTQxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3F1YW4tbGlhbi10aWFuLWRpYW4temhlbmctaGFuZy16aHVhbi1qaWEtaml1LW5ncWlhbi0zbWluZy1ndWFuLWp1bi0xdGlhbi1jaGktMXBpYW4taml1LW1pYW4tbGlhbmctbGEuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3218.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
syncframe
gum.criteo.com/ Frame 0A73 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:08 GMT
server
Kestrel
server-processing-duration-in-ticks
305883
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
992b14ef94076c8f6edb6894df583474.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_435%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_435%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/992b14ef94076c8f6edb6894df583474.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6dcb86d699332e962737d5d1532f4414756b53717482c6321988edf424ff6087

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_435%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/992b14ef94076c8f6edb6894df583474.jpg
age
925472
edge-cache-tag
454008108839939472705823423436305072957,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
454008108839939472705823423436305072957,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
120
req-referer
https://www.israelheute.com/
content-length
30892
x-request-id
80a6012682529c1526f5f50c4ccf73a7
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000040-IAD, cache-iad-kiad7000040-IAD, cache-lga21959-LGA, cache-iad-kiad7000052-IAD, cache-fra-eddf8230076-FRA
last-modified
Wed, 30 Aug 2023 12:20:32 GMT
server
nginx
x-timer
S1694336829.873555,VS0,VE1
etag
"38f1cd06b67aa64d1fca07c0c9a55d11"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
992b14ef94076c8f6edb6894df583474.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/992b14ef94076c8f6edb6894df583474.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c36f265593f4cc5f10aeea8cf0de4893ff09349a63eb33edb56041390b93d73

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/992b14ef94076c8f6edb6894df583474.jpg
age
938798
edge-cache-tag
454008108839939472705823423436305072957,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
454008108839939472705823423436305072957,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
193
req-referer
https://www.marca.com/en/football/2023/08/29/64ee4daf268e3ea35e8b45b8.html
content-length
49628
x-request-id
462d24dc7bbc5e20c65a296bcced0998
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200052-IAD, cache-iad-kjyo7100115-IAD, cache-lga21974-LGA, cache-iad-kjyo7100080-IAD, cache-fra-eddf8230076-FRA
last-modified
Wed, 30 Aug 2023 12:18:17 GMT
server
nginx
x-timer
S1694336829.873522,VS0,VE2
etag
"a9b6b3d8d685a7862dcec7d22dddaf95"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
1b32c73a351b5cb751060ef77359de5f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b32c73a351b5cb751060ef77359de5f.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
788bc382d2a3eed58c27fb82620a4e5acac8fc9c23491037d878bad3cff9eb53

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b32c73a351b5cb751060ef77359de5f.png
age
2751441
edge-cache-tag
490095130978201209803165851767913317923,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
490095130978201209803165851767913317923,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
60
expiration
expiry-date="Sun, 27 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://iranianuk.com/
content-length
6548
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200039-IAD, cache-sna10730-LGB, cache-iad-kiad7000102-IAD, cache-fra-eddf8230076-FRA
last-modified
Thu, 27 Jul 2023 12:11:46 GMT
server
nginx
x-timer
S1694336829.873599,VS0,VE1
etag
"60444a766490e8116b44c7cf52949751"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 6, 1
5bed6d75ca0c7b8007f72f73ac5f5451.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b4acc25c424b09c47ac70f9c121ebb73deb5e3dbdcdcf96c00399d79fdd1b34

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
age
1936966
edge-cache-tag
608330632766545199157274674631276038268,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
608330632766545199157274674631276038268,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
104
expiration
expiry-date="Mon, 28 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.englishforum.ch/
content-length
17630
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000155-IAD, cache-iad-kjyo7100164-IAD, cache-iad-kcgs7200132-IAD, cache-fra-eddf8230076-FRA
last-modified
Fri, 28 Jul 2023 22:27:49 GMT
server
nginx
x-timer
S1694336829.873746,VS0,VE0
etag
"8d3abb7f1eadc36ff03fe128b4f262a7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 14, 2
833ad82d2f46a66372ca947846f89493.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/833ad82d2f46a66372ca947846f89493.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
893f5e388ab31c4c4041021c8354d9396e506e1f754769c74f5b62b910f11e94

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/833ad82d2f46a66372ca947846f89493.jpg
age
938615
edge-cache-tag
458536190125608962012743012932906683303,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
458536190125608962012743012932906683303,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
289
req-referer
https://www.gazzetta.it/
content-length
65900
x-request-id
668687060cc3538bba5b3e1221f0a459
x-backend-name
LA_nlb201
x-served-by
cache-iad-kjyo7100176-IAD, cache-iad-kjyo7100021-IAD, cache-sna10732-LGB, cache-iad-kcgs7200047-IAD, cache-fra-eddf8230076-FRA
last-modified
Wed, 30 Aug 2023 12:23:33 GMT
server
nginx
x-timer
S1694336829.909153,VS0,VE1
etag
"7aa4d4e622047f47b208e86cccdaa030"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
ee46862a334695467fe7d1c45064a172.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee46862a334695467fe7d1c45064a172.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6e7fec0805e56f82293f8f62c4f07b173436012f2afb14775027dab5bb769aec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee46862a334695467fe7d1c45064a172.png
age
175166
edge-cache-tag
586544170058571962636302524765337558136,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
586544170058571962636302524765337558136,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
513
req-referer
https://wandern24.eu/
content-length
5754
x-request-id
5f7868d9e55e0fda2bd1a320cc00971b
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100120-IAD, cache-iad-kiad7000107-IAD, cache-iad-kcgs7200162-IAD, cache-fra-eddf8230076-FRA
last-modified
Thu, 07 Sep 2023 15:19:04 GMT
server
nginx
x-timer
S1694336829.909144,VS0,VE1
etag
"21b85339a7aea59e8fbaf925ccdcdfee"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
23441038-fc10-4052-be24-be87720394c1__5Awsoe9U.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/23441038-fc10-4052-be24-be87720394c1__5Awsoe9U.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba37c2757fd3663d832c6076d5e517c7616f576c2d21cc38c971d7db2cb26fe0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/23441038-fc10-4052-be24-be87720394c1__5Awsoe9U.jpg
age
2065828
edge-cache-tag
592330053859204687824486480177694088697,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
592330053859204687824486480177694088697,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
76
req-referer
https://whoswho.de/
content-length
9734
x-request-id
67b6b58e87b80faadbb8d17b631e3518
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200156-IAD, cache-iad-kjyo7100137-IAD, cache-iad-kcgs7200117-IAD, cache-fra-eddf8230076-FRA
last-modified
Wed, 16 Aug 2023 15:22:55 GMT
server
nginx
x-timer
S1694336829.909170,VS0,VE1
etag
"8a3badc7d59f4777ce98ac58b9241a60"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 1
992b14ef94076c8f6edb6894df583474.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/992b14ef94076c8f6edb6894df583474.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5a0a604cfc1b047c5cd3177469fbaa50a532b2af31308ab98c2e5217433bdad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/992b14ef94076c8f6edb6894df583474.jpg
age
926819
edge-cache-tag
454008108839939472705823423436305072957,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
454008108839939472705823423436305072957,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
190
req-referer
https://www.t-online.de/
content-length
54022
x-request-id
8266edcce8a56bc1219a931f7255dff5
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000111-IAD, cache-iad-kiad7000111-IAD, cache-lax10647-LGB, cache-iad-kiad7000081-IAD, cache-fra-eddf8230076-FRA
last-modified
Wed, 30 Aug 2023 12:20:32 GMT
server
nginx
x-timer
S1694336829.909114,VS0,VE2
etag
"a0cf21a403c2786bd78b64da0630d29b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 1
1b32c73a351b5cb751060ef77359de5f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b32c73a351b5cb751060ef77359de5f.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14ebeee0fa7d7bfa7a5c4ffb214d039a328630137b014fab0141d68af0ca5782

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b32c73a351b5cb751060ef77359de5f.png
age
2751441
edge-cache-tag
490095130978201209803165851767913317923,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
490095130978201209803165851767913317923,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
347
expiration
expiry-date="Sun, 27 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://trueedition.com/
content-length
15722
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200039-IAD, cache-iad-kiad7000079-IAD, cache-iad-kjyo7100037-IAD, cache-fra-eddf8230076-FRA
last-modified
Thu, 27 Jul 2023 12:11:46 GMT
server
nginx
x-timer
S1694336829.933675,VS0,VE1
etag
"60444a766490e8116b44c7cf52949751"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1
833ad82d2f46a66372ca947846f89493.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/833ad82d2f46a66372ca947846f89493.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
82462483aa1bb3ecc00eaebcf9590f3f37a1c42ee5ebfa49e0728f3545cc1449

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/833ad82d2f46a66372ca947846f89493.jpg
age
926951
edge-cache-tag
458536190125608962012743012932906683303,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
458536190125608962012743012932906683303,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
285
req-referer
https://weightlossgroove.com/
content-length
71922
x-request-id
36a0c838f3bf101a50288fb49c880cad
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kjyo7100050-IAD, cache-iad-kcgs7200137-IAD, cache-fra-eddf8230076-FRA
last-modified
Wed, 30 Aug 2023 12:23:34 GMT
server
nginx
x-timer
S1694336829.942178,VS0,VE3
etag
"3234eb372ead19cd80d523cab0bc5f77"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7, 1
5bed6d75ca0c7b8007f72f73ac5f5451.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9cab3225bc5ad29cf87d85f4907379efb2fad2cc3fd78b64890accfc2d956606

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
age
2688214
edge-cache-tag
608330632766545199157274674631276038268,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
608330632766545199157274674631276038268,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
363
expiration
expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://omgifacts.com/
content-length
42430
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000112-IAD, cache-iad-kiad7000142-IAD, cache-iad-kjyo7100042-IAD, cache-fra-eddf8230076-FRA
last-modified
Thu, 20 Jul 2023 02:26:00 GMT
server
nginx
x-timer
S1694336829.942376,VS0,VE4
etag
"101d72a29a382bf99dc10bf3e7dd2e55"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7, 1
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.44496263236374833&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.3017204466581491&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 17 Sep 2023 09:07:09 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230910
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50673231857e2140ef878429a20b7c0223cdd88e1acb38a99c9ba8e338ba5aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18376
x-jsd-version
1.0.1808
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7026-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-GOqyrYK0M/bePHiVjLTW96txGBw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vd7AktsZgFsv28qrTm2LT5J3BckWwP86DbS8FlMEXZh2%2FWzikMoiEs6qb%2Fv7a1%2B0ydgsOyqJ249shfS54Yh%2BUKSgL1lOW361bZKx8CsqL3roK2zkQBaRc1RSkgSWsrCFCDWKLc%2FaSyDVbaLDizw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
804684dcbeb55252-MXP
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
804684dd1a899b31-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
804684dd1a8b9b31-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cdb
bidder.criteo.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=23283253297&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
94b7211cd0fc8fe2a4fcd15bce510e5bc968581b896a8c168cb8203639edd6f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
pbjs
htlb.casalemedia.com/openrtb/ 		38 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40fb520ec5ee035cfe1ba6acb861e4a2cad28e66f5c3791a3895907feabf63c8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyWuCg5sANXlmjdxvP7YoH43JIleJJNaivI%2FU8FTTq65QqupOxOElyDaxenHEIGGUHUTn8P%2F%2B%2Fx4nvto7XJ2fJ5rhTHeUVb%2FnrZ9P%2B5e62BV7RZNg1IsXfnnO8bmQlZkkvu0dl3T"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
804684dd19725238-MXP
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29cb250b76a05410a93e22e7b9edfa544646a41efd02986caa7dd8d55f911d89

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GleitY1yuO3d6OKblHk6Q3u%2BiwtzdgCdD6ktloKsvSp6xB9428%2FdDbgkGZNhClZSiuIkSI461vpFstBMr499uuGptVms519WBn1pVjzmX0uxxKlP4mEWTmka0%2FO9VUIKGu0Lntnv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
804684dd19755238-MXP
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29cb250b76a05410a93e22e7b9edfa544646a41efd02986caa7dd8d55f911d89

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtRue6G32AJz5lSBHvzmHjnQk9FFj4T5E%2FPhOrRRvia0YwjHjzQUFM4GUFIktfGWDIpgIWEDq%2FVWBpfFKu1cDJ7eWgL0BOe6rI5zjEc3EydYHkTeo6GxBB3OqVHKT8f5PkgYUtCo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
804684dd19765238-MXP
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.65.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-65-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
6a699f333a3921d9df86f14601828ea393fd9d137cf0f00ba86c82d33d8f34c3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.128.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=40f4220c-e677-441d-92bf-5d854201e8a0%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E5%85%A8%E8%81%AF%E7%94%9C%E9%BB%9E%E6%AD%A3%E5%A4%AF%EF%BC%81%E5%B0%88%E5%AE%B6%E6%8F%AA%E3%80%8CNG%E5%89%8D3%E5%90%8D%E3%80%8D%E5%86%A0%E8%BB%8D1%E5%A4%A9%E5%90%831%E7%89%87%E5%B0%B1%E5%85%8D%E9%A9%9A%E5%95%A6%EF%BD%9E&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=6d03292a-9f86-43c6-abc7-e397cf685bde%3B936a554e-7b9f-41b4-9526-f2a6eb1ecbb2&l_pb_bid_id=3200ca135d93984%3B3302afd19ad9d24&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6d03292a-9f86-43c6-abc7-e397cf685bde%3B936a554e-7b9f-41b4-9526-f2a6eb1ecbb2&rp_maxbids=1&slots=2&rand=0.6710534393547145
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
746faef1bf1e65d535c118c1717e19c86518591d5045838024cc2f4bb6c5b2dc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebidjs
rtb.openx.net/openrtbb/ 		53 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
34de0a37c9b3564ed505a5d02457e015fc47354e9d1007aeef63884670110f07

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Sep 2023 09:07:08 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 10 Sep 2023 09:07:08 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
229
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
adreq
ads.servenobid.com/ 		723 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9122
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
93ed571b8ae692ae8d125a088c08a737ffd758dc6d771c7af07143d9384dec36

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 10 Sep 2023 09:07:08 GMT
hbjson
grid.bidswitch.net/ 		34 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.61.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-61-181.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f2528b8260f6703bff64d60b104edd00a929fe82e275c4237e2e4808b8a3cea9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 10 Sep 2023 09:07:09 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
16618
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.86.239 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
omni-am6-hz4jiuhczvnn
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 10 Sep 2023 09:07:08 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		250 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8311e322a50b6ffa4406120f85f0b204141c1fc84fd78da026b46d6fd029b45d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
an-x-request-uuid
5352af46-ef6c-46aa-a334-6ae8e87d8f47
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 10 Sep 2023 09:07:09 GMT
truncated
/ Frame 2149 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4196669fa5212e686a98bc93851be679a6587db2c854ea33fdf7f0c6b2469991

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2149 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ-Q5Zm03MXbSJXGUa5foDYhgnxBLAJSmjgNyIE0e5GwQYDGXd1FDx9Gd8u4XJWv_szHpXcXn3wPVFeb85isuJI5VGdF8Dpog_O84yp0eZKPRDwJMNwgIaL8tHVd0tnsM85IZOANnsRXGyAhqOBCxCNOYh8tsBs8YrLIe24BOLO5YfmhgbQCduzwLp1sjcLhVhVLaruyr8ejYTZSPoByRHl2UPOEDIbRGXLky7Za2wzUCaE53rwnodZkf79kiA5QzzKKc9xirxs7sjJ52aWghAD_EnELE32fXqnumdKXHaGAeBg4TUIc2VZ8yGHi7OU1qNPyBx&sai=AMfl-YSYyNd03xvDqaki6UMvKQ5yfFwsEFyuW8SlmCvpBc18-o6jiF1aYOxNblgXh0M30OVxuHfPzxIPaoMgXlBoY3lYcV3pqUD3QvspCucaQLxpC7nD1P4-xxp_lU4cvj7LzNoeRmULrVo4yojJUDs&sig=Cg0ArKJSzDwMLDSnM0KpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Sep 2023 09:07:09 GMT
impress
ad.vidverto.io/delivery/ 		53 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&referrer=&async=1&uid=8604739475&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
feef3715ac4827f09fc92d88d562728707fb1f4c82bd8352880a2ed235778bb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
sid
mug.criteo.com/ Frame 0A73
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=YV1jVnx3WHJ0U0QwUFFwL3dLNnBoeUltcEllVGQ3SGVGWk13bVAwdjFsOTFIb3RzOXVpZCtMZWgwbXNkM3pKVmppcFhVenVHblpxQzJKNHM4OExrZmZEc25UeHp4a21oeEx5UmlQck9ZV0hDRDNueXlheXUxNG1rK1h5QU...
431 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YV1jVnx3WHJ0U0QwUFFwL3dLNnBoeUltcEllVGQ3SGVGWk13bVAwdjFsOTFIb3RzOXVpZCtMZWgwbXNkM3pKVmppcFhVenVHblpxQzJKNHM4OExrZmZEc25UeHp4a21oeEx5UmlQck9ZV0hDRDNueXlheXUxNG1rK1h5QUdkTEUyekdOdUtGTlNkbGk0VnBOdUZ0VS9PZEk0S1ZiK2NITGdSQnlPekFsbE5aa3RGUHh4cmtubjRyYTNvRWxUUTltYjJKNGd2dTJVSHczOWcrM2NGbHVTNFNmaDVVTXMvaEVkNXBpb0pzOWIyZDFrMFZXTk0va0hWMFVEd0xsTFBLRm9KeUhycnkrdTNUVmcwbGJycERVTzI0RmNXZz09fA&cppv=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cfa93736e21e6f8e446cba5e941401ec87939342c33ccc9d8ebd92d97537b35e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
956021
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=YV1jVnx3WHJ0U0QwUFFwL3dLNnBoeUltcEllVGQ3SGVGWk13bVAwdjFsOTFIb3RzOXVpZCtMZWgwbXNkM3pKVmppcFhVenVHblpxQzJKNHM4OExrZmZEc25UeHp4a21oeEx5UmlQck9ZV0hDRDNueXlheXUxNG1rK1h5QUdkTEUyekdOdUtGTlNkbGk0VnBOdUZ0VS9PZEk0S1ZiK2NITGdSQnlPekFsbE5aa3RGUHh4cmtubjRyYTNvRWxUUTltYjJKNGd2dTJVSHczOWcrM2NGbHVTNFNmaDVVTXMvaEVkNXBpb0pzOWIyZDFrMFZXTk0va0hWMFVEd0xsTFBLRm9KeUhycnkrdTNUVmcwbGJycERVTzI0RmNXZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
240579
content-length
0
expires
0
next-up-widget.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71e375d5444b117a25725466b97c277c7b7243523340f8ace4c58ad259f28982

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
16i_W0SfO4iu5HUNttGCzqfI5eyuaJk9
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:09 GMT
x-amz-request-id
5Z6D55KEA63Q4GDX
age
323600
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
zbA9d3vwZFWk0ANy7tqhXOmmLnCfK5m/3x33rRTsy4bo2JGe2Az9RZf1dL8FcKvA8rZnXttJGN0=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:13:49 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.039546,VS0,VE0
etag
"206e75ae80c2530bd7615c594f84c2e4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5793
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22345.5625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A07%3A09.038&id=859&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1474%7D%22%2C%22eventTime%22%3A1694336829040%7D&tim=11%3A07%3A09.040&id=9227&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A07%3A09.050&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1600&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
79589
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Sep 2023 08:53:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Sep 2023 09:07:09 GMT
spa-detector.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e016d3df93459256a6fe9e8138adba21bfba1589672c6149fb5bbde470580c20

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KEGvtegWzhSmJ0zyOWVzsjMEuOiRrSzx
content-encoding
gzip
via
1.1 varnish
date
Sun, 10 Sep 2023 09:07:09 GMT
x-amz-request-id
5Z1CHXFC88GT13TW
age
323593
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
1R6YEO9Myr91tXufEJQPPNQ2KLQnJQ8K96AKA2aZIoxRcffRrKxm7cTEbrWPZe7wMn0nAh2HBz4=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 06 Sep 2023 15:13:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694336829.074221,VS0,VE0
etag
"f7cc4f6d837535cfe5c09f38624a17a0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
30
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
35744
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A07%3A09.051&id=9610&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1694336829058%7D&tim=11%3A07%3A09.058&id=866&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A07%3A09.060&id=703&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10637&tvi50=9563&lti=deflated&ri=739b4842dd34560e2f78bb29bab9f94f&sd=v2_06143c1777f4e611437ee1afc67487ce_a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc_1694336828_1694336828_CNawjgYQ2YJdGKOG4fKnMSABKAEwKziy0A1AzYgQSMa95ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc&pi=/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&wi=-3255235222888934450&pt=text&vi=1694336828195&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1694336829061%7D&tim=11%3A07%3A09.061&id=7937&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
onetag-sys.com/usync/ Frame 5341 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
moxplayer.css
ad.vidverto.io/js/moxplayer/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-cbf7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 10 Sep 2023 10:07:09 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9848fd9c8e8d1002001cd245c2218c1c51d6e0aa9f543a0163e19bf6899af172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126091
x-xss-protection
0
expires
Sun, 10 Sep 2023 09:07:09 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 10 Sep 2023 10:07:09 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 17:10:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6442c381-edf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 10 Sep 2023 10:07:09 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?08092023
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dae0b88c1732815e47cb0d2d0d7e270b9225d316216ee4ba20ab74eea6d8525c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
last-modified
Fri, 08 Sep 2023 10:57:53 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fafe31-15d8c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 10 Sep 2023 10:07:09 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 10 Sep 2023 10:07:09 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		280 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
last-modified
Thu, 07 Sep 2023 17:02:00 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fa0208-461ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 10 Sep 2023 10:07:09 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D2c781e3a-1878-4a1c-852d-0bb1d796d868%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=2c781e3a-1878-4a1c-852d-0bb1d796d868&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=2c781e3a-1878-4a1c-852d-0bb1d796d868&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=2c781e3a-1878-4a1c-852d-0bb1d796d868&p_id=23
date
Sun, 10 Sep 2023 09:07:09 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=2c781e3a-1878-4a1c-852d-0bb1d796d868&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=2c781e3a-1878-4a1c-852d-0bb1d796d868&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=50f1e3a5-b9bf-54fd-96db-4a6ef226cd51&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&p_id=15
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&p_id=15
date
Sun, 10 Sep 2023 09:07:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
googleanalytics.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:46 GMT
age
400823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"13417016125ec007"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:46 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29775
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Sep 2023 00:50:54 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pM4vTRCeNV5%2Fh6eLvL85OXo%2F5wQyiSmOZMFExIYnDfbVgIr1szeuVpr5ij%2BVV2YEZ6QLno8V%2BG4jvVT6KiZJLj%2Fxv8shIRA%2FBiIdV%2BJy1KhDLfTZDHG8HHX8l5ZTCRnZPO7u1no4L1gyJz%2F1BdFKWm8iAJrMOR0o5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
804684de68a91945-FRA
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Sun, 17 Sep 2023 09:07:09 GMT
gtag.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:34 GMT
age
400835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"2053776e7f80c73d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:34 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 08:54:37 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
j7IZ7ZK04M7INbU3QMSRoOwyxEsxWuXZoNfILaSEuh0aI2WbQTUxJg==
container.html
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C97B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:08 GMT
expires
Mon, 09 Sep 2024 09:07:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
992b14ef94076c8f6edb6894df583474.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/992b14ef94076c8f6edb6894df583474.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e953f7d5f73363f5d985130f70df726754d7ce828431b251e12f18a176d3bb0b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 10 Sep 2023 09:07:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/992b14ef94076c8f6edb6894df583474.jpg
age
926137
edge-cache-tag
454008108839939472705823423436305072957,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
454008108839939472705823423436305072957,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
344
req-referer
https://www.ndtv.com/
content-length
4446
x-request-id
8ef218a32cdd51f4409a8dc8c9cc47c4
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000130-IAD, cache-iad-kiad7000065-IAD, cache-sna10750-LGB, cache-iad-kiad7000077-IAD, cache-fra-eddf8230076-FRA
last-modified
Wed, 30 Aug 2023 12:20:32 GMT
server
nginx
x-timer
S1694336829.200147,VS0,VE1
etag
"0e1bda2825b0d8095bb43992e63931f5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 1
1b32c73a351b5cb751060ef77359de5f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b32c73a351b5cb751060ef77359de5f.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
65db371eef1d8e5fe5b84b0e9e66a1f6cb3c321570e788d23c04bb93821436a1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 10 Sep 2023 09:07:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b32c73a351b5cb751060ef77359de5f.png
age
598116
edge-cache-tag
490095130978201209803165851767913317923,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
490095130978201209803165851767913317923,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
417
req-referer
https://willibehappy.com/
content-length
2894
x-request-id
e68ebce02c05354eafa6ddbc4f1ede68
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100132-IAD, cache-iad-kcgs7200146-IAD, cache-ewr18152-EWR, cache-iad-kiad7000023-IAD, cache-fra-eddf8230076-FRA
last-modified
Thu, 24 Aug 2023 05:14:20 GMT
server
nginx
x-timer
S1694336829.200126,VS0,VE1
etag
"403ce3de377696eb3ccf3508af6a0aba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
5bed6d75ca0c7b8007f72f73ac5f5451.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de956ad6152a1716629f73c381859f25219c49dac0845823d62ea7756bd845a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 10 Sep 2023 09:07:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
age
3882568
edge-cache-tag
608330632766545199157274674631276038268,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
608330632766545199157274674631276038268,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
159
req-referer
https://nghethanhca.com/
content-length
6148
x-request-id
39abf779c42f64cb64570b589cefa1b7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100054-IAD, cache-iad-kjyo7100172-IAD, cache-chi-kigq8000163-CHI, cache-iad-kiad7000150-IAD, cache-fra-eddf8230076-FRA
last-modified
Sun, 16 Jul 2023 02:10:20 GMT
server
nginx
x-timer
S1694336829.237716,VS0,VE1
etag
"b0a8795c0817f0771fa8ad4aeb4364d4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 3, 1
css2
fonts.googleapis.com/ Frame C97B 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
URL: https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Sep 2023 08:40:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Sep 2023 09:07:09 GMT
css
fonts.googleapis.com/ Frame 66C5 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Sep 2023 08:33:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Sep 2023 09:07:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 66C5 		2 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
6511
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Sep 2023 07:18:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 66C5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
6511
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Sep 2023 07:18:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DB42 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2606
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 08:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 66C5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 16:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
61081
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 16:09:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 28C0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
78790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Sun, 10 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 66C5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
9648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Sep 2023 06:26:21 GMT
l
www.google.com/ads/measurement/ Frame 66C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtA9swv-CduBqRSxAWxwGYXxPpXq9f9rf_Htk_I1HQhfqNz_oQXARa-vLtNmMq1Mch75b6FmZE0ZVIC-XNRKiguVEKwQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 66C5 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:09 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 66C5 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 15:57:15 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame C97B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
URL: https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 14:08:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
68320
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 14:08:29 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C97B 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
URL: https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:44:34 GMT
x-content-type-options
nosniff
age
55355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 08 Sep 2024 17:44:34 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C97B 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
URL: https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 21:04:39 GMT
x-content-type-options
nosniff
age
302550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 05 Sep 2024 21:04:39 GMT
st
imprammp.taboola.com/ Frame EFDA 		439 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&cmcv=&pix=undefined&cb=1694336829345&uv=3335&tms=1694336829345&abt=nonrv_vA!pl1549_vB!ufm_vD!ufrlt_vA!ul3335_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2ab1f621-a5f4-445b-a53b-3a4bffc8d040&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
56c10097fbdf6119a15a1a61cd031c1741b16e5cb89d128af0b1f86033645396

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 10 Sep 2023 09:07:09 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230076-FRA
x-timer
S1694336830.822593,VS0,VE9
sync
am-match.taboola.com/ Frame 1A44 		577 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4a81bd686b444625c86e46d421e09d91e9f5245961adbe780c9195a19d6ccab2

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 10 Sep 2023 09:07:09 GMT
machineid
3401
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694336829350&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1548&pt=644232540&tz=120&viewable=true&ddast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!pl1549_vB!ufm_vD!ufrlt_vA!ul3335_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1401
x-cache
MISS
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
nginx
x-timer
S1694336829.385178,VS0,VE45
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&cmcv=&pix=31589837&cb=1694336829345&uv=3335&tms=1694336829345&abt=nonrv_vA!pl1549_vB!ufm_vD!ufrlt_vA!ul3335_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1694336825598.5!ts:1694336829345&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-length
0
server
nginx
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 1209 		572 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
29883e144485d6042b45dbbede91ae6af9972a259cc6b546d52b27fdcbadb25c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
376
content-type
text/html
date
Sun, 10 Sep 2023 09:07:09 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C2BE 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
159b8e04385dc86ad47c0d413ca69e46eb6225c3a79aae9c97c74ba266a13279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7899
x-xss-protection
0
server
cafe
etag
9610449228187561339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:09 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9xdWFuLWxpYW4tdGlhbi1kaWFuLXpoZW5nLWhhbmctemh1YW4tamlhLWppdS1uZ3FpYW4tM21pbmctZ3Vhbi1qdW4tMXRpYW4tY2hpLTFwaWFuLWppdS1taWFuLWxpYW5nLWxhLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04MDI3MDgwMi1iMzAwLTRlY2EtOTU2YS0zM2RkNzQ4MDBlNDEiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNTk4NWYwNzgtYzI2ZS00MjgxLTkxMDktOWM5YjYxZGE3ZjI4IiwidGltZU9mQXVjdGlvbiI6MTY5NDMzNjgyODg5NywiYmlkcyI6W3siY3BtIjowLjA0LCJhZElkIjoiNzU4ZDAwOWY5OGU5NGM0Iiwib3JpZ2luYWxDcG0iOjAuMDQsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwNCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzYxLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDMzNjgyOTI2OH0seyJjcG0iOjAuMjQxMzgyMzAwODUzNzI5MjUsImFkSWQiOiI3OTVmNDg3YmEwNDI4OGUiLCJvcmlnaW5hbENwbSI6MC4yNDEzODIzMDA4NTM3MjkyNSwiYmlkZGVyIjoiY3JpdGVvIiwicmV2ZW51ZSI6MC4wMDAyNDEzODIzMDA4NTM3MjkyNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzcxLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDMzNjgyOTI3Nn0seyJjcG0iOjAuMDYsImFkSWQiOiI4MDkwN2I2ZWM4ZTljYmIiLCJvcmlnaW5hbENwbSI6MC4wNiwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDU5OTk5OTk5OTk5OTk5OTk1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NDAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MzM2ODI5MzU0fSx7ImNwbSI6MC4wMjM0ODU1MDAwMDAwMDAwMDMsImFkSWQiOiI4M2NmM2I5ZjNjNDVlZWQiLCJvcmlnaW5hbENwbSI6MC4wMjc2MzAwMDAwMDAwMDAwMDIsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDAyMzQ4NTUwMDAwMDAwMDAwNCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDU2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDMzNjgyOTM4MX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJjcml0ZW8iLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc5NWY0ODdiYTA0Mjg4ZSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAyNDEzODIzMDA4NTM3MjkyNX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNTk4NWYwNzgtYzI2ZS00MjgxLTkxMDktOWM5YjYxZGE3ZjI4IiwidGltZU9mQXVjdGlvbiI6MTY5NDMzNjgyODg5NywiYmlkcyI6W3siY3BtIjowLjA0LCJhZElkIjoiNzZkY2FiMmYyYWI1ZmFhIiwib3JpZ2luYWxDcG0iOjAuMDQsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwNCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzYyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDMzNjgyOTI2OX0seyJjcG0iOjAuMDQsImFkSWQiOiI3NzI0MmVmMmViMGFkNTciLCJvcmlnaW5hbENwbSI6MC4wNCwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNjMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MzM2ODI5MjcwfSx7ImNwbSI6MC40NTA2NDY3ODc4ODE4NTEyLCJhZElkIjoiNzhhYjQ3OGFhNzg0NTY1Iiwib3JpZ2luYWxDcG0iOjAuNDUwNjQ2Nzg3ODgxODUxMiwiYmlkZGVyIjoiY3JpdGVvIiwicmV2ZW51ZSI6MC4wMDA0NTA2NDY3ODc4ODE4NTEyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNzAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MzM2ODI5Mjc1fSx7ImNwbSI6MC4wMywiYWRJZCI6IjgxM2U3ODhiZTI5N2YyNiIsIm9yaWdpbmFsQ3BtIjowLjAzLCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ0MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQzMzY4MjkzNTR9LHsiY3BtIjowLjAzMjY2NTUwMDAwMDAwMDAxLCJhZElkIjoiODI3OWFkZDIxYjliMDE0Iiwib3JpZ2luYWxDcG0iOjAuMDM4NDMwMDAwMDAwMDAwMDA2LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMzI2NjU1MDAwMDAwMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDU2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDMzNjgyOTM4MX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJjcml0ZW8iLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc4YWI0NzhhYTc4NDU2NSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDA0NTA2NDY3ODc4ODE4NTEyfV0sImNvdW50cnkiOiJDSCJ9&c_b=3787.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 7D58 		714 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
1827
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
804684e249bc9b67-FRA
content-encoding
br
content-type
text/html
date
Sun, 10 Sep 2023 09:07:09 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3KYVr87POKzjblaC3WE4Acsf1%2FESWBwx%2F9Z2%2FG6U1C6mplgcxZO2ucKJ7TPsvcwVI1mcZJYA%2FTGWxRJUmKTnDgA00HZWmMLYxHJLSYTeTSHpBNJK0AAy7YU8YZNT6OMs3%2F3FBIyPm4uMSC0VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CDDF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Sep 2023 09:07:10 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 10 Sep 2023 09:07:09 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/88f0f25e-2902-3538-a19b-e07f667d4a73?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-gmRi93hE2oWxNqlP02DRkevB0cJf_aBxtHIh9IQ-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-gmRi93hE2oWxNqlP02DRkevB0cJf_aBxtHIh9IQ-~A&redirect=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

date
Sun, 10 Sep 2023 09:07:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-gmRi93hE2oWxNqlP02DRkevB0cJf_aBxtHIh9IQ-~A&redirect=
content-length
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3666 		714 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
1827
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
804684e249c09b67-FRA
content-encoding
br
content-type
text/html
date
Sun, 10 Sep 2023 09:07:09 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoLRNEDdLGMXhOsLR7qMtrbIofvF0JCcu4RKDtSY0eA4SipWFODlp0fPNmuvPpw1hTLgtaxBSPG%2BZKD7VMnDJFo5IbJf02zur5hoDLVyu9uIxRKO1i61%2Frol%2BinlCb7bz7xqasAfRTDh1dppWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 98A9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Sep 2023 09:07:10 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 10 Sep 2023 09:07:09 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 42AD 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46889a926383b633648847c58220b65ea7517f8fe7eae6a4bf2c2f58ec10a80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7891
x-xss-protection
0
server
cafe
etag
17544564424973009614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:09 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2751421224017173&correlator=3337094626521771&eid=31076399%2C31076480%2C31077748%2C31077684%2C31077700%2C20222283&output=ldjh&gdfp_req=1&vrg=202309060101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&arp=1&abxe=1&dt=1694336829446&lmt=1694329629&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=743386227.1694336828&ga_sid=1694336828&ga_hid=658876816&ga_fc=false&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&dlt=1694336827572&idt=633&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.45%26hb_ap_adid%3D78ab478aa784565%26hb_ap_bidder%3Dcriteo%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3805778231&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fa543258b5cab4d772db526de40595049c0c46c1757253e9a7eb93f42230cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11951
x-xss-protection
0
google-lineitem-id
5221733927
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440838554
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2751421224017173&correlator=3337094626521771&eid=31076399%2C31076480%2C31077748%2C31077684%2C31077700%2C20222283&output=ldjh&gdfp_req=1&vrg=202309060101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&arp=1&abxe=1&dt=1694336829448&lmt=1694329629&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=743386227.1694336828&ga_sid=1694336828&ga_hid=658876816&ga_fc=false&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&dlt=1694336827572&idt=633&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.24%26hb_ap_adid%3D795f487ba04288e%26hb_ap_bidder%3Dcriteo%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d3c90ee51bb9d9d2c9642c0fac6c5243d3375db196b203236cc4fe071ddce75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11952
x-xss-protection
0
google-lineitem-id
5221339639
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294466147
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
357 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5498&cid=amp-Yw_54eXGiDXmm8WBMub-2g&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dr=&dt=%E5%85%A8%E8%81%AF%E7%94%9C%E9%BB%9E%E6%AD%A3%E5%A4%AF%EF%BC%81%E5%B0%88%E5%AE%B6%E6%8F%AA%E3%80%8CNG%E5%89%8D3%E5%90%8D%E3%80%8D%20%E5%86%A0%E8%BB%8D1%E5%A4%A9%E5%90%831%E7%89%87%E5%B0%B1%E5%85%8D%E9%A9%9A%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1694336829&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-Yw_54eXGiDXmm8WBMub-2g&aip=1&sid=1694336829&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_3_5/infra/ 		881 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_5/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fee6798a9695f7027c1b72061c51d6a16ccf853b8521fd58021ad73999ffd8d1

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1694329743
date
Sun, 10 Sep 2023 09:07:09 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
1W9ACQPGHZ7AVEJK
age
6951
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1694329744
x-amz-meta-mode
33188
content-length
147187
x-amz-id-2
HkFLc+nkdVADWp/y+RCXVD/UhxmBBNlf1tSOrYCkQxKScJqzSBBUQXWjHkQ1RCInqYOJUEsRbU4=
x-served-by
cache-fra-eddf8230081-FRA
last-modified
Sun, 10 Sep 2023 07:09:05 GMT
server
AmazonS3-br
x-timer
S1694336830.835577,VS0,VE0
etag
"3849efd1878f1d4c34abd8f67ca9adb7"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
2336
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_5/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_5/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1694329761
date
Sun, 10 Sep 2023 09:07:09 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
1W9EFF2QSCQ106TS
age
6951
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1694329761
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
Az2EYERF/b8xFq5wlnox81jxrpg5yzJ/lUGIQMtCepJtzTwkutMmAych5UDtVIN3aRc91TGHgIo=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Sun, 10 Sep 2023 07:09:22 GMT
server
AmazonS3-br
x-timer
S1694336830.833531,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
3178
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 42AD 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46aa1e15fccfbf3afa562e18a264bcf1214f73f3b815d26b2ec1ceb2f8693b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50439
x-xss-protection
0
server
cafe
etag
11746668519618817056
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C2BE 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e57486336f055902979d429591bd46371c9dd5e517b7fb54433aba7fe362efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50426
x-xss-protection
0
server
cafe
etag
4473198724038933493
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:09 GMT
pixel;r=192157406;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html;uh=e51ed67dfb8d...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=192157406;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-908569280-1694336829123;pbc=40f4220c-e677-441d-92bf-5d854201e8a0;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694336829834;tzo=-120;ogl=;ses=35fe0e0d-5a90-4c52-9db5-e82a7a4ff26c;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3666 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2226a64b4b0d5564f70e72fd278374dac255a891f12b42f3c11fe9db2f205a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28951
x-xss-protection
0
server
cafe
etag
245 / 19610 / 31077683 / config-hash: 18345592501010170579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7D58 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40c4db9b00d1892fdeb1cc4a68fd7d97e280f2b82cee1bc9dda0c6ac0a2a13ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28946
x-xss-protection
0
server
cafe
etag
514 / 19610 / m202309050101 / config-hash: 18345592501010170579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 739F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvCT09srdV2fq4SwuBJuor0ZfdeDSd1NDbjNrBI6J9b_liR8PYJ4jFzgaSb2xioOGb8kVqJqcXQEiAeXsUwyZPfvkDNwMy_iyG8WvstwTJ_Iq6DPkIomHrUDLGzAwU_-XVrcKXmApceyKW5LKbMxHmZay1HpLfv_RjuZ0cFZU16m3un8lA_6fd4-3yF1-q7WkjKsaOPnsuZZwX16GW0OSAwbRIcMudy-EozY523B-0CkkkAy4zbGjoFpyRz_EsAxjUDHJULEeqGZTL_dIVUt6VpnifqG8R2VCuZ9mZAGgtJlhjsvwdz_JWXlUSEtb29aze&sai=AMfl-YQUnuyNfta-iG-EvyZbWutkffgtgJeDRi5fcwaqf0EHi6fTFyILpNM2rWWa-kxECWiei_x4Jq7fajPJYWr_O4BMiaQU6ctY1C9phTwbZxVGSY-Jn08-Bzz2LUJHPg&sig=Cg0ArKJSzEabW-TS1pkCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:b58:f655:b2f0:bc51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
afr.php
ads.eu.criteo.com/delivery/r/ Frame 30B9 		148 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b17ec7183847fbdeca53470457b665ccf9994bc3ba80060f9075eecfecc4f1a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:08 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=X2nqHIilo0KlerMX4rrM85WnmpbqGW1YvkThTq_-VHehKfqhIdn76aHlneN0lTg-LQS3Te08_zxrfXpTjPppvI7gFWpINcXwFIUzbKWimtOJu3y-PtUpthGO-AfwclfzIX8T8SL2SChJjshzxZffI5-KbQFIljlv-97NR9g3aPDUgqkwJIg-1qDtktcTmJnty58SANphMj2DIqNZJGRbz93TDC-HNwsim9lyV6oYglho60qvJVAVyfEjWVZLbwFVGxdLNA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
49197796
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 739F 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:09 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9xdWFuLWxpYW4tdGlhbi1kaWFuLXpoZW5nLWhhbmctemh1YW4tamlhLWppdS1uZ3FpYW4tM21pbmctZ3Vhbi1qdW4tMXRpYW4tY2hpLTFwaWFuLWppdS1taWFuLWxpYW5nLWxhLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04MDI3MDgwMi1iMzAwLTRlY2EtOTU2YS0zM2RkNzQ4MDBlNDEiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJjcml0ZW8iLCJyZXZlbnVlIjowLjAwMDI0MTM4MjMwMDg1MzcyOTI1LCJyZXNwb25zZVRpbWUiOjM3MSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiY3JpdGVvIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAyNDEzODIzMDA4NTM3MjkyNSwid2lubmVyQWRVbml0SWQiOiI3OTVmNDg3YmEwNDI4OGUiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzUsM10sInNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6Ijk3MHg5MCIsInByZWJpZEF1Y3Rpb25JZCI6IjU5ODVmMDc4LWMyNmUtNDI4MS05MTA5LTljOWI2MWRhN2YyOCIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4255.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
tpd
cat.nl3.eu.criteo.com/ Frame 739F 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=vOlXMF83bUNkdGNLSzlXVk1NVmE2ZDVncWRyZlRaJTJGR2lzOFdpczR1VCUyRiUyQlR3bVpTYlpxVHNaZWdQWTdJVE9PTjBaTU9wOWpJYm9VRDRYRURMbENHVndFYW45OW5LZG1sWkdCbXAlMkJDTkV4ayUyRm1FYk1RdGt5WUhtYkJGTnYwaHR3WVZ1cmt5d3ByT3hJbjY0UXAyNTRGNDBUTFhwMkt4MzVobE9vTkJyQjlTNjdVNXdjYnNrakM4OG1saThIQm5Ta2lJYUM2UmJpMlRQOWRwQ2RTa1pBdXo5Q2tBSldrbUN0cldSQzYwTEtQVTc0UmtWY2RBMXExaGttWHIlMkZENFBnYkkzN0tnRjV5WHhjNEQ1VldGNW9ObXBDRHUwY2twMWxSJTJGeTFVb2xpV2huTzdFb3FPUXVYWEFDNmxoUXpEdjYlMkZDQ2hHJTJGZ0t3NVBjN2tIY2Vnd3RiMjROdWhCUEpsa0pKc2NLTEZUbnRvNzltcURSUWdsJTJGSFVSU3Z0NHZGQnI4S01jUjhOZ0VsVnVKT25FMEcxJTJGSkhPYjFWVTA1Smd5eEZxTDhUVGJNTW8lMkZpSjJuU01tb2ZCbVM2RzNHTU5PYjc5MTklMkZtVzVRNWM3Z3gyV3dqbmJaMUhJMjFjRkVkS1NxZGVabGphUU9HcDhrdGdldUgwcUdvZDY1anNNRWMxN1FxRzVkS2Y4cm9iQTBjYzNjN25oTFo5cm9MckFkdyUzRCUzRA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
217125
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
generic
match.adsrvr.org/track/cmf/ Frame EFDA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&cmcv=&pix=undefined&cb=1694336829345&uv=3335&tms=1694336829345&abt=nonrv_vA!pl1549_vB!ufm_vD!ufrlt_vA!ul3335_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2ab1f621-a5f4-445b-a53b-3a4bffc8d040&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc
pr-bh.ybp.yahoo.com/sync/taboola/ Frame EFDA 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&cmcv=&pix=undefined&cb=1694336829345&uv=3335&tms=1694336829345&abt=nonrv_vA!pl1549_vB!ufm_vD!ufrlt_vA!ul3335_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2ab1f621-a5f4-445b-a53b-3a4bffc8d040&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:e201:bdb5:e43c:2ec Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame EFDA 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&cmcv=&pix=undefined&cb=1694336829345&uv=3335&tms=1694336829345&abt=nonrv_vA!pl1549_vB!ufm_vD!ufrlt_vA!ul3335_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=2ab1f621-a5f4-445b-a53b-3a4bffc8d040&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10637&tvi50=9563&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
77
date
Sun, 10 Sep 2023 09:07:10 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59096
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
nginx
x-timer
S1694336830.966986,VS0,VE77
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 10 Sep 2023 10:07:09 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.588.0_en.html
imasdk.googleapis.com/js/core/ Frame 0050 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
480694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236614
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:35:35 GMT
expires
Tue, 03 Sep 2024 19:35:35 GMT
last-modified
Mon, 04 Sep 2023 19:31:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 09:07:10 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1B51 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 08:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:26:08 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=BNJ20yYl5BbcLTJ9tgAvbshGEjhEawXEBWGF8egOjvfNmvqmPcjIa8wTqjTPVTRjuNMk7cDMBKxwtL9zJct%2B40m1mIzrD0Dggd%2FFUlv1pkd0Nz88cLt5mRJOTKXutualWmnuljxJafM6lFtNhd%2FhX14aKHssRQGtqZ21m51zXFyd9%2FwmfTFJofQIUzwEaQcKyFFaztLgGX97nqXO5t9uW5hJNRqQp3HeUaUUau4FTUWQaxaucE0J57xwys1DehmVQ%2FQ2uMKvud%2Fgr%2BLOE5SPhDdnR5hndLYq96jCUyWE4Iwl%2FroiOXreRCJ2DRMlxfpzvDz%2Fm2M13lOf4NXlEiYh2%2Byof626k9avmuF%2BmPqoWbgPrIRo2hkaA1iLNvoc07urUoBWWcfFl6OO76eKDBo%2BicLnqUkeI0nLWT7CHtQ0ZvViCCy0YjmpNE1vfz4mXv6tWG2MOZiNWtuDOz8J%2BVN%2FoN2IdcAwQQKybzQzhyySLgpE%2Fm5jnLK3%2Fa2QmUD9Ou6N4hlxobJRu03Czb93QcCIVz65YF2AtlY1qBqwpwvPUNME6QSz%2FTVfN5Frdo2UDHgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sd
eu-u.openx.net/w/1.0/ Frame 1209
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6691273950527159550
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6691273950527159550
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6691273950527159550
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1209
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=86128798-bca4-c86c-2b2a-ec6fca5a766a
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=86128798-bca4-c86c-2b2a-ec6fca5a766a&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=86128798-bca4-c86c-2b2a-ec6fca5a766a&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
91ETMX2Q5WRSJAJB6NG6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C6HBKJT2HXTRP56D1BY2
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=86128798-bca4-c86c-2b2a-ec6fca5a766a&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 1209 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=dec4fbe5-a00e-7396-eb24-6ef8a269bd8a&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1209 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjJhYjI4MmYtNjk3OS0yZDMyLWZlYzQtMzQ0MTY4OGI3M2Vh
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1209
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2M1fWpnFqOBwWcdp8wFsQ&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2M1fWpnFqOBwWcdp8wFsQ&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2M1fWpnFqOBwWcdp8wFsQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1A44 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 1A44
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iO_7fPhE2oS2Nows.e7EV8ufDwE8KV6KkvgI3Q--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iO_7fPhE2oS2Nows.e7EV8ufDwE8KV6KkvgI3Q--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32308

Redirect headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iO_7fPhE2oS2Nows.e7EV8ufDwE8KV6KkvgI3Q--~A
content-length
0
dpixel
cms.quantserve.com/ Frame 28C0 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMtFMxaH5BaCbze0ALYgFxw&google_cver=1&google_push=AXcoOmQiXgHWIpU9DzNZErVbD055tUDKxVE5UeEsZDqDV39TKVs_ReZtJOTn_Lae9x5E4eOHw60OOi0WqOGvsKt9SzHDAssmgOCzmQ
Requested by
Host: f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
URL: https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 28C0
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEAiUlYP3S73d9UGs4WkyxFI&c_param1=AXcoOmRdNjxkgMsfZiZQzF9uRJEyx3GsZ6z53qF57f2WpRiquLMU1R3b0qnXQNQKGaCZ8vYPVlX2EGTwcFfmEIQG2bFwQm_V8OgmsA&gdpr=%%GDPR%...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRdNjxkgMsfZiZQzF9uRJEyx3GsZ6z53qF57f2WpRiquLMU1R3b0qnXQNQKGaCZ8vYPVlX2EGTwcFfmEIQG2bFwQm_V8OgmsA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRdNjxkgMsfZiZQzF9uRJEyx3GsZ6z53qF57f2WpRiquLMU1R3b0qnXQNQKGaCZ8vYPVlX2EGTwcFfmEIQG2bFwQm_V8OgmsA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRdNjxkgMsfZiZQzF9uRJEyx3GsZ6z53qF57f2WpRiquLMU1R3b0qnXQNQKGaCZ8vYPVlX2EGTwcFfmEIQG2bFwQm_V8OgmsA
date
Sun, 10 Sep 2023 09:07:10 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 28C0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEH1MCHtHgGSNVod9Mkb-KOI&google_cver=1&google_push=AXcoOmRuY8ZYhKFyJACf38nD6QWDWJ-oHOUwooqbik5a8L5-G25fkcEMltC5rNqaTWPZ6ru4ZJ6TaLWIo_Zwqgf...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=oTH_VbrlVgVmDbqD-xfSKS0M3qs&google_push=AXcoOmRuY8ZYhKFyJACf38nD6QWDWJ-oHOUwooqbik5a8L5-G25fkcEMltC5rNqaTWPZ6ru4ZJ6TaLWIo_Zwqg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=oTH_VbrlVgVmDbqD-xfSKS0M3qs&google_push=AXcoOmRuY8ZYhKFyJACf38nD6QWDWJ-oHOUwooqbik5a8L5-G25fkcEMltC5rNqaTWPZ6ru4ZJ6TaLWIo_ZwqgfYnNJ7AdigQ97E9w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=oTH_VbrlVgVmDbqD-xfSKS0M3qs&google_push=AXcoOmRuY8ZYhKFyJACf38nD6QWDWJ-oHOUwooqbik5a8L5-G25fkcEMltC5rNqaTWPZ6ru4ZJ6TaLWIo_ZwqgfYnNJ7AdigQ97E9w
Date
Sun, 10 Sep 2023 09:07:10 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 28C0
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEC2tM7l0xw7YWVE5yYuPZQA&google_cver=1&google_push=AXcoOmQtm8cdQOk-LweYrkATj1SL3rJM1P1zjX4siEuv2Ntor4YgPTRmjeXwwF5EmO9KBdJfrKzMlN...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQtm8cdQOk-LweYrkATj1SL3rJM1P1zjX4siEuv2Ntor4YgPTRmjeXwwF5EmO9KBdJfrKzMlNO-HeTjFJmSOu_FkwnyH1Ou5g&google_hm=Njk1ODU2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQtm8cdQOk-LweYrkATj1SL3rJM1P1zjX4siEuv2Ntor4YgPTRmjeXwwF5EmO9KBdJfrKzMlNO-HeTjFJmSOu_FkwnyH1Ou5g&google_hm=Njk1ODU2Mzk3NDYxMjgyMDk0NQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQtm8cdQOk-LweYrkATj1SL3rJM1P1zjX4siEuv2Ntor4YgPTRmjeXwwF5EmO9KBdJfrKzMlNO-HeTjFJmSOu_FkwnyH1Ou5g&google_hm=Njk1ODU2Mzk3NDYxMjgyMDk0NQ%3D%3D
date
Sun, 10 Sep 2023 09:07:09 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 28C0
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECrP1MVR6n53mdyY0-lDnQw&google_cver=1&google_push=AXcoOmT0kcRQrd8fwHFsrgXc0tnnq3Oz6zDT8isvh_7lvU_V3irGF05Z8...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmT0kcRQrd8fwHFsrgXc0tnnq3Oz6zDT8isvh_7lvU_V3irGF05Z87yozDYjv1iOd3bwm31ESsAoO-LHo3CYoYVka46thvwH6-Q&google_hm=QlMuNjQwNi1lZTI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmT0kcRQrd8fwHFsrgXc0tnnq3Oz6zDT8isvh_7lvU_V3irGF05Z87yozDYjv1iOd3bwm31ESsAoO-LHo3CYoYVka46thvwH6-Q&google_hm=QlMuNjQwNi1lZTIzLTQ1NjEtYmMzMg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmT0kcRQrd8fwHFsrgXc0tnnq3Oz6zDT8isvh_7lvU_V3irGF05Z87yozDYjv1iOd3bwm31ESsAoO-LHo3CYoYVka46thvwH6-Q&google_hm=QlMuNjQwNi1lZTIzLTQ1NjEtYmMzMg==
Date
Sun, 10 Sep 2023 09:07:10 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 28C0
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECLaO1sROpe-rYCgbxXE9cw&google_cver=1&google_push=AXcoOmQjH4kbeLIH8QK0NLyhaX7HPqjtDP9Adcf7IHhrapP-DSb0khw4nVODSB_68LzMsIvyHeL5NKJIoYPmylboM5QnClP...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQjH4kbeLIH8QK0NLyhaX7HPqjtDP9Adcf7IHhrapP-DSb0khw4nVODSB_68LzMsIvyHeL5NKJIoYPmylboM5QnClPGPuoV2g&google_hm=NDQ2MzAyN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQjH4kbeLIH8QK0NLyhaX7HPqjtDP9Adcf7IHhrapP-DSb0khw4nVODSB_68LzMsIvyHeL5NKJIoYPmylboM5QnClPGPuoV2g&google_hm=NDQ2MzAyNTg1NzM2ODc2NjQ4MQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQjH4kbeLIH8QK0NLyhaX7HPqjtDP9Adcf7IHhrapP-DSb0khw4nVODSB_68LzMsIvyHeL5NKJIoYPmylboM5QnClPGPuoV2g&google_hm=NDQ2MzAyNTg1NzM2ODc2NjQ4MQ==
Date
Sun, 10 Sep 2023 09:07:10 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
google
sync-dmp.aura-dsp.com/match/ Frame 28C0 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 28C0 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBn7Bwz2tZ_OWoPmrJKX7zUufVEdfYdPPuuQ0MKAGzPhcyTZvgqVr46taHuaeGq2RoYLOz3Ruv
Requested by
Host: f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
URL: https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
480_650.mp4
cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/ 		1020 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 10 Sep 2023 09:07:10 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
L2EvcXVhbi1saWFuLXRpYW4tZGlhbi16aGVuZy1oYW5nLXpodWFuLWppYS1qaXUtbmdxaWFuLTNtaW5nLWd1YW4tanVuLTF0aWFuLWNoaS0xcGlhbi1qaXUtbWlhbi1saWFuZy1sYS5odG1s.json
cdn.adpushup.com/42753/ 		555 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvcXVhbi1saWFuLXRpYW4tZGlhbi16aGVuZy1oYW5nLXpodWFuLWppYS1qaXUtbmdxaWFuLTNtaW5nLWd1YW4tanVuLTF0aWFuLWNoaS0xcGlhbi1qaXUtbWlhbi1saWFuZy1sYS5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Sun, 10 Sep 2023 09:07:10 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=6, origin; dur=372, ak_p; desc="1694336830062_34831752_793192845_37682_1145_31_0_219";dur=1
content-length
555
expires
Sun, 10 Sep 2023 10:07:10 GMT
usync.html
eus.rubiconproject.com/ Frame B92A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Sep 2023 09:07:10 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 739F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ14_5lEaBsytIs5O5YW4tdYpAWP0VZQ1SwLAze5o9dNOiAaUIdQOgawYW8hUewXtqqHbpmeuZgoJ0K_xKf2BePHCujm13SxpO_mYU5NphUzVBc6_-m5tqqw9Jx2UBbs7ETMpLRZbCKkqUB_JD6DXYl0YtQAwgYUOr0iTa0m-NNovTx8IPKybqX20BNt6-kNIOso5LN2A1lCJ2gZ4aPVL4JUOyo7fJEx6mq7tvuy-IxI-bbt8gqKyWJsY4loe74-ghjM6I0qLRxoonJa7Z9nxsFUw9ZujQpXN8Ua3Dj7xocojo4xKxSkadYXvkUN54tDZKJHk&sai=AMfl-YR1ogLbBUDk7eBN3zYsJvyZrY75xYY_mbQl0Q2vnDghr6B-4Gia7kdTtvw3Yn_nmLoiqbBEfVaorToa1MI-x3WGjuw75M2PsbBeL3-eTIlTnSA3EmRQw44hSpWSDA&sig=Cg0ArKJSzG1CQG6RhMMBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Sep 2023 09:07:10 GMT
truncated
/ Frame 739F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859d69b85f5ba6498d697961105bbb1b94bac8665274b47aff716da5f6d14590

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
2111698
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1694336830.204539,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
146320
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/ 		448 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693904460
date
Sun, 10 Sep 2023 09:07:10 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HYK8AJ9H52WB6KA4
age
432321
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693904472
x-amz-meta-mode
33188
content-length
86274
x-amz-id-2
t1lNyGed3NAQ57eXbmNV3qVCMiGjwwYQ92oCZvFfitu9WKbobo/2tqpNuGO2BTlGE6TqMOiZWNA=
x-served-by
cache-fra-eddf8230081-FRA
last-modified
Tue, 05 Sep 2023 09:01:13 GMT
server
AmazonS3-br
x-timer
S1694336830.245710,VS0,VE0
etag
"e792bcdfdedece52c8d382e55db7d6bd"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
425763
sync
am-match.taboola.com/ Frame A42F 		422 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_5/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
85a515e074b3031bd2246672472e9ba9a210444b7e9369c62d7a1ca57ade1f91

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 10 Sep 2023 09:07:10 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&cmcv=&pix=31579697&cb=1694336830224&uv=3335&tms=1694336830224&su=3&abt=nonrv_vA!pl1549_vB!ufm_vG!ufrlt_vA!ul3335_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-length
0
server
nginx
privacy_small.svg
static.criteo.net/flash/icon/ Frame 30B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:10 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 30B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 30B9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 04 Sep 2024 09:07:10 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 30B9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 04 Sep 2024 09:07:10 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 30B9 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HVG04F68Y8ROU4eA4dlK6OEkseeTK77IaE1SZSSFVuVLBCU2sFcMwQnn3Mu8uIkHaI6BErQNSLtaQ7j-i8BE7DahNrLDx6ouum6hF23uPYJBwBNpB8-BuEyS21JeHQA_IHQo9peruGFbzlBpL5GaNuss7Q_zOcDj8Ih_bxdWa-Mz_yvdrBBklziijCLzvSZKWEaJNqKNFZ2EQZ8ZNyphlhOEA6QMQeHh6hpsc6-_IQKI35YJDdbJmRNvqtK0qXBCv9u9wLn39OcMjKKe4lBw6Dxz4n8tvd0m5zOx9JdUZqZBhtl1DMkYcm0MluXmifwJ1b3Tc71A5I6PSeGpP7dqNhTR_0nqbZj3b_sPzOX7CkSAbFjv1SPGTXveKgkjtO58iMJ6oafrpk_ky2l5wFOAJSZkbArGuoOsqKvVZ4XvYthA14C_V2klhOTKO9JZabtnUdIw2gekVVPQnhoV1DCZLVB_PHdaMqHoSpJmj6vqJ0GfHX-GnjNT0CE4wyS29mGYvFdYAHK3rdWgUKFYK7o9ouqyoV7Gu-Coqj2hi6dBcHeIEY6OOHJD_dhSOOWIKz5e4Q6HuKpfQfANdqFogSJht_iFvKU
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1895888
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%85%A8%E8%81%AF%E7%94%9C%E9%BB%9E%E6%AD%A3%E5%A4%AF%EF%BC%81%E5%B0%88%E5%AE%B6%E6%8F%AA%E3%80%8CNG%E5%89%8D3%E5%90%8D%E3%80%8D%20%E5%86%A0%E8%BB%8D1%E5%A4%A9%E5%90%831%E7%89%87%E5%B0%B1%E5%85%8D%E9%A9%9A%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-Yw_54eXGiDXmm8WBMub-2g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.32973967863436204&gjid=0.38386311393276484&_r=1&a=5498&z=0.3556193621567336&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 10 Sep 2023 09:07:10 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
9585
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1694336830.287706,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
12
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
4394
usync.js
eus.rubiconproject.com/ Frame 98A9 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Sep 2023 08:42:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84955
Connection
keep-alive
Content-Length
10209
Expires
Mon, 11 Sep 2023 08:43:05 GMT
usync.js
eus.rubiconproject.com/ Frame CDDF 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Sep 2023 08:42:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84955
Connection
keep-alive
Content-Length
10209
Expires
Mon, 11 Sep 2023 08:43:05 GMT
usync.js
eus.rubiconproject.com/ Frame B92A 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Sep 2023 08:42:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84955
Connection
keep-alive
Content-Length
10209
Expires
Mon, 11 Sep 2023 08:43:05 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sun, 10 Sep 2023 09:07:10 GMT
via
1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MRS52-C1
age
1579090
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1694336830.418179,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
IIclY0Hd02bh9imcq0tMJSCTDo5LewOaeFyq25cNLCQUuYWH0yvLeA==
x-cache-hits
682035
dis.aspx
widget.fr3.eu.criteo.com/dis/ Frame 0316 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=200121&cb=64fd873da59d9cb20016a306040487a2&r=https%3a%2f%2fwww.bg3.co%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0dc81139659a35c3ab52e782ce197ef74b47cb612dec4f0889348bbd4b3a90b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 10 Sep 2023 09:07:10 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2140705
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 30B9 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1948672
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMwMiim4LRRnNRmQ4Bt3Tp4nnynSFZAIKG5zJg%2BaotWaE0%2FR7eTSCXdJDv5ZM6pn3KWHGpg2G5fGMhUe4AW%2Fgpux0Rt95AiJykZ%2Fj9H1jSp%2BA6IrRKxMwtYD%2Fk3sjBTw0zZeYHqdgZ2VJD6Rg3Y2ASQg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
804684e65b954bed-MXP
expires
Fri, 30 Aug 2024 09:07:10 GMT
animejs.js
static.criteo.net/animejs/ Frame 30B9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:10 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame 42AD 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33d8387d1795ea5aeb34223a115aa375ee04374fb5a09bc647f3552374e6fda7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131765
x-xss-protection
0
server
cafe
etag
16899394589983698187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame A06F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
61798
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 15:57:12 GMT
etag
8554266389219770021
expires
Sat, 23 Sep 2023 15:57:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ Frame 3666 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js?cb=31077683
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 10:02:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83103
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129878
x-xss-protection
0
server
cafe
etag
7992010681825974757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Sep 2024 10:02:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DB42
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
URL: https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:10 GMT
expires
Sun, 10 Sep 2023 09:07:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:10 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
pagead2.googlesyndication.com/bg/ Frame 384A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 14:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
65961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 14:47:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2C8C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQfxdCOy8edmOnG0nIVd0EVT5o0opI2PVVUlqIl0UUPBKX3XqkR_xcjyJeMuLswuJ9iUae6trtc-2o9cbvcIOSYJWxqrLhYkq9ENRNsnBcRynqarmiGxYAAMilWis964psG8r_YSTZm8f0MQx23mPAEaIvnWy9I-vc6NksFuw_NcthVORXf_QEYnvu957h_vJslO18pL27_IYIjeA5vh-K1NpLMNzd6nZe4lC1nLG9W4XeoSv4Op4ZCekDdf8mXpmCCp0BXARS0tyzA8jmCUZDAcpIw6GSyNpcQCNQHTQD8CUpxvR5KubSZ-VZrchN_FSf&sai=AMfl-YR6dezu-YRQ57vWa6bpZM3_at4Kn6BD9GNZKRQijpSrGiEzHElc5zeT4vs15UUYpARhS2GYYOYaxCExafZj3b0q7OW6dVLQZ2OmnzaYkqrrApQuIClhbqX5HT1laA&sig=Cg0ArKJSzNLvbfPcVzwPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:b58:f655:b2f0:bc51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
afr.php
ads.eu.criteo.com/delivery/r/ Frame EAF6 		149 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
18ab1a641b68d4230f1589100a2ca16ee3e1187a65f1361827f1cc45e23d5f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:10 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WgfjZIilo0KlerMXuw2--3FpPgnyrRWPNRXkWJMyK8E_CYDO89N4BR0yTmVIxQ2LTOvi4FD35aRIpzUZTg7ExLOM1WsXl9GGfSVXgyT0mTfExtRxNwKN4F-RwlPIdNwhZuFVivrU_zKAdIijSRTUmRHtKXPZl2wUdER_ThBkOV4zJLmgIiAOUAL-Q1jvPdF4q474jVpZVjAt3t9HeD_ABmxofBW1lgLsFYxum5GaPz_WZrt8Fvu9nEcC84h-fZ2yzlL3Ng"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
71583455
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C8C 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:10 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9xdWFuLWxpYW4tdGlhbi1kaWFuLXpoZW5nLWhhbmctemh1YW4tamlhLWppdS1uZ3FpYW4tM21pbmctZ3Vhbi1qdW4tMXRpYW4tY2hpLTFwaWFuLWppdS1taWFuLWxpYW5nLWxhLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04MDI3MDgwMi1iMzAwLTRlY2EtOTU2YS0zM2RkNzQ4MDBlNDEiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJjcml0ZW8iLCJyZXZlbnVlIjowLjAwMDQ1MDY0Njc4Nzg4MTg1MTIsInJlc3BvbnNlVGltZSI6MzcwLCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJjcml0ZW8iLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDQ1MDY0Njc4Nzg4MTg1MTIsIndpbm5lckFkVW5pdElkIjoiNzhhYjQ3OGFhNzg0NTY1IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiNzI4eDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6IjU5ODVmMDc4LWMyNmUtNDI4MS05MTA5LTljOWI2MWRhN2YyOCIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4908.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
tpd
cat.nl3.eu.criteo.com/ Frame 2C8C 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=nRJucV83bUNkdGNLSzlXVk1NVmE2ZDVncWRyZlRaJTJGR2lzOFdpczR1VCUyRiUyQlR3bVpTYlpxVHNaZWdQWTdJVE9PTjBaTU9wOWpJYm9VRDRYRURMbENHVndFYW45elY2WEQ0d2t5Y0dZMlExR1BMRVNRWFp6bklmbVZiWlpQTkR3cmoyMnV6bFc4U21XdnJBWGZ1S3FiJTJGJTJCRUR5amdITSUyRlJkQXdBcTJvUlR2VjRLcXRlTjVjMkN5b3Q5MDhYWHo3elJwQzFKN3JTQUFmdUQlMkJrVURWYm1MNVF3bTdBVE96MzNtQUM5RG9SckYxVVpwdnpKdkVjUXhZNFNvM1JKUFVreW54YWx0dEx6QlJBbWtiSWVJVktoQzB2UFUlMkZRRHpiblR3YktrNGh3Q0syNFgxTGRjd290YloyV3RwZFB3dWZqV1BXVkpHS2RwMWg2ekZYYUYzQ3paeWRPMm5HcCUyRmFFSXhHNXdOWkpLb01WcGo4UG9IcVdKMG9mOFdENGJDU3p3ek1nVzhBTlMlMkJrU3JNJTJCZnc5OWxEa25sJTJCeXBra3dvTmFFcm9yWGRFdkE1NEl2dzg1bzZtcGtjM29lcEhOU1Ntck9ibmRkd2VJaWZKV0lBZXU2a3RXc2t0amRVJTJCY3JaMjJKOEE5SlR3UHM3a285STFrNEhrJTNE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
204896
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
generic
match.adsrvr.org/track/cmf/ Frame A42F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame A42F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/a70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iO_7fPhE2oS2Nows.e7EV8ufDwE8KV6KkvgI3Q--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iO_7fPhE2oS2Nows.e7EV8ufDwE8KV6KkvgI3Q--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33182

Redirect headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iO_7fPhE2oS2Nows.e7EV8ufDwE8KV6KkvgI3Q--~A
content-length
0
sync
x.bidswitch.net/ Frame A42F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.86.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-86-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 23:29:48 GMT
x-content-type-options
nosniff
age
121042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 23:29:48 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 04:05:52 GMT
x-content-type-options
nosniff
age
104478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 04:05:52 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
img
imageproxy.eu.criteo.net/img/ Frame 30B9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F27e396689d854f96bffb4f1c353d44d6_digicomp_logo_white_criteobanner_cta_square.png&v=3&w=256&s=aPuqQdKvNOaseG06iYUEg09W
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9cdc95a5a7530f63cb0596d39d3d085c03bbba9e887dece7aead9d82d96855f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
15110
expires
Sun, 04 Aug 2024 02:52:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame 30B9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FDATCEN.jpg&v=3&w=800&s=12XblLqp0JXYAfqP738lBNAN&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ebdc314a4d78be7683fc9f73e6ea3ae65c931bb3c1e3db0e4fc9d9efc16f660c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
13396
expires
Mon, 11 Sep 2023 13:59:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 30B9 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FJAVA01.jpg&v=3&w=800&s=08j_x8FTZTKd1YY5IT2Xt8fD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d817c9d5e373b77777d55c671007c32d9f22f1c4998e4f680542fc860583ba06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
9706
expires
Sun, 10 Sep 2023 10:19:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 30B9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FIS27I.jpg&v=3&w=800&s=q5A6Tcixz_6nMy9vq_K8cQOa&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f538b18149ea8f232f7fcee860f92d75fd8e928dabae5a8095bb542eb29eb255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
13238
expires
Tue, 10 Oct 2023 08:46:51 GMT
all
csm.eu.criteo.net/ Frame 30B9 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=X2nqHIilo0KlerMX4rrM85WnmpbqGW1YvkThTq_-VHehKfqhIdn76aHlneN0lTg-LQS3Te08_zxrfXpTjPppvI7gFWpINcXwFIUzbKWimtOJu3y-PtUpthGO-AfwclfzIX8T8SL2SChJjshzxZffI5-KbQFIljlv-97NR9g3aPDUgqkwJIg-1qDtktcTmJnty58SANphMj2DIqNZJGRbz93TDC-HNwsim9lyV6oYglho60qvJVAVyfEjWVZLbwFVGxdLNA&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 30B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 30B9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0D2E 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-26521745401216895036&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3080&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=5482005498&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&ga_hid=658876816&dt=1694336829874&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&bdt=2302&dtd=106&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0f9d74917fc454ac0bfbe71feb7d77b7572b21125dc5fdea561c771c1e2276a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90992
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Sep 2023 09:07:10 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ Frame 7D58 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 19:56:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
47454
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129878
x-xss-protection
0
server
cafe
etag
7992010681825974757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Sep 2024 19:56:16 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame C2BE 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33d8387d1795ea5aeb34223a115aa375ee04374fb5a09bc647f3552374e6fda7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131765
x-xss-protection
0
server
cafe
etag
16899394589983698187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:10 GMT
idsync
sync.aralego.com/ Frame 98A9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMD8EGDL-1V-CZFC
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMD8EGDL-1V-CZFC
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMD8EGDL-1V-CZFC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMD8EGDL-1V-CZFC
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B92A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LMD8EGDL-1V-CZFC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
480_650.mp4
cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/ 		816 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 10 Sep 2023 09:07:10 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
bridge3.588.0_en.html
imasdk.googleapis.com/js/core/ Frame F058 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
480695
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236614
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:35:35 GMT
expires
Tue, 03 Sep 2024 19:35:35 GMT
last-modified
Mon, 04 Sep 2023 19:31:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1B32 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 08:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:26:08 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame EAF6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:10 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame EAF6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EAF6 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 04 Sep 2024 09:07:10 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EAF6 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 04 Sep 2024 09:07:10 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame EAF6 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YTbx5dE8BhPtoAeWkMNGH_WePgT2QsygkpINQmw4sHKnrMEiRE1tdEu0bploC5i8Ftpk1W5mlr9CB-nfGrOD-neRNEfAlJi9zI8gzw1WkDGOnEDsveEBffym1fE5kuXpgiD0sSlxwDprmc9VZMXCUYshqnKAIjGaNBdgGkGPh_8hT_HxGotJ85FpnfAtjqLOHWR7BYmmQ6HYrABQB8NpKf_rC5MbDeDUvbtEqhhMujC6aA8xRmky8pj3IizFm9BMSe7NDw3zHa-gGTc4dw6FFojvgL7BFoUWhLm6dmqvAxeimSlelL-orTHc5sx2-aF6_XQPJ-f_6RWfzarfO22q3DXIgR202QxN15wcHq3z3DanpwGOK-N5PKAA30HjOq6dRZM8pxXHpPP_hJUFXbOBgy6Ftr6ByZ3mnKn-0GSOh45n2zq85XPQijgkT5LON8juuymgUSKFFZeyQ0_WyXsf_P6Q1OyYrJTJ04lvZIWuEs1HlU1Vh5jd4CYCOx8eQAyk3FFEX3wKmeX8FgNvoGNXIVWl5GUjzEd9EiaAcnBf7pCph4hYO3R-uCGxG76iYlXoJF8oeIUrUK2DxI3lEHnE5lxnwzMcjaJW4_ktkYjj9GbYcbjn
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1811611
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2C8C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul6O5DS-SiV3xYkFK6irp_XJtuxtoYxOzChJjx_peeXb-hrpcZXx_rlR_mWbmM5sV_dWyHAgRldadoHfYRkoABq6WTxXyyjwfI3w0p2fVplXD2jSP1DK0GAf6P9Yr3lCaCM1dJZMSQqIu5VRNPhakrdNalPWY-jFbctzUOsvrLgphkLFj7Dx0Svl9C7njZ_OmVi9XI-u9OwmjALv0Qf95NHZo-f5ahJYJUhECxOUs2tzgnV0GivHgwF-BYQUzqKSyWRwuZfb2RD6tS3iswPRRGLjqB_Aff_DKGi0I08W3m9quebTipjKYgM7z4_fy_D9n8X7A&sai=AMfl-YQLpp3mSLJJWyrQS01AgVHvjmylGw9jkGl-6fckTlSAG1KGx0DIA2hRjwDVwcQhlcx6ZsgSPlzaZbn5p9rRDWslef7YPH1XZFE7judxPAuYGJgq5_bBkISJLIo7fQ&sig=Cg0ArKJSzPtVNW_ju7nlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Sep 2023 09:07:10 GMT
truncated
/ Frame 2C8C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a167b5cc9acf48977ded979c4ea14c3c69f015fb4c22476c3dca8343a993853

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
480_650.mp4
cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/ 		232 KB
232 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16973824-

Response headers

Date
Sun, 10 Sep 2023 09:07:10 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16973824-17211103/17211104
Connection
keep-alive
Content-Length
237280
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EAF6 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1948672
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wv4GcyaH0TGdG5RHIls2u4rQVKDcMPzs7z%2BEqH1Y0sG0c1Z8uWLiVZlYTmX7JSxFAbghL%2FDztxmCz8NbKmjyZOS7kXN5YTpL%2BbwW%2FSFNsC3e6WkNODpCi6J3lIVn0oQ5yT6ZEKncCnMPwWY1Fuignf6l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
804684e8eed14bed-MXP
expires
Fri, 30 Aug 2024 09:07:10 GMT
animejs.js
static.criteo.net/animejs/ Frame EAF6 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:10 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 98A9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 98A9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NjMjFjNTE1MWYwYjBmYWNlODVhMGNhYTcyNjc1NWMzNzQ2MDM0MQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NjMjFjNTE1MWYwYjBmYWNlODVhMGNhYTcyNjc1NWMzNzQ2MDM0MQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NjMjFjNTE1MWYwYjBmYWNlODVhMGNhYTcyNjc1NWMzNzQ2MDM0MQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 98A9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UeYNPcjQTiiuSj-5KgOUwA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=UeYNPcjQTiiuSj-5KgOUwA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=UeYNPcjQTiiuSj-5KgOUwA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KGT41GF1GZ2E1PFAMMX6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=UeYNPcjQTiiuSj-5KgOUwA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 98A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIRXNotQXpWFxTN9Sp0pGS0&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIRXNotQXpWFxTN9Sp0pGS0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIRXNotQXpWFxTN9Sp0pGS0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 98A9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1EOEVHREwtMVYtQ1pGQw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECnzV5tBsgzzr8h1yGlBma0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EOEVHREwtMVYtQ1pGQw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EOEVHREwtMVYtQ1pGQw==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EOEVHREwtMVYtQ1pGQw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
dcm
s.amazon-adsystem.com/ Frame 98A9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
74AAY4MV0AX0J92H9CF5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 98A9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMD8EGDL-1V-CZFC
0
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMD8EGDL-1V-CZFC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 0EEC6A345B684274A2F226ABE44DFE17 Ref B: ZRHEDGE0922 Ref C: 2023-09-10T09:07:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYE/Yj1w7RK9uNhPvBzGA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMD8EGDL-1V-CZFC
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 98A9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Dt_00QNQe6MuRtdTjoULlcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PfvbXcpE2oJckmM56SGh2zyN3MAypRGgmkrjxw--~A
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PfvbXcpE2oJckmM56SGh2zyN3MAypRGgmkrjxw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 10 Sep 2023 09:07:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PfvbXcpE2oJckmM56SGh2zyN3MAypRGgmkrjxw--~A
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 656D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-1kAiLK55AUNErAyKSwMkYGYHQenNlvubNWQthw&google_cm&google_hm=ay0xa0FpTEs1NUFVTkVyQXlLU3dNa1lHWUhRZW5ObHZ1Y...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1kAiLK55AUNErAyKSwMkYGYHQenNlvubNWQthw&google_gid=CAESEPq3A3p7okk7EsTT30Ze0kA&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1kAiLK55AUNErAyKSwMkYGYHQenNlvubNWQthw&google_gid=CAESEPq3A3p7okk7EsTT30Ze0kA&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
900650
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1kAiLK55AUNErAyKSwMkYGYHQenNlvubNWQthw&google_gid=CAESEPq3A3p7okk7EsTT30Ze0kA&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 656D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-FvPp8q55AUNErAyKSwMkYGYHQem1L4ypLhlSCA&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.86.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-86-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 656D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7194115729736594569
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7194115729736594569
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1132841
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
an-x-request-uuid
c31d40d8-39f2-4f42-9f68-1cb9d62506ec
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7194115729736594569
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame 656D
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-abl6Q655AUNErAyKSwMkYGYHQenyZVBPNQVqLQ
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-abl6Q655AUNErAyKSwMkYGYHQenyZVBPNQVqLQ
43 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-abl6Q655AUNErAyKSwMkYGYHQenyZVBPNQVqLQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
an-x-request-uuid
5bd4d650-a59b-48ae-a223-068714b1e79b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
an-x-request-uuid
fd477a79-f1e6-43fc-ae6b-d741781b8e03
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-abl6Q655AUNErAyKSwMkYGYHQenyZVBPNQVqLQ
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 656D 		53 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_tFGla55AUNErAyKSwMkYGYHQek9axLAogmG3w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 10 Sep 2023 09:07:11 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sun, 10 Sep 2023 09:07:11 GMT
tap.php
pixel.rubiconproject.com/ Frame 656D 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-PITBn655AUNErAyKSwMkYGYHQek6nX6oYGlinA&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 656D 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-GwY3YK55AUNErAyKSwMkYGYHQenkP5OkaT2o0w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 656D 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-GYFZOa55AUNErAyKSwMkYGYHQekXm2qJ6fobAA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 656D 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-o6Cdfa55AUNErAyKSwMkYGYHQelHOXd7p8kscQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33044
um
criteo-sync.teads.tv/ Frame 656D 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-hFrrm655AUNErAyKSwMkYGYHQekJLLK6UixDxg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 10 Sep 2023 09:07:11 GMT
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 656D 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-CuHcYa55AUNErAyKSwMkYGYHQel20adGiG9GZQ&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 656D 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nNOoiq55AUNErAyKSwMkYGYHQek0oQ6ZS73ZQw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 656D 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-ZSN1ja55AUNErAyKSwMkYGYHQenYNZ8EbAfRoQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:06 GMT
last-modified
Mon, 14 Nov 2022 09:52:50 GMT
server
nginx
accept-ranges
bytes
etag
"63720ff2-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 656D 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-jLSvoa55AUNErAyKSwMkYGYHQem2OMFaecKrAQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 656D
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xDfZ-q55AUNErAyKSwMkYGYHQemctpijWV5Amg
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xDfZ-q55AUNErAyKSwMkYGYHQemctpijWV5Amg&C=1
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xDfZ-q55AUNErAyKSwMkYGYHQemctpijWV5Amg&C=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCcy6UgUjqjNyxbSDMFEEGxD1arEmQjXTfEVYBynuUIz4Ys67cHunSKCDGgtJ2eGm0H09%2FPQOdSQL5OIHp0SymOqObOLOzfVZCwpMqH9j%2FSyjuArqqD0ZdHGb6Rd3lKKaHBs"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684eb0e6d5238-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4h334T%2B2WyU2lehF9tLlvXQFLfz4Osv0kVXDc5J%2FgKwxP%2BWTOu0udjopX0aE5meLIbEpYKyR912nrESndPKLkFyQ7b%2F8ZwqX%2Bjnp6u7vXWGUEwrnE%2FxiIUGStGbb%2FMbGY%2BO"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-xDfZ-q55AUNErAyKSwMkYGYHQemctpijWV5Amg&C=1
cache-control
no-cache
cf-ray
804684ea0d195238-MXP
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame 656D
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Qirj7Q1pK36xxGzc5bTIGoefCqtoposI
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Qirj7Q1pK36xxGzc5bTIGoefCqtoposI
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Qirj7Q1pK36xxGzc5bTIGoefCqtoposI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Server
52.214.255.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-255-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-04e31af58.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5prOYMDFSZw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v050-04e31af58.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
+jvphiKLSSU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Qirj7Q1pK36xxGzc5bTIGoefCqtoposI
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ad.360yield.com/ul_cb/ Frame 656D
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-V_4j1q55AUNErAyKSwMkYGYHQeljCUBDOySS-w
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-V_4j1q55AUNErAyKSwMkYGYHQeljCUBDOySS-w
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-V_4j1q55AUNErAyKSwMkYGYHQeljCUBDOySS-w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
52.48.146.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-146-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:11 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-V_4j1q55AUNErAyKSwMkYGYHQeljCUBDOySS-w
access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:11 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 656D 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-IkcXrq55AUNErAyKSwMkYGYHQekqfiCL15zrvw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 656D 		0
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dIXjkq55AUNErAyKSwMkYGYHQenop9jC8Vz2Tg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.188.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-188-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 656D 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-eXLILa55AUNErAyKSwMkYGYHQenahs2LeZifgw&initiator=partner
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:11 GMT
Cache-Control
no-cache
X-TraceId
4ba22b0717e21129a9ddaa816fbe9354
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 656D 		42 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-9StL7K55AUNErAyKSwMkYGYHQemeSnfZ6ynoYQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 656D 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-hXO4lK55AUNErAyKSwMkYGYHQel_BEuCBesOuQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:65bd:bf52:226a:b097 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 10 Sep 2023 09:07:11 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 656D 		43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-tqd2m655AUNErAyKSwMkYGYHQen5_VxfX2Dt4w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.30
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:11 GMT
p3p
policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
server
Apache
x-powered-by
PHP/7.3.30
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 656D 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-nBx6K655AUNErAyKSwMkYGYHQenq0TGWp-g9Ng
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:11 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sat, 09 Sep 2023 09:07:11 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 656D 		43 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-3yNoYa55AUNErAyKSwMkYGYHQelbcX-cttkXZA&pn_id=criteo&ext=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.244.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-244-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
put
e1.emxdgt.com/ Frame 656D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-o6yI4K55AUNErAyKSwMkYGYHQemtp0CFoXaC4Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.31.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-31-96.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
server
awselb/2.0
F4lsnAOujnKGtPsTHWiGL3GCCnWlw3fXi6YCJgctEkMx7cSOtOFaIAQ9VCQZRMsZz%2F%2BKDbC40lC6GHPQty%2FxWAFX6n789XCV6IzonpAmsSiypC9R31zQzAZqH3CQ8xwI8gVevNAFCYSoVmuAijdmBX1al6Klgc%2B%2BQJ3x6iWhU31U%2BgJIsq9aXZ%2F...
ad.vidverto.io/delivery/video/pod/ Frame 0050 		46 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/F4lsnAOujnKGtPsTHWiGL3GCCnWlw3fXi6YCJgctEkMx7cSOtOFaIAQ9VCQZRMsZz%2F%2BKDbC40lC6GHPQty%2FxWAFX6n789XCV6IzonpAmsSiypC9R31zQzAZqH3CQ8xwI8gVevNAFCYSoVmuAijdmBX1al6Klgc%2B%2BQJ3x6iWhU31U%2BgJIsq9aXZ%2FNQmLrXYa0Nihamz1kM8Vgp4GbKxQVhTpnN1Bi0iL64l0bXE4x9efIlnaSZYGLeTPHcaE9kADqiKflm%2FcRSSo%2BWkUuraabSsB7%2BPmyLYvUjnxzLZdaE3nomXWuoe22qybZxSYZYKQmEnX8Hotn4uuv6hiImLSGSKGG0DBRD9K8A%2FLYxVarnibTkwckcCNyuRd8jpLo9PXqDWhOZyXs7VnT9dzkN8h%2BmOZCwYIVXn%2B2HiwU%2BOJJ%2Bkmzzuru8Cr6o40yD03kKvW9bKagncg6%2B3BIK7Qb%2B9c%2Fx6LGHfOj6ck9sGynD76rufO9VFYetPQIyDGQAZRKLPQCukhEZ2%2BwQTqFbtSgqNadhhYSq9SJbyFe%2F%2BUahHmaGIoAgaHyRqql%2FUoFFTO5LZF1dr1SVk9HvhCQw8MMkcAm3Lhwd3YQMp0kfMTs3x2NtI7APFiZoXzHHAXTdfC%2FtVWFsh9IJljnNjH6YjQcYwKMCq91e2cRJxL0ymuLWuaakbFzDd%2F1Ge3p2TZPtK5yD6QMJxdWGZRaOhbJKdccUWcfiOONbBqo63TUJoKJoQViCqZV3S7DXHJE2IUeYpLOT3sA?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ab583f888172755c472f6fca0b90e20bf7ad042a2fc37e2931309a5566f9006d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
cookie.js
partner.googleadservices.com/gampad/ Frame 42AD 		210 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b375e319a0558772f62ce7bce6f93330bb5302a7f44a678df8d01c8b0e4f9a1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9576 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
2fd5f9125bea948cf3f754daeb98cb6b8355af2323ba08b09391599ebf83492f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15088
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:11 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
img
imageproxy.eu.criteo.net/img/ Frame EAF6 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FJAVA01.jpg&v=3&w=800&s=08j_x8FTZTKd1YY5IT2Xt8fD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d817c9d5e373b77777d55c671007c32d9f22f1c4998e4f680542fc860583ba06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
9706
expires
Sun, 10 Sep 2023 10:19:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame EAF6 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F27e396689d854f96bffb4f1c353d44d6_digicomp_logo_white_criteobanner_cta_square.png&v=3&w=196&s=u8RH3PKCv7sSdfjEnivknYad
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a7f6bf3d4e79e967e0b1b70de5e46a16da84b04fc505eedca6da03127901953c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
10545
expires
Sun, 04 Aug 2024 02:52:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame EAF6 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FDUK.jpg&v=3&w=800&s=VKNXRFada-9KIhlBbWuc0hUC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
449070b43825070074f447e1cc8a3bb5d9579a6ec9af743beaf69a2c646ccf8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
17650
expires
Sun, 10 Sep 2023 09:19:02 GMT
all
csm.eu.criteo.net/ Frame EAF6 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=WgfjZIilo0KlerMXuw2--3FpPgnyrRWPNRXkWJMyK8E_CYDO89N4BR0yTmVIxQ2LTOvi4FD35aRIpzUZTg7ExLOM1WsXl9GGfSVXgyT0mTfExtRxNwKN4F-RwlPIdNwhZuFVivrU_zKAdIijSRTUmRHtKXPZl2wUdER_ThBkOV4zJLmgIiAOUAL-Q1jvPdF4q474jVpZVjAt3t9HeD_ABmxofBW1lgLsFYxum5GaPz_WZrt8Fvu9nEcC84h-fZ2yzlL3Ng&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EAF6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:11 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EAF6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:11 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame C2BE 		210 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a0f006fc0c9f18f4c731c9a889b4946474fd108a297940fcb02ea31d76d78d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D23C 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
561b6efcf5f0b9ed822ede5d4cd518e62d9d39bd94a9e584039f67cf5c524643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16043
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:11 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 0050 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmd8ehee&c=222644881557&slotId=111322440778.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 739F 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzEu1tjOK4q6TM6h4waLz5MnNvYlD1XdyDbKzcg6AJbkGWZab8wQCE4ZqtJ-7n4Dvbyb7jpKGr8g09QheUNGGSTlJBFJhyjiTgCMW6YyiivYrREQQIAxXnLETWWOc9&sig=Cg0ArKJSzKxMUfXWSYDeEAE&id=lidar2&mcvt=1176&p=1110,315,1200,1285&mtos=1176,1176,1176,1176,1176&tos=1176,0,0,0,0&v=20230906&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694336829843&rpt=259&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3666 		492 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2150227330298112&correlator=3138033420360871&eid=31076399%2C31077647%2C31077683%2C31077190&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694336831326&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=vin5bwxgjmu0&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMAIxhPdm7JO3nWSvxo_mX1VXXxv65wS6nBW2tUuwOnvsz6YLVXegPlXR6ucePtyhGgW0pmQHd88qYH_H7_baXzL9wIvQvk0VqygVQGBf1epmlSfWuQyXMzgvb50xakmc8HRio-M62owS5STSKpbquPawoa5lyTnEF2eFy276A1eXifMbL7kDnOShObAD5q8Wv_ZO7XF73QxaQtzlV7Jg&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1869492122.1694336831&ga_sid=1694336831&ga_hid=794426771&ga_fc=false&dlt=1694336829835&idt=1136&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js?cb=31077683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c74c1b623078af6f50db3f4b8bff0afd711fb3e2ab2321f21c2a29538869ad56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3666 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js?cb=31077683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b1935d67282d2378868104fafd1a4807b44d87217d622f144191947bfcdf64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11689
x-xss-protection
0
container.html
aabd529e31ce7dd774f0db284c9455d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 206B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aabd529e31ce7dd774f0db284c9455d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js?cb=31077683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:11 GMT
expires
Mon, 09 Sep 2024 09:07:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=658876816&cid=743386227.1694336828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694336831&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dt=%E5%85%A8%E8%81%AF%E7%94%9C%E9%BB%9E%E6%AD%A3%E5%A4%AF%EF%BC%81%E5%B0%88%E5%AE%B6%E6%8F%AA%E3%80%8CNG%E5%89%8D3%E5%90%8D%E3%80%8D%20%E5%86%A0%E8%BB%8D1%E5%A4%A9%E5%90%831%E7%89%87%E5%B0%B1%E5%85%8D%E9%A9%9A%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 7D58 		492 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3152877735928749&correlator=52617901980310&eid=31077747&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694336831442&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=l78wi2883r38&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMAIxhPdm7JO3nWSvxo_mX1VXXxv65wS6nBW2tUuwOnvsz6YLVXegPlXR6ucePtyhGgW0pmQHd88qYH_H7_baXzL9wIvQvk0VqygVQGBf1epmlSfWuQyXMzgvb50xakmc8HRio-M62owS5STSKpbquPawoa5lyTnEF2eFy276A1eXifMbL7kDnOShObAD5q8Wv_ZO7XF73QxaQtzlV7Jg&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=75455229.1694336831&ga_sid=1694336831&ga_hid=1528985702&ga_fc=false&dlt=1694336829837&idt=1326&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6071232b4947972c05e7ea4b40f919ae1a92be937cdb1b3f644208df48ffec5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7D58 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d84e9440bfdfd5f3bd2880adfcfe7b7761603e50f150fa51df83fd410abbc65f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12135
x-xss-protection
0
container.html
47ab540382b6c5487d3ea0bfc970e42f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B626 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://47ab540382b6c5487d3ea0bfc970e42f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:11 GMT
expires
Mon, 09 Sep 2024 09:07:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 0050 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2056584654402811&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Frzfn0S4d9Ntu9937htmYeg%3A1694340429%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=38B71173-01B4-4526-B8F6-8EEAC3A0078E&a3p=EhkKCnB1YmNpZC5vcmcY7Yrh8qcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNOG4fKnMUgAUgIIZBIZCgp1aWRhcGkuY29tGNOG4fKnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSRmRxUlhaQmJVcFVSMGQ0T0hGWlVYaHJOazlrZHowOUluMD0Yso_h8qcxSAASGwoMaWQ1LXN5bmMuY29tGLyM4fKnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dt=1694336831465&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&scor=431819168168833&ged=ve4_td3_tt0_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0050 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2056584654402811&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Frzfn0S4d9Ntu9937htmYeg%3A1694340429%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=38B71173-01B4-4526-B8F6-8EEAC3A0078E&a3p=EhkKCnB1YmNpZC5vcmcY7Yrh8qcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNOG4fKnMUgAUgIIZBIZCgp1aWRhcGkuY29tGNOG4fKnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSRmRxUlhaQmJVcFVSMGQ0T0hGWlVYaHJOazlrZHowOUluMD0Yso_h8qcxSAASGwoMaWQ1LXN5bmMuY29tGLyM4fKnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dt=1694336831467&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&scor=431819168168833&ged=ve4_td3_tt0_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx3.adform.net/adx/ Frame 0050 		65 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/live/ Frame 0050 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2056584654402811&cust_params=mt_fln%3D1.8&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Frzfn0S4d9Ntu9937htmYeg%3A1694340429%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=38B71173-01B4-4526-B8F6-8EEAC3A0078E&a3p=EhkKCnB1YmNpZC5vcmcY7Yrh8qcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNOG4fKnMUgAUgIIZBIZCgp1aWRhcGkuY29tGNOG4fKnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSRmRxUlhaQmJVcFVSMGQ0T0hGWlVYaHJOazlrZHowOUluMD0Yso_h8qcxSAASGwoMaWQ1LXN5bmMuY29tGLyM4fKnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dt=1694336831470&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&scor=431819168168833&ged=ve4_td3_tt0_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0050 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2056584654402811&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Frzfn0S4d9Ntu9937htmYeg%3A1694340429%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=38B71173-01B4-4526-B8F6-8EEAC3A0078E&a3p=EhkKCnB1YmNpZC5vcmcY7Yrh8qcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNOG4fKnMUgAUgIIZBIZCgp1aWRhcGkuY29tGNOG4fKnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSRmRxUlhaQmJVcFVSMGQ0T0hGWlVYaHJOazlrZHowOUluMD0Yso_h8qcxSAASGwoMaWQ1LXN5bmMuY29tGLyM4fKnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dt=1694336831471&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&scor=431819168168833&ged=ve4_td3_tt0_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 0050 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2056584654402811&cust_params=mt_fln%3D1.3&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Frzfn0S4d9Ntu9937htmYeg%3A1694340429%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=38B71173-01B4-4526-B8F6-8EEAC3A0078E&a3p=EhkKCnB1YmNpZC5vcmcY7Yrh8qcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNOG4fKnMUgAUgIIZBIZCgp1aWRhcGkuY29tGNOG4fKnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSRmRxUlhaQmJVcFVSMGQ0T0hGWlVYaHJOazlrZHowOUluMD0Yso_h8qcxSAASGwoMaWQ1LXN5bmMuY29tGLyM4fKnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dt=1694336831473&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&scor=431819168168833&ged=ve4_td3_tt0_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0050 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2056584654402811&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Frzfn0S4d9Ntu9937htmYeg%3A1694340429%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=38B71173-01B4-4526-B8F6-8EEAC3A0078E&a3p=EhkKCnB1YmNpZC5vcmcY7Yrh8qcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNOG4fKnMUgAUgIIZBIZCgp1aWRhcGkuY29tGNOG4fKnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSRmRxUlhaQmJVcFVSMGQ0T0hGWlVYaHJOazlrZHowOUluMD0Yso_h8qcxSAASGwoMaWQ1LXN5bmMuY29tGLyM4fKnMUgAUgIIag..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dt=1694336831475&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&scor=431819168168833&ged=ve4_td3_tt0_pd3_la3000_er1215.240.1216.960_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3666 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js?cb=31077683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:07:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7D58 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:07:11 GMT
usermatch.gif
beacon.krxd.net/ Frame 656D
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=VMWJU7mLYmeIq624OeczVxqudD2f4Wlm
0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=VMWJU7mLYmeIq624OeczVxqudD2f4Wlm
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
52.214.105.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-105-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n019-dub-prod.krxd.net
date
Sun, 10 Sep 2023 09:07:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1694336831
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=VMWJU7mLYmeIq624OeczVxqudD2f4Wlm
date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
853706
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C8CA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 07:47:43 GMT
expires
Mon, 09 Sep 2024 07:47:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5670 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d0f52400697d111fb9f2271c72cf59eaabfe2712d075e6eaf6ef88226fe55a71
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QnLLD-V61PkSAyr4NGclig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-QnLLD-V61PkSAyr4NGclig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:11 GMT
expires
Sun, 10 Sep 2023 09:07:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5939 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 07:47:43 GMT
expires
Mon, 09 Sep 2024 07:47:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 02B1 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
79889b78ee94325200ca2fe6dcf14624a0abfbe7de5280c894c1f3cb1788b909
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P83gzZ7HKDIVW6aV65gVtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-P83gzZ7HKDIVW6aV65gVtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:11 GMT
expires
Sun, 10 Sep 2023 09:07:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
pagead2.googlesyndication.com/bg/ Frame C8CA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 14:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
65962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 14:47:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5670 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=2150227330298112&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
pagead2.googlesyndication.com/bg/ Frame 5939 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 14:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
65962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 14:47:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 02B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=3152877735928749&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 0050 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmd8ei4e&c=222644881557&slotId=111322440778.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
s.thebrighttag.com/ Frame 656D
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=n8SxLJe3X8J5TgbDBhhxC8i_6zP7PzX8
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=n8SxLJe3X8J5TgbDBhhxC8i_6zP7PzX8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
3.141.87.90 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-87-90.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
x-bt-requestid
6dac5a61-4fb9-11ee-9ea6-0000ac170193
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=n8SxLJe3X8J5TgbDBhhxC8i_6zP7PzX8
date
Sun, 10 Sep 2023 09:07:10 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
587383
content-length
0
all
csm.eu.criteo.net/ Frame 30B9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=X2nqHIilo0KlerMX4rrM85WnmpbqGW1YvkThTq_-VHehKfqhIdn76aHlneN0lTg-LQS3Te08_zxrfXpTjPppvI7gFWpINcXwFIUzbKWimtOJu3y-PtUpthGO-AfwclfzIX8T8SL2SChJjshzxZffI5-KbQFIljlv-97NR9g3aPDUgqkwJIg-1qDtktcTmJnty58SANphMj2DIqNZJGRbz93TDC-HNwsim9lyV6oYglho60qvJVAVyfEjWVZLbwFVGxdLNA&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
csi
csi.gstatic.com/ Frame 0050 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lmd8eie6&c=222644881557&slotId=111322440778.5&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 0050 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame 0050 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lmd8eii6&c=222644881557&slotId=111322440778.5&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 0050 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4D79 		478 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwJ6f6QEwAQ&v=APEucNXBkVfpgeGzvACgh1tB2lKsBZpixpnn7VJ3PAE3Cw9Yu--JhIW1rq-eTmAGODjMPT5DoZf4qSC7uyjEj_F3MPe1qqQvjw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1D13 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:11 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 1D13 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253811&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0ilvXkDtDzQwD_tSVEEtgRj&c1=3060631&auorder=1011813649&aulitem=20020583203&aucrtv=489148224&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&aubndl=&audeal=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
f24e7689e361a285f554af82ca4ae701d8d75c49265513fb5fbbc87b217433ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Sep 2023 10:48:40 GMT
Server
UploadServer
ETag
"2646e63a3af9b102ec000ffd91770426"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
925
Expires
Mon, 11 Sep 2023 09:07:11 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 1D13 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0ilvXkDtDzQwD_tSVEEtgRj&c1=3060631&auorder=1011813649&aulitem=20020583203&aucrtv=489148224&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&aubndl=&audeal=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
13ec52544bd81ab84352c7d1c781b85bdb9e8b917c9c0d52953b396859862242

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 05:48:08 GMT
Server
UploadServer
ETag
"bb48d33745b358fda8ccf2303418973c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3621
Expires
Sun, 10 Sep 2023 09:22:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1D13 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 16:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
61083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 16:09:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1D13 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
9650
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Sep 2023 06:26:21 GMT
l
www.google.com/ads/measurement/ Frame 1D13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaST3bako6WaE6LbX55tCtxwW2EgzOTb4Pc7mq0FxzOrbOV9MrP8AKshROSEqLvAc7feIgbfd8aYU9OIDRgKUrrEeOmOTQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D13 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D13 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DIT9UfSMvzlBfx6tjlTUA6udv1vjl9xJkBxrjfVbtMEz9DWGs5dtszT32ps-Xr30RMmzrOlZPHVMoFXBhikbzTRsMSdhEEVteMwjePdU5kdfdyCUI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D13 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14704618893209957117&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame C8CA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZsbI7Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5939 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Mcswpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Sep 2023 09:07:11 GMT
pixel
cm.g.doubleclick.net/ Frame 4D79 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwJ6f6QEwAQ&v=APEucNXBkVfpgeGzvACgh1tB2lKsBZpixpnn7VJ3PAE3Cw9Yu--JhIW1rq-eTmAGODjMPT5DoZf4qSC7uyjEj_F3MPe1qqQvjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4D79
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4BsgRIgnhNTItifxxmtxQ&google_cver=1
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4BsgRIgnhNTItifxxmtxQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwJ6f6QEwAQ&v=APEucNXBkVfpgeGzvACgh1tB2lKsBZpixpnn7VJ3PAE3Cw9Yu--JhIW1rq-eTmAGODjMPT5DoZf4qSC7uyjEj_F3MPe1qqQvjw
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inFYXljqBeFVcyOdA1g4eqDwW0wZ87p74%2BliGOXszU54kb6CMj2dWqOFvKmEZEyixGYyI%2FcG%2Fnr0beKOQEBYpxA%2BMHdquRGlZVvwlJGPy%2F%2BTD3Y7gIZiEVz7tsDXG9VMymqnc5%2BPyAVeSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684efbccf5238-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4BsgRIgnhNTItifxxmtxQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4D79
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP2HP-VkQFCZ8keQV-TbuwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4BsgRIgnhNTItifxxmtxQ&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4BsgRIgnhNTItifxxmtxQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwJ6f6QEwAQ&v=APEucNXBkVfpgeGzvACgh1tB2lKsBZpixpnn7VJ3PAE3Cw9Yu--JhIW1rq-eTmAGODjMPT5DoZf4qSC7uyjEj_F3MPe1qqQvjw
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4g15ne68zmf1mk2SjvNGgm1kaBFQo4hyoBTyPSQWUsObwij%2FWymVD5idsfmFyKBIK3g3ZUUKjPv%2FwbZnn7TOVrK38oTRgm39uvy3DqzfJ2mE02yx%2BdgAmQakYYgu54Ui9CJKxhqmHaebIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f07cda4bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4BsgRIgnhNTItifxxmtxQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 0050 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lmd8eiia&c=222644881557&slotId=111322440778.5&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 0050 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 0050 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 2C8C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIvwfvlDI5Wo2kdYCL5AhiOrUOxZ9_JvHQQh5eDQ7JRovuIBpuPWZmu6m2WDWOlA5WZSLNidsu5AwH6SHBy4STf6PlKWO8A0KpaYw0ToQ384l1wFXBhZl6K-SuGTV-&sig=Cg0ArKJSzAfyVSTvOaW_EAE&id=lidar2&mcvt=1000&p=60,236,310,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230906&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3805778231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694336830500&rpt=327&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Sep 2023 09:07:12 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 0050 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D13 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7362063492083&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D13 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7362063492083&version=m202307240101&ct=77&x=1&cor=14704618893209956000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1D13 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5DkISe97nEVtjemY9cOtZEz4euB2EwPdG7zZlFDGvGws5F4JtWVzkG6ZwvdLNfdTrvSR88cWNzm89X1Er-8Tfqhk9y_c-ryM9sdNR2XSZnK44EIjU09TeuXlENUE4F_6ob3kqkagDhcnDvW5XYWXCh75nPs2Y40g7t_VBCzQl2kpfd3M&cry=1&dbm_d=AKAmf-D_NuwlDa7zVaXKUvEnHK3vKyxJAeJ-q05QqJnRUatP9IfERs0cTrDW-VqCH2vcbeSatDAc6pER5Dcn8y73OhNnLKX99TPPZ73mhmT6CiaRTMItYP3rOw8oBONfdFWG4ti3Ben0lKP1E3FTNBukMSUrQuNAmV--I9pBLexI1Pk967Xp6a2YsZLB6sP1BRrAAl6PMioMGXTnIIXbkzRbOYBXTT4QEVGsjrFWrsKjR6zNdgPdHP10xi-ovWign1CDNFNRJCmiUFZFOgcO_L6USmuLeEZ7ZjO5YwUv2yXDHBqj1bNUg6ijSiyLQ2bLyWlkfcNqRlJviF9k4jhCryshpmXz-ILTxpePdLygHw-fm1i3RadGRdyNXbYWQ1ewKMa1rVOeKIT2CyqCsFP8l0zLqWLbu9g43VrmPc0Ma0ACILx-DUNKPhFPX17KnbyNY1TGL38xLzfFQCaezowvpqJ8i6LHAXIjRTGO4us4J48x2aB8XU7Kis0vAZ_L-fOfoFQF0xnV4Mk1DkHWdkHNLNVVayvMTekXgLALCSwKFvpflYfeASfqPbU4UwqA2Q4hv9BulfyaNPXEzqTCuSTQCT4gp1LP2JNVwI2nOnH5Ap3ezN4HoFHyihgMW_jWgx1ZsNvM4Gkpgf-hWIUTnztAPaiG5n-deV6JzQ8yRYBWV60XqfSZLOzMwcpFFzYLxD494A8GEA22Ih9FG-Wm9UK7LychAzJxGRx5iB6aOIzuUctdoJDiv0ofI4Wqjg77oRUmrSW1_pajPPiHtyZZYcZ8QM3X5btOTbkEqVJVWeKEOgwoAwlvnTjNOtjsIEBZcPUdAgWVBNBed8Z4GeNuq6wObpTb_H22K3HsutzMWhfTvD2CDt95tuEukATYWt6iH5VfXyKnIfXie1hbUjZbl8Xl4JQ_HkCYIZFwrmPR-e2ouJ5kPKJD8em3AsAy_Z-3vYkn0bck9NMKa_ky9pxzRKczx5b-DPIugmzXU8Z6y4Ubj8O6-kVQK9si0UXEkvDEjcaFum3blKeB5naHYLcM6gRz5BX8rTyauFXutnrO6Bp0qhfoPbSsMrMeXK2VTK-KHbAxBdYS6PzkCJziQ_7K2B-PVAfvvhKnQdIsi1VqIoFXlWTnztgAl_upYB-7lekaUEFMqR5uWe15es-1W63w64u3Hzjm3pgYpwBJtWAAMb7x7SgeIb8Fyo4pIjNbQWf1dM3m0LlvtCctAt55Is6SPtTlot37316Ig_sIybDxNfhAOXpyWdSEcyYSZ07PRNR4C5PxT0hBD2BBz8pV96iU_CL3QlmEqa3fFO_pn7hHlMmND9Rek7diFnvXKWrkoeVYnTmqckqDXWSaYvladI_yiQZZMATxelT6nL1sbWEbejUPlJOdtzflL6hxiWF1aTs0YTXewmFKfy0Ecl3uF4YD1KpoXCbukvF3rE7azPZQtEjreCueU7SMtG66LoYYCHvc6_Sf6jN3ixi56BF8_vBI1-Onslrs0a4WcZ3y2aT8zScwRp6FSm7YYKqh2tugMaAS0vPc9rRUVGfV81UfGcOs75XLvrWQBllsgkEQifWo6u3bJpsehNTLGqE3BklKF-F3X05J583H5vSeGDWioSCCNNB2Q7xBAEyFEF9OPR7asHSftoNF_m9-a312FKhNTutRufX6AyJfo5cER_GzU9hUFQ-GaNLqxqaC_P-pgxlmdM1KkAyi4cFNd70ZZsgZWKnAzo9FfMxS4oa7uoowFuRcLiiDZUk5a8ojQNf4vTCCjJm5GbE1NC_mPcIAgCCpiv5jBv-AUapJ2qQqwRS2DiwNixjN565o5wxhPeDW-qzhM4IdlQPdgqLYuuj8R-kC-RdpBma3MDu-9G-CWflPiHkwh8tZAnb7AqVeNywojYAOMVSeRZEC8O1ciKmV4A42AslAqPsSW-ngrYT4B2SvBldL9fgyGha1ggfu8Ejxy0lchqz3Bb62FsAd8IKYbwBmqskxYVaXqN18BueuLmzM9Z1lfWKarGYCL6VDiqB7w7-aMz1SqCBvhS_qbiEOWCMPabK6EWw_DfXpLBZ7OG-Xr9grvA2xPdfz312GWAJosjsAVzSZtu6_0G6XuLv2HrssTx7RnVexJ2wDBxDjHYznz56aX744ARLFKBzFmVhpot87mibA6EI6dtW6M9tAayCgCh7EeL6ZFq5NkUERFSZ37HNhCoCB9eEFf3OP7nqu-y0XIQI0gMKL365OtXK0B4cRT1OmYh4_sxpY3O07H4uOetPkCM6A7jcTreqJSfXNLPG5S-gqmdOVf9MGYit_KjOGjcXpcx44jr6uBbToOudhfnvSG0eMmd_kBafNCPpDxsLyn7VSvQD_iFsZjibIbUhxSnZxmbFVwL11toc5o-_IEBQs5vf3-8Uyg8cBmbVpGu7x8blVlZnitT3R_fEHlBiZbyeIi6k0hQYLSHR5tDL_oSBN2EAVAMu4oB8U80QJX6ml2hUmP-w6mC4eUB9wQe1UkR1EK2-2OizonB_yxrY869nPJVQW6qRsgRmRi2J_HUZlOP3bfYH6uJ14Sz1vbtAf1_S3iuSuHEpiUR0QjQCUnOFkPbzoQTpZvwI0VmoluFK9wsGEb2HJc4XGZqlKTlQYqPG-79t-nQB0lSk6Oix_6QCT-QY6W-jRBhoR3v9KN_ujn-oUTVubzVtH3UlAHPg6OSTzJjUsRULfY35k41K36fdeAZ4A9v81qzBVwcL3pnlm-puFbml-j4z1ymFn_xM5qK3UkEW69YOyBirNUo14Lm3bzvPxBYzg1ls20gu6zA3t1y9mDKiMG_VE-9P1nt7pQqBMh7ieZnPRHWa0-6eiWPVD2MmKD_YS8-XW6HsQFJEreiMPa0LasuNUr33ltoeY_KJlVJRezWRU_YriwfRw0PuMHa_dHf2AOmMF8MjTIRgDadjQ2LjnjIMSQTgfSRJZOlU9UxcreJM5bR-wW0zkc76ZGpOf09TMUyYCD9zPcdDu2rY9knwCkzStwqWk_m1NSbVOtXE1sE0wmNL3QrFWWQVvFc6fhyED6w4AZZIJse051vuPlpTi54DYMWOfI0hOmhPtd9Sat3Ebi5gxMihpjMPMMjSKNW_RvVQLbiIqbPA64UrcxOH7k2nwXWP3TZFLVTAYYjYBe8aqO4p-vI7U_tQeqDskaE_-cCiYt6JqIyJgXEyO67QB8_nZe-H0HxYAJxQt13PEMG7v8qVgCetvybvLTrjS6aJJhvaIM3vHZWHgJiXSShtesOfnmAvhJsdOZeJqYTSOM-Y6-De1BCJ9oyFF86VCLBmJYW0GujCy78aDTIqnWQbwSMzDo-GTz7e_b25aErTwcm3OsW_uT-bIKnibfZGb-l5W5mkGctpMP6Pog8ecAmV8VNZfIQ2AmSGe07cXhi4WHOTqshed_Ea7GHZAE3KZLW9x5syGO31-QPCUTYMazUPjNFWTjxn6nvDE5XLEaVEECrd9t5_krLUbW9kjyZv8NOOfNzKM1esvWCroP8V2T1tMaNLusqGqdkbrhL05qxcDIsMMrjFrSUROIUgp1Snh-LxbI7QXOnkeL_fyQPpZcksvkeqZ9sszW8KXfIOR0JpRHZChp1DkhFxepfMftznPAYnSVuk3dvvOOPU3B0ipDpAAqoduzfa8WgGQh1SozJVqSPOMER8CmYeBmHy0qFPNlm09VxvC7rENhfSCZ4YR56GQoGM870V7aFprcgl4_jS_pcjdmVFk-NAhS-F3e4nEDs_PvRO4M2JM0lEzJLWRF6KKPfGbjWPcMW5m4MDGCjqQ9ideR7kfSEyfY6hTCTG3bktaFy1kvQZM-9BbCTkero3MQ5hpLzFzZVYtLMdmmXEuInar3L2EatJMbMq_1IQQQyiIfMuD0T3168V5RV5e-CKUOM45Wry6D7RXxTOeqqmhyWf95JwP5syLqU3tjTU1l1gXpuJWX_nyd5kh_Kgot1LWxB9EjqE7r0fl7LkCSgXNM8sQM2f0w8X6SLnjPzP-Hgpk2wPFg-5UVA&cid=CAQSOwBpAlJW6d_OcaqPdAg5ftX93xG2HaEH0Q9I32hD-KD2E5JZVOHpzeZqa-RvuoDDuhWr9IyTu-thXBrfGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=14704618893209956000&adk=224573080&idt=183&cac=0&dtd=40
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
41f70bff8185b0bea52ff4ea35be81e4cd158335cdabd13dfa90afa0ca6967d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11845
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D23C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 16:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
61084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Sep 2023 16:09:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D23C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
9651
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Sep 2023 06:26:21 GMT
l
www.google.com/ads/measurement/ Frame D23C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcdDnMQZAUji8E0d_JbW1P3wJkUGJSzpSmL9ypqtSO-dFYHlTR541j-jUOJ-LxKl8H-ktjeTS0JyZ45_wtbKdo-Q1JTg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D23C 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 09:07:12 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame E21E 		121 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c5cf45b26dde31bd5f458a26d4803b5d95e254059466a82ae8ce077cae298be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:11 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=x46_lIilo0KlerMXIMUL2Y0w-qakjwNMchjJkOE4Aa_4Do88pinYqcH3PRwK-0_svtSRASxSICJ9CNHKs_hQDZXUvEzrvcHPYWP-Kxszwl6vmzgdzo9FEs1B7j-7YAMmzXeofHptr3G8Jlf8836RD5de6aDTBpsUnvxxdBTjMeNlXYJGdQ2NIbqM_iRuoB1BMgg3YS-jwJHVfC33XRTGv64L_zvoai7S_TTU0n4disHveFotDf_NKyUYNifsT2kvhgUR6A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
52746709
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B8E8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
78793
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Sun, 10 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 0050 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
truncated
/ Frame D23C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39639c92cd5626e413bffc75382a2e446539431e0c5dfd6fefae1a4dac467eba

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame B8E8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIrNSCqbGzwuzSPTyy2obtI&google_cver=1&google_push=AXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24co&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIrNSCqbGzwuzSPTyy2obtI&google_cver=1&google_push=AXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24c...
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIrNSCqbGzwuzSPTyy2obtI&google_cver=1&google_push=AXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24co&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24co%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
804684f2791f5276-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
8
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIrNSCqbGzwuzSPTyy2obtI&google_cver=1&google_push=AXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24co&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ_Fayait3H1XD9K_-FCBls9OqTe5wU0OmY6bKkPT_HhOGQsAXssY9B6AEDn0UWYHJzZmAFblen2cGPcrcpIlpaPzNg24co%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
804684f10f285276-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B8E8
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEMW3JRCWvJwM5Dj6UFBq4y0&google_cver=1&google_push=AXcoOmSeUnE1MauYMoKcEdTU6DswcwbIskloau85nR6Yu_NOzjcYsewsGjl9ZbTko25lyxCiv1VOSd-hDDDOhCPZChlnCzy668k5
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=825575633393
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=825575633393
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=825575633393
content-length
0
pixel
cm.g.doubleclick.net/ Frame B8E8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAYOQJ74aCurSo7R8gtG33k&google_cver=1&google_push=AXcoOmTLX2KmCdCfF6_Vysg6vrea8OvLAPtRIuPtpdtKUch2H9eOyrMqFuBilcvyD5uEa9UhVAjku79Qp29pW5GADQW5Y0C...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLX2KmCdCfF6_Vysg6vrea8OvLAPtRIuPtpdtKUch2H9eOyrMqFuBilcvyD5uEa9UhVAjku79Qp29pW5GADQW5Y0CPRamX&google_hm=eS1FNTNVNUtSRTJwSFBWM0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLX2KmCdCfF6_Vysg6vrea8OvLAPtRIuPtpdtKUch2H9eOyrMqFuBilcvyD5uEa9UhVAjku79Qp29pW5GADQW5Y0CPRamX&google_hm=eS1FNTNVNUtSRTJwSFBWM0kzaXhvc3JmZVQzV0RuWWx0UX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLX2KmCdCfF6_Vysg6vrea8OvLAPtRIuPtpdtKUch2H9eOyrMqFuBilcvyD5uEa9UhVAjku79Qp29pW5GADQW5Y0CPRamX&google_hm=eS1FNTNVNUtSRTJwSFBWM0kzaXhvc3JmZVQzV0RuWWx0UX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame B8E8
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEBziTdJ9B_yVQG_ssswXxMQ&google_cver=1&google_push=AXcoOmQIsqCweQWark_4p6eMpeQpA7yZuC8h0tckDfa2anY9RnDuhtEyHULOfIdNS0SGdgS-fHYcVigQdo4nB0smfmUGlO2kg0_1
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQIsqCweQWark_4p6eMpeQpA7yZuC8h0tckDfa2anY9RnDuhtEyHULOfIdNS0SGdgS-fHYcVigQdo4nB0smfmUGlO2kg0_1&google_hm=M1JlYVRIUnNzVlJqaEpO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQIsqCweQWark_4p6eMpeQpA7yZuC8h0tckDfa2anY9RnDuhtEyHULOfIdNS0SGdgS-fHYcVigQdo4nB0smfmUGlO2kg0_1&google_hm=M1JlYVRIUnNzVlJqaEpOUW9LdjU=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQIsqCweQWark_4p6eMpeQpA7yZuC8h0tckDfa2anY9RnDuhtEyHULOfIdNS0SGdgS-fHYcVigQdo4nB0smfmUGlO2kg0_1&google_hm=M1JlYVRIUnNzVlJqaEpOUW9LdjU=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame B8E8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEK6jN4kZhD5f9xCnPPd1Q5o&google_cver=1&google_push=AXcoOmSfWHUncTDSEQOk48_NjKc9sqOVyIWGv_QtI-pt8CWy3VkFMvk28s4FR93GBo7XvZkXN3xnurTf5U-BNAInB_XBSfXgi0av
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSfWHUncTDSEQOk48_NjKc9sqOVyIWGv_QtI-pt8CWy3VkFMvk28s4FR93GBo7XvZkXN3xnurTf5U-BNAInB_XBSfXgi0a...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYyNzUwNTgzNDQwNjM3MTE1OTI3Mw%3D%3D&google_push=AXcoOmSfWHUncTDSEQOk48_NjKc9sqOVyIWGv_QtI-pt8CWy3VkFMvk2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYyNzUwNTgzNDQwNjM3MTE1OTI3Mw%3D%3D&google_push=AXcoOmSfWHUncTDSEQOk48_NjKc9sqOVyIWGv_QtI-pt8CWy3VkFMvk28s4FR93GBo7XvZkXN3xnurTf5U-BNAInB_XBSfXgi0av
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYyNzUwNTgzNDQwNjM3MTE1OTI3Mw%3D%3D&google_push=AXcoOmSfWHUncTDSEQOk48_NjKc9sqOVyIWGv_QtI-pt8CWy3VkFMvk28s4FR93GBo7XvZkXN3xnurTf5U-BNAInB_XBSfXgi0av
date
Sun, 10 Sep 2023 09:07:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame B8E8
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEC-BRQEGw0UhVGc4sEpi7jk&google_cver=1&google_push=AXcoOmTFKGEmfauPe4Zm44Wnfquoki7nL67OIUA5ZrD7bsi5QFSLuJv0oL5jf4ZxYB0Q2A5W-j1Z3C1utOzJ5NwTIa00uJj6yzEa
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3MzM4NDMxMTgxNTUyNDAwMFYxMA%3d%3d&mn_hm=MzM3MzM4NDMxMTgxNTUyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTFKGEmfauPe4Zm44Wnfquoki7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3MzM4NDMxMTgxNTUyNDAwMFYxMA%3d%3d&mn_hm=MzM3MzM4NDMxMTgxNTUyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTFKGEmfauPe4Zm44Wnfquoki7nL67OIUA5ZrD7bsi5QFSLuJv0oL5jf4ZxYB0Q2A5W-j1Z3C1utOzJ5NwTIa00uJj6yzEa&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:12 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3MzM4NDMxMTgxNTUyNDAwMFYxMA%3d%3d&mn_hm=MzM3MzM4NDMxMTgxNTUyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTFKGEmfauPe4Zm44Wnfquoki7nL67OIUA5ZrD7bsi5QFSLuJv0oL5jf4ZxYB0Q2A5W-j1Z3C1utOzJ5NwTIa00uJj6yzEa&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 10 Sep 2023 09:07:12 GMT
/
onetag-sys.com/match/ Frame B8E8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESED8LQPfIryPnV5uHLQ83Pvk&google_cver=1&google_push=AXcoOmT7jIDoWsC1M8XaKzvIzTXLKS872cYER9YeIrxHdy8Vl1NylMw_KKy5K5N5FUwtqvL2NstFK8f03iL...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT7jIDoWsC1M8XaKzvIzTXLKS872cYER9YeIrxHdy8Vl1NylMw_KKy5K5N5FUwtqvL2NstFK8f03iLKLtYYfkdR_7EPUttVDA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B8E8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jb2QAnOUReqOZkc9NZFMPCZOSVJdGOGqGRgBs1Mc1PrkCzyGW-okxE1MCyNvPWuisP22cohA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 0050 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1D13 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5DkISe97nEVtjemY9cOtZEz4euB2EwPdG7zZlFDGvGws5F4JtWVzkG6ZwvdLNfdTrvSR88cWNzm89X1Er-8Tfqhk9y_c-ryM9sdNR2XSZnK44EIjU09TeuXlENUE4F_6ob3kqkagDhcnDvW5XYWXCh75nPs2Y40g7t_VBCzQl2kpfd3M&cry=1&dbm_d=AKAmf-D_NuwlDa7zVaXKUvEnHK3vKyxJAeJ-q05QqJnRUatP9IfERs0cTrDW-VqCH2vcbeSatDAc6pER5Dcn8y73OhNnLKX99TPPZ73mhmT6CiaRTMItYP3rOw8oBONfdFWG4ti3Ben0lKP1E3FTNBukMSUrQuNAmV--I9pBLexI1Pk967Xp6a2YsZLB6sP1BRrAAl6PMioMGXTnIIXbkzRbOYBXTT4QEVGsjrFWrsKjR6zNdgPdHP10xi-ovWign1CDNFNRJCmiUFZFOgcO_L6USmuLeEZ7ZjO5YwUv2yXDHBqj1bNUg6ijSiyLQ2bLyWlkfcNqRlJviF9k4jhCryshpmXz-ILTxpePdLygHw-fm1i3RadGRdyNXbYWQ1ewKMa1rVOeKIT2CyqCsFP8l0zLqWLbu9g43VrmPc0Ma0ACILx-DUNKPhFPX17KnbyNY1TGL38xLzfFQCaezowvpqJ8i6LHAXIjRTGO4us4J48x2aB8XU7Kis0vAZ_L-fOfoFQF0xnV4Mk1DkHWdkHNLNVVayvMTekXgLALCSwKFvpflYfeASfqPbU4UwqA2Q4hv9BulfyaNPXEzqTCuSTQCT4gp1LP2JNVwI2nOnH5Ap3ezN4HoFHyihgMW_jWgx1ZsNvM4Gkpgf-hWIUTnztAPaiG5n-deV6JzQ8yRYBWV60XqfSZLOzMwcpFFzYLxD494A8GEA22Ih9FG-Wm9UK7LychAzJxGRx5iB6aOIzuUctdoJDiv0ofI4Wqjg77oRUmrSW1_pajPPiHtyZZYcZ8QM3X5btOTbkEqVJVWeKEOgwoAwlvnTjNOtjsIEBZcPUdAgWVBNBed8Z4GeNuq6wObpTb_H22K3HsutzMWhfTvD2CDt95tuEukATYWt6iH5VfXyKnIfXie1hbUjZbl8Xl4JQ_HkCYIZFwrmPR-e2ouJ5kPKJD8em3AsAy_Z-3vYkn0bck9NMKa_ky9pxzRKczx5b-DPIugmzXU8Z6y4Ubj8O6-kVQK9si0UXEkvDEjcaFum3blKeB5naHYLcM6gRz5BX8rTyauFXutnrO6Bp0qhfoPbSsMrMeXK2VTK-KHbAxBdYS6PzkCJziQ_7K2B-PVAfvvhKnQdIsi1VqIoFXlWTnztgAl_upYB-7lekaUEFMqR5uWe15es-1W63w64u3Hzjm3pgYpwBJtWAAMb7x7SgeIb8Fyo4pIjNbQWf1dM3m0LlvtCctAt55Is6SPtTlot37316Ig_sIybDxNfhAOXpyWdSEcyYSZ07PRNR4C5PxT0hBD2BBz8pV96iU_CL3QlmEqa3fFO_pn7hHlMmND9Rek7diFnvXKWrkoeVYnTmqckqDXWSaYvladI_yiQZZMATxelT6nL1sbWEbejUPlJOdtzflL6hxiWF1aTs0YTXewmFKfy0Ecl3uF4YD1KpoXCbukvF3rE7azPZQtEjreCueU7SMtG66LoYYCHvc6_Sf6jN3ixi56BF8_vBI1-Onslrs0a4WcZ3y2aT8zScwRp6FSm7YYKqh2tugMaAS0vPc9rRUVGfV81UfGcOs75XLvrWQBllsgkEQifWo6u3bJpsehNTLGqE3BklKF-F3X05J583H5vSeGDWioSCCNNB2Q7xBAEyFEF9OPR7asHSftoNF_m9-a312FKhNTutRufX6AyJfo5cER_GzU9hUFQ-GaNLqxqaC_P-pgxlmdM1KkAyi4cFNd70ZZsgZWKnAzo9FfMxS4oa7uoowFuRcLiiDZUk5a8ojQNf4vTCCjJm5GbE1NC_mPcIAgCCpiv5jBv-AUapJ2qQqwRS2DiwNixjN565o5wxhPeDW-qzhM4IdlQPdgqLYuuj8R-kC-RdpBma3MDu-9G-CWflPiHkwh8tZAnb7AqVeNywojYAOMVSeRZEC8O1ciKmV4A42AslAqPsSW-ngrYT4B2SvBldL9fgyGha1ggfu8Ejxy0lchqz3Bb62FsAd8IKYbwBmqskxYVaXqN18BueuLmzM9Z1lfWKarGYCL6VDiqB7w7-aMz1SqCBvhS_qbiEOWCMPabK6EWw_DfXpLBZ7OG-Xr9grvA2xPdfz312GWAJosjsAVzSZtu6_0G6XuLv2HrssTx7RnVexJ2wDBxDjHYznz56aX744ARLFKBzFmVhpot87mibA6EI6dtW6M9tAayCgCh7EeL6ZFq5NkUERFSZ37HNhCoCB9eEFf3OP7nqu-y0XIQI0gMKL365OtXK0B4cRT1OmYh4_sxpY3O07H4uOetPkCM6A7jcTreqJSfXNLPG5S-gqmdOVf9MGYit_KjOGjcXpcx44jr6uBbToOudhfnvSG0eMmd_kBafNCPpDxsLyn7VSvQD_iFsZjibIbUhxSnZxmbFVwL11toc5o-_IEBQs5vf3-8Uyg8cBmbVpGu7x8blVlZnitT3R_fEHlBiZbyeIi6k0hQYLSHR5tDL_oSBN2EAVAMu4oB8U80QJX6ml2hUmP-w6mC4eUB9wQe1UkR1EK2-2OizonB_yxrY869nPJVQW6qRsgRmRi2J_HUZlOP3bfYH6uJ14Sz1vbtAf1_S3iuSuHEpiUR0QjQCUnOFkPbzoQTpZvwI0VmoluFK9wsGEb2HJc4XGZqlKTlQYqPG-79t-nQB0lSk6Oix_6QCT-QY6W-jRBhoR3v9KN_ujn-oUTVubzVtH3UlAHPg6OSTzJjUsRULfY35k41K36fdeAZ4A9v81qzBVwcL3pnlm-puFbml-j4z1ymFn_xM5qK3UkEW69YOyBirNUo14Lm3bzvPxBYzg1ls20gu6zA3t1y9mDKiMG_VE-9P1nt7pQqBMh7ieZnPRHWa0-6eiWPVD2MmKD_YS8-XW6HsQFJEreiMPa0LasuNUr33ltoeY_KJlVJRezWRU_YriwfRw0PuMHa_dHf2AOmMF8MjTIRgDadjQ2LjnjIMSQTgfSRJZOlU9UxcreJM5bR-wW0zkc76ZGpOf09TMUyYCD9zPcdDu2rY9knwCkzStwqWk_m1NSbVOtXE1sE0wmNL3QrFWWQVvFc6fhyED6w4AZZIJse051vuPlpTi54DYMWOfI0hOmhPtd9Sat3Ebi5gxMihpjMPMMjSKNW_RvVQLbiIqbPA64UrcxOH7k2nwXWP3TZFLVTAYYjYBe8aqO4p-vI7U_tQeqDskaE_-cCiYt6JqIyJgXEyO67QB8_nZe-H0HxYAJxQt13PEMG7v8qVgCetvybvLTrjS6aJJhvaIM3vHZWHgJiXSShtesOfnmAvhJsdOZeJqYTSOM-Y6-De1BCJ9oyFF86VCLBmJYW0GujCy78aDTIqnWQbwSMzDo-GTz7e_b25aErTwcm3OsW_uT-bIKnibfZGb-l5W5mkGctpMP6Pog8ecAmV8VNZfIQ2AmSGe07cXhi4WHOTqshed_Ea7GHZAE3KZLW9x5syGO31-QPCUTYMazUPjNFWTjxn6nvDE5XLEaVEECrd9t5_krLUbW9kjyZv8NOOfNzKM1esvWCroP8V2T1tMaNLusqGqdkbrhL05qxcDIsMMrjFrSUROIUgp1Snh-LxbI7QXOnkeL_fyQPpZcksvkeqZ9sszW8KXfIOR0JpRHZChp1DkhFxepfMftznPAYnSVuk3dvvOOPU3B0ipDpAAqoduzfa8WgGQh1SozJVqSPOMER8CmYeBmHy0qFPNlm09VxvC7rENhfSCZ4YR56GQoGM870V7aFprcgl4_jS_pcjdmVFk-NAhS-F3e4nEDs_PvRO4M2JM0lEzJLWRF6KKPfGbjWPcMW5m4MDGCjqQ9ideR7kfSEyfY6hTCTG3bktaFy1kvQZM-9BbCTkero3MQ5hpLzFzZVYtLMdmmXEuInar3L2EatJMbMq_1IQQQyiIfMuD0T3168V5RV5e-CKUOM45Wry6D7RXxTOeqqmhyWf95JwP5syLqU3tjTU1l1gXpuJWX_nyd5kh_Kgot1LWxB9EjqE7r0fl7LkCSgXNM8sQM2f0w8X6SLnjPzP-Hgpk2wPFg-5UVA&cid=CAQSOwBpAlJW6d_OcaqPdAg5ftX93xG2HaEH0Q9I32hD-KD2E5JZVOHpzeZqa-RvuoDDuhWr9IyTu-thXBrfGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=14704618893209956000&adk=224573080&idt=183&cac=0&dtd=40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
178746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 07:28:06 GMT
dvbs_src_internal120.js
cdn.doubleverify.com/ Frame 1D13 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal120.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253811&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0ilvXkDtDzQwD_tSVEEtgRj&c1=3060631&auorder=1011813649&aulitem=20020583203&aucrtv=489148224&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&aubndl=&audeal=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
252252acd6131aa529469c26df8e7a3cc793d5af695cb8047b4ebf9b5836f08c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 09:52:29 GMT
Server
UploadServer
ETag
"4f9afc07debda67800726bb64da41bc2"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19651
Expires
Mon, 09 Sep 2024 09:07:12 GMT
bridge3.588.0_en.html
imasdk.googleapis.com/js/core/ Frame 5223 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
480697
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236614
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:35:35 GMT
expires
Tue, 03 Sep 2024 19:35:35 GMT
last-modified
Mon, 04 Sep 2023 19:31:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6627 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 08:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:26:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D23C 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJrNcP4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBM4CT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOnqEvfSEw081v1wIUYOT38263Sc1YHo9uzCAGM-jACgZ0azYpVMiYAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=7WdG8dkFXkA&uach_m=[UACH]&cid=CAQSOwBpAlJWV03T0Oz9mKxJ3KtsMCs4pzSPelNqIABW5lR7-39ffDXKh9ELjhYt6sHAzWFESFfNzv9h-9l6GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 10 Sep 2023 09:07:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame D23C 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k5uAFobWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQP4f9ZBy-AIROhhZnnmAAABIAAAoKQVFVRER3RUJEdw&wp=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829829&bpp=804&bdt=1036&idt=1453&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=1&ga_vid=911724692.1694336831&ga_sid=1694336831&ga_hid=590223680&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4206&biw=1600&bih=1200&isw=336&ish=280&ifk=209949300&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44798321&oid=2&pvsid=188232954465083&tmod=1240448375&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mrsdah2cnowk&btvi=1&fsb=1&dtd=1458
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
140873
server
Kestrel
content-length
0
480_650.mp4
cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/ 		8 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 10 Sep 2023 09:07:12 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 79A4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
182445
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 06:26:27 GMT
expires
Sat, 07 Sep 2024 06:26:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame E21E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E21E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E21E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 04 Sep 2024 09:07:12 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E21E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 04 Sep 2024 09:07:12 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame E21E 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WJCrTx0rqOpHnIth6-Awl8Qw4fgYazXSKa9yLFW9Qmi2VT4GI6oszvFIY0HfuTq11Vy_PHU0Acw53zaOFP_6GYwaqfhW4HhaoCSqHUG5tXZqCg4BSnNI3ebF_geuSPrIzZq0CDbSjcCE7maUdcO-4w1SmYVEfFySmppx_r1HAB_bWmkK0En55bLlc8tue7Jpe3Ke2ubumWmZNeOPnQcMaYrBuPqrxTy-h7b0Crsg9tuRSArWjm9YtpyaEJN0CQpAMgcQpe9WSX-mAZJJjTHb3uLWpFIUETMVwNB71LMf_bA9rSZfo7ar9BGtQZ7-GA5MweBFfZuCPo8lyRHzLvcr8Ow-BpnFS-U-V5u6Kj1fbSvxuT_PBkQqBEsg7zCLALwdRwRo8C3aFbc0VwJKdYUNx27RTfIpWMrG4pMuGNnK-3jZUBPQLFqE5oASHaYxHKlRcQ-0YyqD5g_hbwCM7bQkR7i0hrEAX2ZBJJDrudkB_aZMZesxVg7s6GEyAysJKvVNZoJ1ruxpSurpUuhLJb47n5NCN-vghmI2_0yuYC-NMk91XjMG8UvR0qn3tYo4NMRCTmg05A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2456380
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E21E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1948674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Blg5fZ31DA6UHF1sOFwTyhEV5zrDqz%2FHOLT58DnrVNGQzSVDT9xzWLRmpf%2BCXH8vsMcNJYWUeJPG5sAl6MDKdHpeKehk6tU%2BHIvCJIP4Fp7hztqhDxfxqqs9tJi%2BBIyzoULm6yzan8snQDX%2Bkzo85Gf0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
804684f16ad35264-MXP
expires
Fri, 30 Aug 2024 09:07:12 GMT
animejs.js
static.criteo.net/animejs/ Frame E21E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:12 GMT
verify.js
rtb0.doubleverify.com/ Frame 1D13 		443 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_733307749640&jsTagObjCallback=__tagObject_callback_733307749640&num=6&ctx=1828362&cmp=115739&plc=4253811&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=733307749640&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=89&bridua=3&dup=null&ppid=103&auevent=ABAjH0ilvXkDtDzQwD_tSVEEtgRj&aucrtv=489148224&auorder=1011813649&ausite=881479034793&auxch=1&aulitem=20020583203&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&chro=1&hist=3&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=1&ssl=1&refD=3&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=26&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=167&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauBF2%3F%5C%3D%3A2%3F%5CE%3A2%3F%5C5%3A2%3F%5CK96%3F8%5C92%3F8%5CK9F2%3F%5C%3B%3A2%5C%3B%3AF%5C%3F8B%3A2%3F%5Cb%3E%3A%3F8%5C8F2%3F%5C%3BF%3F%5C%60E%3A2%3F%5C49%3A%5C%60A%3A2%3F%5C%3B%3AF%5C%3E%3A2%3F%5C%3D%3A2%3F8%5C%3D2%5D9E%3E%3D&dvp_exetime=10.10&aubndl=&audeal=&callbackName=__verify_callback_733307749640
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal120.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
ca47c85440c7d12d970ea0468b8464022b9c6e541a6d5c8d41635bdc7301795e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:12 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
09/09/2023 09:07:12
img
imageproxy.eu.criteo.net/img/ Frame E21E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F7a34ef86a86540a5adebf22d382f4e90_digicomp_logo_white_criteobanner_cta_horizontal.png&v=3&w=668&s=jE2gZoG1tNbQutE2yyZXUCGG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
14927
expires
Sun, 04 Aug 2024 01:52:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame E21E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FSTORYT.jpg&v=3&w=400&s=vyZmVj0Tycyq3BU_6UI8qygA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2e108b13f9db2acc5baf4873111d47587fcfc08fac49592a736d7846993ff25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
16322
expires
Sun, 10 Sep 2023 09:08:20 GMT
all
csm.eu.criteo.net/ Frame E21E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=x46_lIilo0KlerMXIMUL2Y0w-qakjwNMchjJkOE4Aa_4Do88pinYqcH3PRwK-0_svtSRASxSICJ9CNHKs_hQDZXUvEzrvcHPYWP-Kxszwl6vmzgdzo9FEs1B7j-7YAMmzXeofHptr3G8Jlf8836RD5de6aDTBpsUnvxxdBTjMeNlXYJGdQ2NIbqM_iRuoB1BMgg3YS-jwJHVfC33XRTGv64L_zvoai7S_TTU0n4disHveFotDf_NKyUYNifsT2kvhgUR6A&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E21E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E21E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP2HPwAF7T0Kp5clAATQ8epF6ZsIBYftYOKTpw&u=%7CvNLzGI%2FMnSd0oUcr7Av4Gtt%2B4GwotkZZt%2FD%2F%2Bj74wPE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjgc3FYskNp-5SChdG3Z1kSpIkEG1C1bc7O3n-qcscLjE-Y6jf7Eoc0mRskTHtU39Uho5kZpSxrEKPmbdZ_8MGkfcEvQirYdZx--Xbxg5SSvR7e9NVg_JHiQy4qm_ohx7sEwZfUFqwjFB0apXeTaZAQrFX9kVZCeKL2tMaBeCvVYRLhYnON0SAc84Pjtz7c_NweFaa0VGHiSSLpFdK4lM_SkeiCY4AtiRWzVVFIUssiQ-ZgAw3ZTsl0MG70AkOuU2JC5xK5QZIFEWUhLaoKyouO-V1T-1ONRhWVpY705F0NEt2Aykv54tlJQgUMMpBRCedglxC3oS_ueW8sYXxy4qvwXdd883F2do_uHvYZ6YD5rFL2BqvyxTgU0m7uI2K9cGWSdshwq1yJpwAvhrD9ZQFSK7Hvn3LNXz1ipNcxSmHZiM3CopOmMEMMFA8G1g1ZNp3tICFpv5z5-ryIJeY4jlQFeTsjRSc3b1UQ6_VIhtQ-xPK9Xu0NTlZ8Gqg-DYPSr9xFbnhk5yxe22UpqEzPKEfz2bYEtf2bN37ta1YKBFRWJV3HPTV4CKE-DMmF42wHO-Haa0QYLwLqCjJ-NVwsUMlhKPPBI2UL1OJDElGJAAds3hqGpT84hUIpvTgWFb3bLKrm2u-YvHg75-U1rv70ozAR9kHykXELVv2ntT5o5YoZXjD3eeqjB6oPS9SZEfdluGsKoT9HyKhieU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp1S8P4f9ZL3aF6WungXxoZOgDsme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCIyVOj4PzsT6oAwHIAwKqBNECT9Bh7nEAaq0ibzXZF_Ic16XO4fXcprN_l8xTTCBFduHv4h392JaDHnvAR1NnmU4CX8arwwm5kvb__HOAG_9NAffDbVpw04OjSUxzlW8EvA6PbENdeoYdmfw-nbGuJ878s0yx4OzWRcHi8mQJTgEKNhDTChapYzoTb9MwNIyyrLLTBNGFGGttA5zn3lTdivWiqLV6Jm9VM1dcNoVk7eK084nuJNffGhfzlLGKelHuixKGaqmzYSJ_Ce37HetJ1vdCb_Joyg8RCKqR7tlz_EnWPlZxbmoleZpYEfF5T-1C8Dx1BElzgjK5JvMkywKUS1KMMSOF9pT45cTO9eaO9gNi9q8ysYXMSCsri52g7KDwgYW6kN8eXzsymyOkvAv8XezdKNoPXnGdSOmoENZAk57s61ugBpyCb5aS5VOWY4vG7m52yF6Yfr--S14rqAFsYJr92YAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37JJtU7Ze8JZBNmRL2-Ioq15dGBg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Sep 2024 09:07:12 GMT
all
csm.eu.criteo.net/ Frame EAF6 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=WgfjZIilo0KlerMXuw2--3FpPgnyrRWPNRXkWJMyK8E_CYDO89N4BR0yTmVIxQ2LTOvi4FD35aRIpzUZTg7ExLOM1WsXl9GGfSVXgyT0mTfExtRxNwKN4F-RwlPIdNwhZuFVivrU_zKAdIijSRTUmRHtKXPZl2wUdER_ThBkOV4zJLmgIiAOUAL-Q1jvPdF4q474jVpZVjAt3t9HeD_ABmxofBW1lgLsFYxum5GaPz_WZrt8Fvu9nEcC84h-fZ2yzlL3Ng&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 79A4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
56502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 17:25:30 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5223 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=846741607124181&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3976201203&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Frzfn0S4d9Ntu9937htmYeg%3A1694340429%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=1EF2A18D-5983-4B46-96E4-7239C4482816&a3p=EhkKCnB1YmNpZC5vcmcY7Yrh8qcxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNOG4fKnMUgAUgIIZBIZCgp1aWRhcGkuY29tGNOG4fKnMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSRmRxUlhaQmJVcFVSMGQ0T0hGWlVYaHJOazlrZHowOUluMD0Yso_h8qcxSAASGwoMaWQ1LXN5bmMuY29tGLyM4fKnMUgAUgIIag..&nel=0&eid=420706097%2C44772139%2C44777649%2C44781409%2C44781753%2C44782089%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dt=1694336832392&cookie=ID%3D2a3ff77ae6a1af07-222765466dde0042%3AT%3D1694336828%3ART%3D1694336831%3AS%3DALNI_MbUgnu2v5rAh4X1ITR6sswqncK6LA&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&scor=3096216072305567&ged=ve4_td4_tt1_pd4_la4000_er1216.240.1217.960_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 10 Sep 2023 09:07:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
208513
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
221448
expires
0
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8ae5ed4e4437479e9f2aa218f553f70edfd8e5cfae768fe82c1688fb863834d3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 10 Oct 2023 09:07:12 GMT
/
onetag-sys.com/usync/ Frame 6B2F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1694336829043
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 6347 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.86.239 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
omni-am6-hz4jiuhczvnn
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sun, 10 Sep 2023 09:07:12 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
async_usersync.html
acdn.adnxs.com/dmp/ Frame B529 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 10 Sep 2023 09:07:12 GMT
ETag
"623de86a-cf34"
Expires
Mon, 11 Sep 2023 09:07:14 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame E60D 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1d7082e9253fc7753f8e457947872bbbae81919127a54d020a1427fd20cf5127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8472
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:12 GMT
expires
Tue, 12 Sep 2023 09:07:12 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
adpushup-d.openx.net/w/1.0/ Frame 311F 		504 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c86ab658c68e309d082b94e89f57c01030ac9798b7384910a9782d3858f9f9b3

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
323
content-type
text/html
date
Sun, 10 Sep 2023 09:07:12 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame EBE6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-115.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74205
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 09 Sep 2023 12:30:28 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-id
8rhdFbfphQ8mmhFEpucqep96B31aqh0_2yiXDJ03pPz52EBbS_gMpQ==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
csync.smilewanted.com/ Frame E37A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804684f2bb689b31-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:12 GMT
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 98B0 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 10 Sep 2023 09:07:12 GMT
usync.html
eus.rubiconproject.com/ Frame E1CF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Sep 2023 09:07:12 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 67F3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
575
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
804684f308e44be9-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:12 GMT
expires
Sun, 10 Sep 2023 13:07:12 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/getconfig/ Frame C2BE 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
529af6a6b09af7db3e196e86770116f04ddf388374eceb623b7d52051a4155c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11831
x-xss-protection
0
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694336832447&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1548&pt=-1982891882&tz=120&viewable=true&ddast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!pl1549_vB!ufm_vG!ufrlt_vA!ul3335_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3b12cb7b9d35cd9b173edb4230119c2422b5747eee4171cbf34ab8f27903d5a3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1429
x-cache
MISS
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
nginx
x-timer
S1694336832.461096,VS0,VE35
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame E1CF 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Sep 2023 08:42:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84953
Connection
keep-alive
Content-Length
10209
Expires
Mon, 11 Sep 2023 08:43:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3666 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=2150227330298112&bg=!VFelVxjNAAa6D61Rmg87ADQBe5WfOJLj_D-3aLNQCpy8L9IFxzDK1SVG_-tMrudKPqzrAQQHjxmf9hN0kugqkk8M1wClAgAAAPFSAAAACGgBBwoAl1P3nOO65qWK3EBbFObaHDcW3ZOZF2JqikXN_YPYnWJ8Dzk2G9gjdl4zdLXHzjETTKwoOOr5AWPJjpMYBdLo9LQFrXUaIsuPvFgXFzG-fcA5OvL-R_03q9_3XLJVpR5hE-U1TrrZAssnEFcIK22mOZqVSR4Z1OnVWjVxaG5cwwsuwPoHtFfzevuEEO8IEre-JTd0s1vERNqZAtPOj5fsfgHkRDv1ss35mXWpUP13JXB3fA7wp_TAGRnIyEpmIm7r3cnGcFSaosXvlEO5UH0xZcSSENpjh2d-vHF7Pf-3ieajhHXK5Z0zF3efKKEhoTDR1PPbkWqUSxiRQXO0nsi9MgBPSqCIGoOwp_LaYBkJsTAWRJJcaSVn81ATiC-j5vQDS26EWjKmeU_W7jnmOVA0-MtfKVTrzUO3W4nDv1y2jCfMiE8Ki5CmRvsfUvudzEKK0Vd71dbUrlAbYdHtO7Tw9bcpDZhCNenqcyDNSROpHtxTatK-nLDmp-2_6jhiH9BqWL-hJwUyhwUlyoNu-VW7EgpmQAoAvY0uGwoUyDlwtFbW4iHVj3uHaw0PN24YL9ZHPbVJ4tCs1remrYCCZiWEANVSCrcHMEiXjtIrDvn_TaiL1-J6qbgf9k67GD6FCiQ5tu93j060ae6JuOknepHkSGYqF4FZuWdyNh2kxJgVxd-WcUPcnqCb-IRSCyI9CR4GSE5unRGeFDXi75i_uuNeXVcZrWQIn6i4iW7qWzotS4Rc_HLtnbmNocPOdT9ZzdCF29_2yMVE-MD16HZYN4bnEeVOMzroh_uW16wwNbqrSk9ZJXCBEhf3SfptZ9kxBUlTybXMCppVHrLbTVvkHRNJ2nCMSePsk40OmfHIcpIu3TrY6R6wcW5uYdBy_UayBKTTiJ2gjPROVBIbV1eDEQQPGea6WXTBIv0-rsSmrNFX688iPr9H-SZLSYtyTSWm0iB9tzUOhL2WJSg-_YazPxuXuypVDZu0ZoHKxxZN2wyrsKQicllonSwPeP9VENEWcpRfq71andbgBwpAL7a0LHfV5H1OZfQw7kkMhuekZMKGkzL8t8DFfRLyhpKJw0DI60O2FDoPsB7EM3JR_8a1st5g-vJQ6Eg-eriUqinD_wrJblEw-Z40ezjp2Cq96YXgtgmcfFx3DPFIAdE4g2Ylvog
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7D58 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=3152877735928749&bg=!tLelt_jNAAa6D61Rmg87ADQBe5WfOMFzELLh-dKA_wV_-nYyo72HyYrDGeH11GbzP_PaKaTMnOWGUh861lf4kNDRhpGIAgAAAO9SAAAAB2gBB5kC5YfUstb85c082YCQe3EU4jebEJaPv_SirETCNnc6v-RdgIw3UO6oWP2fVn83yzHDjOAY6mRqz0j-XJKCWpaF0NdR6cn0bh18NxP7-0dfg3UVPYtFcDoStmiOiHs9TLw_HBhn_i3ljiI-KuX15Whwz6xXb_BFF92J1oCG3M7xOfGol_ZrZlsypXLzWVJ1VEtGcY2a8Ww9cDM1nEwiJ1zR_mrOaN7gEC7mc_K5AK06_NIhechSBJZVMXqRI87n8KicnFTynu5KUOGKdgFVNOESt9fHTtOzLm7m90br4lO5uuOH5DnAc-mX8tsN53XzAvKyw_s68d0zalQfwmdITyonCegDdlUWs__duF2eEB_zgtaslVD8nETEtIJapAuq8wVRUpZ_7Dk4eq4RyAuAzyqelaRkf7DZipv2sIuh1p9zfamxhxZWu0AyZLVsTAyOygRJT-On7KKcjmZYBoiqovo8GnrjdDr0mQOM2bcM8tsI2hm-rVR8s2Zwgn4VM57JuCC5slKq6f7y85pf22-NXavBuCLmvDebVsXbYHgKqttjAQOeNaQwQKdRELa4UAPh0HSgo9GrlYLrbTCsnX-SxJeNTr_TaVBrIvBOJOB-DOfuak8luturzLrJaX4_-Hv8rDRntpgEKC_ug8iS1rQAq178664yj3Mme7UAZhP7a1-TdClM2l78ucvPuOvYo_N88XieVaDvWSMMWw-uRuV91PtJDwZcgSIdpee8D9aNJET_uRz1UxfqMce9_M5Q_wg9K8DLQCFE6ZurG5DuJPix3FtvPjCtdgEQVJW3Be3cwQHD09GQNIIvphBu-j6IlxBXXdOzCPByz8WRLTjSE3cZKV7hH3EERxH2iZJGMUb-ekJPOMDL3HBjuGRPE4dDV0AHbesEiOB73B9P5zACSb_gBK6p6fULi2MkPcQ3UxXs4lFgnt0awnkRqmsanm9_Aza7DuXaCxZ_qLuO4w5A2xIYIdJ9zQK717dSDA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame 311F
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=7190dcd5930123f7&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIVRMuSuSxCgNH5_JsAAAAAAA&expiration=1694423232&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIVRMuSuSxCgNH5_JsAAAAAAA&expiration=1694423232&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIVRMuSuSxCgNH5_JsAAAAAAA&expiration=1694423232&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
dds
rtb.openx.net/sync/ Frame 311F
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=AZJx2QmIyrgNUCJPcXCHMA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4a039da1-30a2-e1df-daf3-780d5d3e70c3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 311F 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4a039da1-30a2-e1df-daf3-780d5d3e70c3?gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:e201:bdb5:e43c:2ec Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 311F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=c8136c3f-8761-4535-b0b3-6413699b34b2&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 311F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0&tc=1
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=duA9zx5Ik5RxMay7Ymjn&pi=openx&gdpr=0&tc=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=duA9zx5Ik5RxMay7Ymjn&pi=openx&gdpr=0&tc=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=duA9zx5Ik5RxMay7Ymjn&pi=openx&gdpr=0&tc=1
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT, Sun, 10 Sep 2023 09:07:12 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 311F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=zzBn88EzMvPUYDSmz2csr85lOaLUNmevnWfYHLQ_
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=zzBn88EzMvPUYDSmz2csr85lOaLUNmevnWfYHLQ_
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=zzBn88EzMvPUYDSmz2csr85lOaLUNmevnWfYHLQ_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C2BE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:07:12 GMT
dv-measurements4648.js
cdn.doubleverify.com/ Frame 5431 		421 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4648.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1d1c08d93103cdd0a6f614671663012e80dd00d1b17192480f6b6f3e43b910c0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 04:54:52 GMT
Server
UploadServer
ETag
"9ac43583cf805f5dd2a2d0912297418b"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100896
Expires
Mon, 09 Sep 2024 09:07:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4E8A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
78793
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Sun, 10 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1D13 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85359d47fe4914f2c1b3288aa63ddd1f0236457e7e849065881a4237ce76c014

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
log
c21lg-d.media.net/ Frame E60D 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3373384311815524000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-160-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:12 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 10 Sep 2023 09:07:12 GMT
usermatch
ssum-sec.casalemedia.com/ Frame AA10 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf472c9e60c18b1c6c85c1c4f18a10d781ceb5b7a8cf9e088aa9d437ac0558b5

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
804684f45b2e5238-MXP
content-encoding
br
content-type
text/html
date
Sun, 10 Sep 2023 09:07:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9l4NtWy%2F3VyLdNZndfCqM6Mvt8pXU6j5RRXpVt1c2RFwcHlQsQm9AoCqN%2FrlHJQSJq2CCSpMkJNLSEl5VBcZVBFozSbiuvSO8Ahs3QtNI1EpWGr8eRgH8QDJXZFDB6o8jyYfAQ1Tv4rzvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame E37A 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
764018
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
804684f45d599b31-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
csi
csi.gstatic.com/ Frame 5223 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmd8eivs&c=222644881557&slotId=111322440778.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
servedby.flashtalking.com/imp/8/115739;4253811;201;jsappend;DV360;DV360FY20EDULALEDUPurchaseCHDSKBAN300x250/ Frame 1D13 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/8/115739;4253811;201;jsappend;DV360;DV360FY20EDULALEDUPurchaseCHDSKBAN300x250/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301107%26pi%3Dt.ma~as.3006%252F14893_2023%26w%3D336%26lmt%3D1694329631%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1694336829827%26bpp%3D585%26bdt%3D1041%26idt%3D1183%26shv%3Dr20230906%26mjsv%3Dm202309060101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D2a3ff77ae6a1af07%253AT%253D1694336828%253ART%253D1694336828%253AS%253DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g%26gpic%3DUID%253D00000c71948a2737%253AT%253D1694336828%253ART%253D1694336828%253AS%253DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ%26correlator%3D222644881557%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D1979338126.1694336831%26ga_sid%3D1694336831%26ga_hid%3D335291076%26ga_fc%3D0&us_privacy=${US_PRIVACY}&cachebuster=47830.33616805543&ft_dv=%5B%25ft_dv%25%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.81.43 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-81-43.deploy.static.akamaitechnologies.com
Software
prod-xre-app12.lhr11 /
Resource Hash
cd451ce081cb2151cd4e5a5ce9fa660d3d427eca6b6bfab4ce753dab7c47bd98
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:12 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app12.lhr11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1284
Expires
Sun, 10 Sep 2023 09:07:12 GMT
13926
g2.gumgum.com/usync/ Frame EB0E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.67.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-67-227.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
838ba4614c7952c767352fceb8eb5d2e39c80848c4d08c8bdeeb343b6c9cf9ac

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 10 Sep 2023 09:07:12 GMT
etag
W/"04b768838279136ecaaff6ff2b41d76e6"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame F302 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 5E08 		673 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.231 , France, ASN16276 (OVH, FR),
Reverse DNS
ip231.ip-178-32-210.eu
Software
/
Resource Hash
ac03e080b9a9887d448e3cfa63772cf3f124d22d307b07ba2eda46198c69d911

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
673
content-type
text/html
date
Sun, 10 Sep 2023 09:07:11 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1930 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f4b12d22fb23ef64d59e59f8b359679c4d322a41f1cef15d37af70a46ff4034

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
804684f4ab805238-MXP
content-encoding
br
content-type
text/html
date
Sun, 10 Sep 2023 09:07:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwKmYj8T7kKvUCljK3kUw%2FJGCw5QJ6eUH9ezOfeGzMQdOgJlbFpckmGBqHio0wbO65LPWhnONWDVLou1Ia32D8ag54tqNix0eug4Rqf9Gd7uNq05BCw6OlXX1gmnYknhFlXiMz6yqoSuPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 30E4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Sep 2023 09:07:12 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 10 Sep 2023 09:07:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9A0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=123155
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 10 Sep 2023 09:07:12 GMT
expires
Mon, 11 Sep 2023 19:19:47 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame C0E1 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0bf1e4568f9f26d535f7faa34442d781664d5e6c351019396a6d04d13a7dc4ef

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
1498
content-type
text/html
date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-id
2g9TaON0FAGvc5Oag-3wrPbC2SwgqFS40ncsMzAGihZ5vPBT3fQTaA==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
user-sync
sync.adkernel.com/ Frame CAF8 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 10 Sep 2023 09:07:12 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 35C8 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
36d79c43757e8975e1e1d8bc960fbeb5b9c6c68feed04b9641ee56f82865d412

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7194115729736594569
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7194115729736594569
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
an-x-request-uuid
7dc1d0da-0e86-42b4-8457-714afe81ce3e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=7194115729736594569
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HTAjrGZHC1kSg52IQqyLrwKK
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HTAjrGZHC1kSg52IQqyLrwKK
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:16 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HTAjrGZHC1kSg52IQqyLrwKK
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame EBE6 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 10 Sep 2023 09:07:12 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1694336832864
  • https://ad.turn.com/r/cs?pid=45&rndcb=4605379176
  • https://sync.1rx.io/usersync/turn/7031372384577410706?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-fab17d08-88f3-4b0d-9586-f5759b535701-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-fab17d08-88f3-4b0d-9586-f5759b535701-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
date
Sun, 10 Sep 2023 09:07:13 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXfab17d0888f34b0d9586f5759b535701003
content-type
text/html
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=4463025857368766481
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=4463025857368766481
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=4463025857368766481
Date
Sun, 10 Sep 2023 09:07:12 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=a535217a-1240-4591-b31a-47fbd5b57c47
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=a535217a-1240-4591-b31a-47fbd5b57c47
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-183
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=a535217a-1240-4591-b31a-47fbd5b57c47
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Sun, 10 Sep 2023 09:07:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS04MDQ0YzAwZC1mM...
  • https://ssp.disqus.com/match?bidder=30&buyeruid=01dd9dac6618ae494ff52f036aa9334130fdc95bca3a70f963095b3470b0300a&r=Cid1YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQQ____________ASpTaHR0cHM6Ly...
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS04MDQ0YzAwZC1mMTQzLTM1MzAtYjU1Ni1mMWVkMGNjYjhhZjQQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS04MDQ0YzAwZC1mMTQzLTM1M...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-8044c00d-f143-3530-b556-f1ed0ccb8af4
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-8044c00d-f143-3530-b556-f1ed0ccb8af4
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:14 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-8044c00d-f143-3530-b556-f1ed0ccb8af4
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:14 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame EBE6 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 10 Sep 2023 09:07:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 10 Sep 2023 09:07:12 GMT
sync
ads.servenobid.com/ Frame EBE6
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
  • https://ads.servenobid.com/sync?pid=328&uid=dc0e5e02-155c-41af-8a8b-25e49bda20de
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=dc0e5e02-155c-41af-8a8b-25e49bda20de
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=dc0e5e02-155c-41af-8a8b-25e49bda20de
Date
Sun, 10 Sep 2023 09:07:13 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
480_650.mp4
cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/rzfn0S4d9Ntu9937htmYeg:1694340429/1327/video/1813/480_650.mp4
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.211 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-211.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1015808-

Response headers

Date
Sun, 10 Sep 2023 09:07:12 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 1015808-17211103/17211104
Connection
keep-alive
Content-Length
16195296
async_usersync
ib.adnxs.com/ Frame B529 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
an-x-request-uuid
84fdabc7-955d-4167-acac-e213ba6f2ef0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame AA10 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame AA10 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZP2HP_VkQFCZ8keQV_TbuwAAFBwAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9MK51QFMGHW6JVMA4J8W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AA10
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZP2HP_VkQFCZ8keQV_TbuwAAFBwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFKYX_PjFTE27jNJ4C7hnLo&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFKYX_PjFTE27jNJ4C7hnLo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BAMvsb%2Fhrvlx1pUvRJy34bas%2Fw5IRE7Z2H68Tr%2BC%2BepdsmQMbsfKbN6Y4M2fwBCYqjSfHuaAGhcaXnOWKgCWiwCOBq46jO642c27ToRFaGpi0sQ6XGsli45IU2pL%2BpriBb0WREmvAREAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f6fcde4bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFKYX_PjFTE27jNJ4C7hnLo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AA10
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7194115729736594569
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7194115729736594569
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWi2S5vMAigVuF919CL%2F%2BADeCXiEYpeBNuLc4vRU0VO0v3uvph5Q9lqYzTlqFJ%2Bbyk5%2BNqjrEoqW40u9eSTVNkoN8Fx1QODGRZePvJ4jn%2F6%2Fo6lyBXLydpudKhmU5%2Fh7DnoXSarCv0zBqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f6fcda4bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
an-x-request-uuid
2f0c960f-0d8c-4f8c-97d0-b6a2f992ae41
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7194115729736594569
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AA10
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXcMnPpUCvnA%2FpTHWI93MlslJtjYk3hfM6LXXUsq1FNnlSanugdQQjxlRcYfAs7TJ3QKxKy1QoMs067qsQPdK1UqF6UlatUzUPITAIGMB9kVbaOrjynKoQQ2GlQMIvGO8j18HQxkJ%2BltsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f94fc14bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum.casalemedia.com/ Frame AA10
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7194115729736594569
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7194115729736594569
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF7pnghKCIM8r%2FwEqJSFfgaI3Qb88%2FJ4WJeFaOzsWHaq2fPPzZpt9B1z340Ym%2BRScfXvdgTzOd2JRECjw744n36zAb8Xc0MIC2Wdf30RffzPiBFumjnmutOsD%2FZaw%2FeoMta7L3Hs"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f70ee95238-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
an-x-request-uuid
6f68fe37-8a3e-4f8e-a932-20bc7b832ac4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7194115729736594569
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum.casalemedia.com/ Frame AA10
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_35d6d734-9b6c-4ca3-8da8-eb814eed8451&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&us_privacy=
43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLvqyf1MqcXLPLJOSYTh2Mmxw52BcGFEcFDWqZI%2BM28HGA1FelD7s2Lrcs30guu2yD1lUpsjmB%2Fm7y0pyDpPf%2FtlUajwWsPQVlb479gb6z16W9ySX5tX0XzqHezhIRY5maIxU%2F%2FZ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f84e7d4bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum-sec.casalemedia.com/ Frame AA10
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Tz84BUE8bQVUb2tQT2hzWU5qZlRUOThZHWg5MDby
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Tz84BUE8bQVUb2tQT2hzWU5qZlRUOThZHWg5MDby
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkqmmfk2sS6a2W6yoXpTCSnB7dF7%2BCF1GIlJOe6n7XBNJTCehuRvnvPUajbPo9IguGb9614VZjCjlX3BocB0a819lIbR2F4aRRJK5NcUJKWVCu6te71f0WCBOyRLkulGcGJV7ojVdXoS6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f6fcdc4bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Tz84BUE8bQVUb2tQT2hzWU5qZlRUOThZHWg5MDby
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame AA10 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZP2HP-VkQFCZ8keQV-TbuwAA%265148
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
72805
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
804684f58c704be9-MXP
content-length
43
expires
Mon, 11 Sep 2023 09:07:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A804 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 07:47:43 GMT
expires
Mon, 09 Sep 2024 07:47:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8965 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da381eeabfff6173b5788d61f8dd5fe49a4ef0f6c70301348cf03571d20bd194
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uU81E2_RJy7r7-t62XIkfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-uU81E2_RJy7r7-t62XIkfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:12 GMT
expires
Sun, 10 Sep 2023 09:07:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 4E8A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBIXdSGW1jm180ndeNqo9G4&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBIXdSGW1jm180ndeNqo9G4&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TjVyTUlWUW8xUUZncHE1&google_gid=CAESEBIXdSGW1jm180ndeNqo9G4&google_cver=1&google_push=AXcoOmQwzVI_4s6Mz4p_ATbDHvljkDzllW4w8Jcp-zOtV4s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TjVyTUlWUW8xUUZncHE1&google_gid=CAESEBIXdSGW1jm180ndeNqo9G4&google_cver=1&google_push=AXcoOmQwzVI_4s6Mz4p_ATbDHvljkDzllW4w8Jcp-zOtV4sZvPYiPLZDf2zz0H-wZkHvtSLUXS6goE4b0IE5_xJx_ZKQmQUSbZwA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:12 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TjVyTUlWUW8xUUZncHE1&google_gid=CAESEBIXdSGW1jm180ndeNqo9G4&google_cver=1&google_push=AXcoOmQwzVI_4s6Mz4p_ATbDHvljkDzllW4w8Jcp-zOtV4sZvPYiPLZDf2zz0H-wZkHvtSLUXS6goE4b0IE5_xJx_ZKQmQUSbZwA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 4E8A 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEIrNSCqbGzwuzSPTyy2obtI&google_cver=1&google_push=AXcoOmRYB2XcvNarebU5ionoc846EnhVzC-MO3FwcrzxCS55ngRlhwqgMqB2rpvFy868KM5xRngCbk_X4UBFu-NR5rKImEV59w0K&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRYB2XcvNarebU5ionoc846EnhVzC-MO3FwcrzxCS55ngRlhwqgMqB2rpvFy868KM5xRngCbk_X4UBFu-NR5rKImEV59w0K%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
804684f53d2e5276-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4E8A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEP1Qu-0Pnub0WJQB1FekkhA&google_cver=1&google_push=AXcoOmTvx9QpsbCcZvV1-VKmvrGg-z_Lu4OZf9VI75HbonG-RWKi6Tf8S1zUb-MUWPpTmm8et3PTPns76iVaUNkWYTlN8qiJqaye
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=35D12EF780EE4009BB829DD55E9E0604&google_push=AXcoOmTvx9QpsbCcZvV1-VKmvrGg-z_Lu4OZf9VI75HbonG-RWKi6Tf8S1zUb-MUWPpTmm8et3PTPns76iVaUNk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=35D12EF780EE4009BB829DD55E9E0604&google_push=AXcoOmTvx9QpsbCcZvV1-VKmvrGg-z_Lu4OZf9VI75HbonG-RWKi6Tf8S1zUb-MUWPpTmm8et3PTPns76iVaUNkWYTlN8qiJqaye
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=35D12EF780EE4009BB829DD55E9E0604&google_push=AXcoOmTvx9QpsbCcZvV1-VKmvrGg-z_Lu4OZf9VI75HbonG-RWKi6Tf8S1zUb-MUWPpTmm8et3PTPns76iVaUNkWYTlN8qiJqaye
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 09 Sep 2023 09:07:12 GMT
pixel
cm.g.doubleclick.net/ Frame 4E8A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAYOQJ74aCurSo7R8gtG33k&google_cver=1&google_push=AXcoOmRcVO-dnxtLRpfjPPoONxY62ysvzRLgWbWVtd052zX9N9fO9YdYjwpp37lWwl0v_qBXG4y_gcg1PL57IcgFSuMQHnh...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRcVO-dnxtLRpfjPPoONxY62ysvzRLgWbWVtd052zX9N9fO9YdYjwpp37lWwl0v_qBXG4y_gcg1PL57IcgFSuMQHnhj08Ku&google_hm=eS1FNTNVNUtSRTJwSFBWM0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRcVO-dnxtLRpfjPPoONxY62ysvzRLgWbWVtd052zX9N9fO9YdYjwpp37lWwl0v_qBXG4y_gcg1PL57IcgFSuMQHnhj08Ku&google_hm=eS1FNTNVNUtSRTJwSFBWM0kzaXhvc3JmZVQzV0RuWWx0UX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRcVO-dnxtLRpfjPPoONxY62ysvzRLgWbWVtd052zX9N9fO9YdYjwpp37lWwl0v_qBXG4y_gcg1PL57IcgFSuMQHnhj08Ku&google_hm=eS1FNTNVNUtSRTJwSFBWM0kzaXhvc3JmZVQzV0RuWWx0UX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4E8A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECnzV5tBsgzzr8h1yGlBma0&google_cver=1&google_push=AXcoOmT2stadDsm4I2-OwVsXw2gAmz42Ms4s04jmyWteDv-nUXeyooxUVcqDxLfH6J7ut9j9Wrt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EOEVHREwtMVYtQ1pGQw==&google_push=AXcoOmT2stadDsm4I2-OwVsXw2gAmz42Ms4s04jmyWteDv-nUXeyooxUVcqDxLfH6J7ut9j9WrtlojDKmjleCBNh2h_1CFwTXeFX
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EOEVHREwtMVYtQ1pGQw==&google_push=AXcoOmT2stadDsm4I2-OwVsXw2gAmz42Ms4s04jmyWteDv-nUXeyooxUVcqDxLfH6J7ut9j9WrtlojDKmjleCBNh2h_1CFwTXeFX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1EOEVHREwtMVYtQ1pGQw==&google_push=AXcoOmT2stadDsm4I2-OwVsXw2gAmz42Ms4s04jmyWteDv-nUXeyooxUVcqDxLfH6J7ut9j9WrtlojDKmjleCBNh2h_1CFwTXeFX
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4E8A
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECAT21sdl7P5CnIGxmkKYnI&google_cver=1&google_push=AXcoOmQBpSICnSvbQKjQXQ-O3s6bX3l3wTHIw4SRTvRnvQATTL4zPZMjcb__T9TW4YKbfIqj3ldnRssE1E_2GNw5N...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECAT21sdl7P5CnIGxmkKYnI&google_cver=1&google_push=AXcoOmQBpSICnSvbQKjQXQ-O3s6bX3l3wTHIw4SRTvRnvQATTL4zPZMjcb__T9TW4YKbfIqj3ldnRssE1E_2GNw5N...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQBpSICnSvbQKjQXQ-O3s6bX3l3wTHIw4SRTvRnvQATTL4zPZMjcb__T9TW4YKbfIqj3ldnRssE1E_2GNw5NW490iKrSDk&google_hm=HTAjrGZHC1kSg52IQqyLrwKK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQBpSICnSvbQKjQXQ-O3s6bX3l3wTHIw4SRTvRnvQATTL4zPZMjcb__T9TW4YKbfIqj3ldnRssE1E_2GNw5NW490iKrSDk&google_hm=HTAjrGZHC1kSg52IQqyLrwKK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQBpSICnSvbQKjQXQ-O3s6bX3l3wTHIw4SRTvRnvQATTL4zPZMjcb__T9TW4YKbfIqj3ldnRssE1E_2GNw5NW490iKrSDk&google_hm=HTAjrGZHC1kSg52IQqyLrwKK
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4E8A
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEBziTdJ9B_yVQG_ssswXxMQ&google_cver=1&google_push=AXcoOmS0Z07d-mraIPFm9MvQ8AOWxtZwSZdsjcBSgxrzkVgcKXPNs7O9AjDuBu1eNvmpbR8fjKSTsSumSIlOzqpbEw6gYqyiZvb8
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS0Z07d-mraIPFm9MvQ8AOWxtZwSZdsjcBSgxrzkVgcKXPNs7O9AjDuBu1eNvmpbR8fjKSTsSumSIlOzqpbEw6gYqyiZvb8&google_hm=M1JlYVRIUnNzVlJqaEpO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS0Z07d-mraIPFm9MvQ8AOWxtZwSZdsjcBSgxrzkVgcKXPNs7O9AjDuBu1eNvmpbR8fjKSTsSumSIlOzqpbEw6gYqyiZvb8&google_hm=M1JlYVRIUnNzVlJqaEpOUW9LdjU=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS0Z07d-mraIPFm9MvQ8AOWxtZwSZdsjcBSgxrzkVgcKXPNs7O9AjDuBu1eNvmpbR8fjKSTsSumSIlOzqpbEw6gYqyiZvb8&google_hm=M1JlYVRIUnNzVlJqaEpOUW9LdjU=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4E8A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJ_Baw1OCAdZMndI4vG_JATROX4417rHSa2EhbgauO1296Ao5U5zuFRsuAoTMByQxGzq1W
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sync
ads.servenobid.com/ Frame 5E08 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6958563974612820945&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 5E08
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7277121281869478046&gdpr=0&gdpr_consent=
43 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7277121281869478046&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7277121281869478046&gdpr=0&gdpr_consent=
Date
Sun, 10 Sep 2023 09:07:12 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
v1
match.sharethrough.com/universal/ Frame 5E08 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
genericusersync.ashx
sync.tidaltv.com/ Frame 5E08 		0
0
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame 5E08 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
visit.js
tps.doubleverify.com/ Frame 5431 		694 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=283&ttfrms=29&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauBF2%3F%5C%3D%3A2%3F%5CE%3A2%3F%5C5%3A2%3F%5CK96%3F8%5C92%3F8%5CK9F2%3F%5C%3B%3A2%5C%3B%3AF%5C%3F8B%3A2%3F%5Cb%3E%3A%3F8%5C8F2%3F%5C%3BF%3F%5C%60E%3A2%3F%5C49%3A%5C%60A%3A2%3F%5C%3B%3AF%5C%3E%3A2%3F%5C%3D%3A2%3F8%5C%3D2%5D9E%3E%3D&srcurlD=1&aUrlD=-1&ssl=https:&uid=1694336832851807&jsCallback=dvCallback_1694336832851669&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4648&tgjsver=4648&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301107%26pi%3Dt.ma~as.3006%252F14893_2023%26w%3D336%26lmt%3D1694329631%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1694336829827%26bpp%3D585%26bdt%3D1041%26idt%3D1183%26shv%3Dr20230906%26mjsv%3Dm202309060101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D2a3ff77ae6a1af07%253AT%253D1694336828%253ART%253D1694336828%253AS%253DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g%26gpic%3DUID%253D00000c71948a2737%253AT%253D1694336828%253ART%253D1694336828%253AS%253DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ%26correlator%3D222644881557%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D1979338126.1694336831%26ga_sid%3D1694336831%26ga_hid%3D335291076%26ga_fc%3D0%26ga_cid%3Damp-Yw_54eXGiDXmm8WBMub-2g%26nhd%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D320%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D3338044081%26scr_x%3D0%26scr_y%3D0%26eid%3D44759842%252C44759875%252C44759926%252C44798878%252C44798321%252C20222282%26oid%3D2%26pvsid%3D2702550075455041%26tmod%3D461397157%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.guzdno6knola%26fsb%3D1%26dtd%3D1196&fcifrms=36&brh=3&dvp_epl=533&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0ilvXkDtDzQwD_tSVEEtgRj&aucrtv=489148224&auorder=1011813649&ausite=881479034793&auxch=1&aulitem=20020583203&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1384199480641.6165&dvp_tukv=91741106873.25027&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1117106883681&jurtd=3925187795
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
ca997f64a7f9564b97ecfd84682961ad9329a691f98c36de96286f7d208fc42f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
09/09/2023 09:07:12
ZP2HP_VkQFCZ8keQV_TbuwAAFBwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1930 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZP2HP_VkQFCZ8keQV_TbuwAAFBwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:e201:bdb5:e43c:2ec Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
user-registering
ads.stickyadstv.com/ Frame 1930 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZP2HP_VkQFCZ8keQV_TbuwAAFBwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-87.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1694336832907085-378
Expires
Sun, 10 Sep 2023 09:07:13 GMT
crum
dsum-sec.casalemedia.com/ Frame 1930
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFmsU7J-w8AACYTu7-ULg&expiration=1695546433
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFmsU7J-w8AACYTu7-ULg&expiration=1695546433
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC%2FAdiHauDBozXB916ZqzaR4WIzPGU1L%2FqiFoZaZrUKgUUKCWWlXLPtnAA8o7qsbPKQ5nrg%2BE%2Fo%2B6mCmmb%2FFnKquvyfr3%2FVteBhBgOhVMtfKbX9KkfGWWSoljyNSlLcrYDuG6OupY0GJeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f8ef474bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFmsU7J-w8AACYTu7-ULg&expiration=1695546433
Date
Sun, 10 Sep 2023 09:07:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 1930
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZP2HQQAPLnX5tgAN
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZP2HQQAPLnX5tgAN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230066-FRA
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
754
x-timer
S1694336833.326301,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
4231

Redirect headers

x-served-by
cache-fra-eddf8230066-FRA
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1694336833.162227,VS0,VE99
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZP2HQQAPLnX5tgAN
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
bridge
cm.adgrx.com/ Frame 1930 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 1930
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=57d2a313-eaca-4255-97c5-5c7f17e2adf6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=57d2a313-eaca-4255-97c5-5c7f17e2adf6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArfBCxYBNU9ZmRMCOcraGMMNykWPf3HtNtms9et8X5N%2FU63ivU22yWDgGczyXwcuAhsvzXOtLBFtDSDo2Tc59wLCG8Sc5CcUauinuK0pkEk7fgZUI%2FxxNKXbRQXVWfFGnGBexkTnXJOjLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f7de174bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=57d2a313-eaca-4255-97c5-5c7f17e2adf6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sun, 10 Sep 2023 09:07:13 GMT
server
_
content-length
0
ibs:dpid=23728&dpuuid=ZP2HP-VkQFCZ8keQV-TbuwAA%265148
dpm.demdex.net/ Frame 1930 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZP2HP-VkQFCZ8keQV-TbuwAA%265148?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.255.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-255-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-057c4585e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Zblh9gC1Tr4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame 1930
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3bb2cb4c-8f5a-b65f-27a3ebdd
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3bb2cb4c-8f5a-b65f-27a3ebdd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDB8i%2BiZFwYvsdATslnYmTvLR6BBPy6XNzTKA%2Fg6UJ%2FWx6Oit%2B6TdTK88%2Ff7LkOtKU4%2Fv6Z29fzOvv3xpcgzoXfSb0o8LLAmlMV%2F9fNb%2B4uFZAfw4sTdjO9Qrqr%2BH5R2A9pCHvxg"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804684f82e5a4bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 10 Sep 2023 09:07:13 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3bb2cb4c-8f5a-b65f-27a3ebdd
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
sync
ads.servenobid.com/ Frame 1930 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZP2HP_VkQFCZ8keQV_TbuwAAFBwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 30E4 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Sep 2023 08:42:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84953
Connection
keep-alive
Content-Length
10209
Expires
Mon, 11 Sep 2023 08:43:05 GMT
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7194115729736594569
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7194115729736594569
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
an-x-request-uuid
28d250bf-fc78-43eb-a3e1-f09616eaec34
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7194115729736594569
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=26a715cb-f765-4600-b5f1-c0cfec966d82&ssp=gumgum2&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f
  • https://usersync.gumgum.com/usersync?b=bsw&i=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&us_privacy=
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame EB0E
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28WrOVq4zFB0LA6I12-LX050ju5eVNl2DqfOO3_tcWuGl3wZ70O4m3Lcc9tPg6SDbM%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d&obuid=ENC(WrOVq4zFB0LA6I12-LX050ju5eVNl2DqfOO3_tcWuGl3wZ70O4m3Lcc9tPg6SDbM...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
no-cache
X-TraceId
e8df2875728f6f8b365c04752e684574
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Sun, 10 Sep 2023 09:07:13 GMT
X-TraceId
4c9ec8ac9fb8ebc47f15d9fa3a2535aa
Content-Length
0
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=29f95f95-881b-4bc0-8c5f-7e156a39bccc
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=29f95f95-881b-4bc0-8c5f-7e156a39bccc
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 10 Sep 2023 09:07:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=29f95f95-881b-4bc0-8c5f-7e156a39bccc
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a131ff55-bae5-5605-660d-ba83fb17d229$ip$45.12.222.171
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-a131ff55-bae5-5605-660d-ba83fb17d229$ip$45.12.222.171
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-a131ff55-bae5-5605-660d-ba83fb17d229$ip$45.12.222.171
Date
Sun, 10 Sep 2023 09:07:13 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-age7lwJE2pfbDttBFU6pAzzuRt74OQ2D2PS8~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-age7lwJE2pfbDttBFU6pAzzuRt74OQ2D2PS8~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 10 Sep 2023 09:07:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-age7lwJE2pfbDttBFU6pAzzuRt74OQ2D2PS8~A
content-length
0
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=7c68c353-add7-4411-9764-3afe2dcb19ff
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=7c68c353-add7-4411-9764-3afe2dcb19ff
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=7c68c353-add7-4411-9764-3afe2dcb19ff
Date
Sun, 10 Sep 2023 09:07:13 GMT
Connection
keep-alive
X-CI-RTID
3431913a-54f2-4654-93b0-0f906e011dae
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame EB0E 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=o6XWJzRep4IfjfXzIeZX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23ZWLBLUU6SSMVYDISLGNJTFQ6SJMVNFQ...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=o6XWJzRep4IfjfXzIeZX&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=o6XWJzRep4IfjfXzIeZX&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=o6XWJzRep4IfjfXzIeZX&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=1f604e30-d393-4ef2-be92-9572071bcbd6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=1f604e30-d393-4ef2-be92-9572071bcbd6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=1f604e30-d393-4ef2-be92-9572071bcbd6
access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:13 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=abIQXEofxPTt&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=abIQXEofxPTt&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=abIQXEofxPTt&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-fh96x
expires
-1
usersync
usersync.gumgum.com/ Frame EB0E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6958563974612820945
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6958563974612820945
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6958563974612820945
date
Sun, 10 Sep 2023 09:07:12 GMT
content-length
0
sync
ads.servenobid.com/ Frame EB0E 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
drop_cookie_sw.php
csync.smilewanted.com/ Frame C49E 		0
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804684f718749b31-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:13 GMT
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame C9A0 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98300127&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
4685facc3a223664b1e73cf59cacb3cf406c3db5707cf0e0e83c6b1f3c7a107e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
j-4253811-4198896.js
cdn.flashtalking.com/xre/425/4253811/4198896/js/ Frame 1D13 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/425/4253811/4198896/js/j-4253811-4198896.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/115739;4253811;201;jsappend;DV360;DV360FY20EDULALEDUPurchaseCHDSKBAN300x250/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301107%26pi%3Dt.ma~as.3006%252F14893_2023%26w%3D336%26lmt%3D1694329631%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1694336829827%26bpp%3D585%26bdt%3D1041%26idt%3D1183%26shv%3Dr20230906%26mjsv%3Dm202309060101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D2a3ff77ae6a1af07%253AT%253D1694336828%253ART%253D1694336828%253AS%253DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g%26gpic%3DUID%253D00000c71948a2737%253AT%253D1694336828%253ART%253D1694336828%253AS%253DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ%26correlator%3D222644881557%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D1979338126.1694336831%26ga_sid%3D1694336831%26ga_hid%3D335291076%26ga_fc%3D0&us_privacy=${US_PRIVACY}&cachebuster=47830.33616805543&ft_dv=%5B%25ft_dv%25%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e42c097534c587551c67efe86ac5ab10586bd12d76749111848412a9fce92798

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 10:46:52 GMT
Server
Flashtalking (AKA)
ETag
W/"731ac2adf20ec399033ffc3fd1d42ff1"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-Varnish
301988965
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24755
Expires
Sun, 10 Sep 2023 09:27:13 GMT
usersync
usersync.gumgum.com/ Frame 3B60
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZP2HQQAPOYX7WQBY
  • https://usersync.gumgum.com/usersync?b=atm&i=ZP2HQQAPOYX7WQBY&gdpr=0&gdpr_consent=&_test=ZP2HQQAPOYX7WQBY
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZP2HQQAPOYX7WQBY&gdpr=0&gdpr_consent=&_test=ZP2HQQAPOYX7WQBY
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 10 Sep 2023 09:07:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 10 Sep 2023 09:07:13 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZP2HQQAPOYX7WQBY&gdpr=0&gdpr_consent=&_test=ZP2HQQAPOYX7WQBY
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1694336833.300231,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame C800 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zYzBhN2U3OC1iN2NjLTQwYzEtOGRjYi1kMzdiNWMzNjUzNWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9305 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=123154
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 10 Sep 2023 09:07:13 GMT
expires
Mon, 11 Sep 2023 19:19:47 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame EEDE 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 10 Sep 2023 09:07:13 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 51EB
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZP2HQcCo8XwAALBFmTIAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZP2HQcCo8XwAALBFmTIAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 10 Sep 2023 09:07:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 10 Sep 2023 09:07:13 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZP2HQcCo8XwAALBFmTIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
6
X-SO-Cluster-ID
0
X-SO-HostName
m-ad387.dc4p.scaleout.jp
X-SO-IP
45.12.222.171
X-SO-Key
ZP2HQcCo8XwAALBFmTIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"45.12.222.171","key":"ZP2HQcCo8XwAALBFmTIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad387"}
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad387
gumgum
cs.admanmedia.com/sync/ Frame 9C49 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 10 Sep 2023 09:07:13 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame 1AE6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=duA9zx5Ik5RxMay7Ymjn&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=duA9zx5Ik5RxMay7Ymjn&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 10 Sep 2023 09:07:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 10 Sep 2023 09:07:13 GMT Sun, 10 Sep 2023 09:07:13 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=duA9zx5Ik5RxMay7Ymjn&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 090B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Sep 2023 09:07:13 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 10 Sep 2023 09:07:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 30E4
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LMD8EGDL-1V-CZFC
  • https://ads.servenobid.com/sync?pid=323&uid=LMD8EGDL-1V-CZFC
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LMD8EGDL-1V-CZFC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LMD8EGDL-1V-CZFC
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
/
onetag-sys.com/usync/ Frame 5832 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
v1
match.sharethrough.com/universal/ Frame 35C8 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
cs
cs.yellowblue.io/ Frame 35C8
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=b6a7f4dffbbe13372d6dfb2728058d9&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=b6a7f4dffbbe13372d6dfb2728058d9&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=b6a7f4dffbbe13372d6dfb2728058d9&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1694336833144071-580
Expires
Sun, 10 Sep 2023 09:07:13 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 35C8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjBjvanBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEG59nv5PuRHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGY4NjIwYWQ1LWEzYzEtNGFhOS1hYzc5LTBlNDE3MTUxYmQxZg**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=6e7d9efe-4fb9-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame 35C8 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=ElyULpT-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
cs
cs.minutemedia-prebid.com/ Frame C0E1
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
0
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs.minutemedia-prebid.com/ Frame C0E1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZP2HP-VkQFCZ8keQV-TbuwAA%265148
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZP2HP-VkQFCZ8keQV-TbuwAA%265148
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21476'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpxvIGCGigD%2BYdND2pRTdqR7YWbqSQZQ%2F3x77zdDL4U6GwhLaJ2GCUulvtDGub93%2FWAzQF91%2BZfbcmSZq2z%2B2rrxcqJgyywyoUGXFuEgQhGfAOOwj88u%2F2hs01kAuqaXRR%2FP82VsQO%2FulQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZP2HP-VkQFCZ8keQV-TbuwAA%265148
cache-control
no-cache
cf-ray
804684f79dbd4bf1-MXP
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame C0E1
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=1508ac3d5f8fa7a695e8e648b4136b26&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=1508ac3d5f8fa7a695e8e648b4136b26&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=1508ac3d5f8fa7a695e8e648b4136b26&ismms2s=1
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame C0E1
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1479d19e1-df9c-4cc2-93bc-770fe26a376f
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1479d19e1-df9c-4cc2-93bc-770fe26a376f
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21477'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Sun, 10 Sep 2023 09:07:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1479d19e1-df9c-4cc2-93bc-770fe26a376f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame C0E1
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3627505834406371159273&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3627505834406371159273&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3627505834406371159273&ismms2s=1
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
simage2.pubmatic.com/AdServer/ Frame C0E1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8620ad5-a3c1-4aa9-ac79-0e417151bd1f&gdpr=0&gdpr_consent=&gdpr_pd=
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
ap.lijit.com/ Frame C0E1 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 10 Sep 2023 09:07:13 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame C0E1 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=b2yULMT-kp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
ap.lijit.com/ Frame FB3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 10 Sep 2023 09:07:13 GMT
X-Sovrn-Pod
ad_ap3ams1
sodar
pagead2.googlesyndication.com/pagead/ Frame 8965 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=188232954465083&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/ Frame 112A
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAFmsU7J-w8AACYTu7-ULg
95 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAFmsU7J-w8AACYTu7-ULg
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Sun, 10 Sep 2023 09:07:02 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 10 Sep 2023 09:07:13 GMT
Server
gunicorn
location
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAFmsU7J-w8AACYTu7-ULg
strict-transport-security
max-age=2592000; includeSubDomains
Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
pagead2.googlesyndication.com/bg/ Frame A804 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 14:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
65964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 14:47:49 GMT
RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
sync.targeting.unrulymedia.com/csync/ Frame 0795
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=6961462133
  • https://sync.1rx.io/usersync/turn/7031372384577410706?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
43 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
43
date
Sun, 10 Sep 2023 09:07:13 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 10 Sep 2023 09:07:13 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
pragma
no-cache
gen_204
pagead2.googlesyndication.com/pagead/ Frame 79A4 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdzumQIf9ZL_OBMSHjuwPqLeJwAwAAAAAOAHgBAI&bg=!OTqlOnXNAAa6D61Rmg87ADQBe5WfOKHwm-N7pvYjJkHVQXq3ZqCh_ZyKGp98_hQNvtqwDyI6qbqg0qqbc6UmiRldc_ySAgAAAyBSAAAACGgBB5kDEVP4yA0_MUOsrBFp_wAec4-V-wMScupoTqjVdSaTRlUp5cekQiRuJ9KBJM_KdINpGdh9J70AzIgHCWWqNTZOaSRP3enjlYh8axSr5Tg75KYAN_pNhO-m3kE2jFD4H4y-1VFiFn3gsBl-jCI04Wx-qadZuOzdXJurxqTz_U9H4p1oPqncjJmEQxsvGIKt4lDUzfKu94EO0kCm5MFy09Z_be2oTAP3aT7mTIdeiGJX0ptXqkBg3BsTRaBgLEzXSMRHbZdgSqQip27mtMN917IjtOB8XDKdU79uJEfOL0mvgtkuqMu-tqscEsi42uxmh7Q2h-COtIHuolOCdgpyjL2im9_y0Ia-xdf-k5ARf9GibD3iZrs3I-CG6mib5Noyft6qiBNW5dYaaPBb2RUtBM2k5JvUFp3pA-VYlIbnBEtFh9yDYDE0LSmskagWBzhuFvj-PZWXgu158A5CdEsjTR2UPPs06u7aXLCcYBY0FnnMJUttW_mGraWq7wclswSGWS4028yOAQ-w8PfFPQIHn5uoMEuuNYzzmJxLwku8oMxy1NXG7B78YUBHi5kIc14M5mWmpiZhVpWZ7Kji1p-qEH3ZgkO_b4nER-nLS6avO51cmyNGp5qmlqLoJy-aT70gP7NOJgN4AcVMaP4G7nNdmOZ2FHoFC2ynk_MBf-N6rv07l-uiknGfzD_UN4Q16W521E47QSkqjxfUSYfIQr5aS6rWHgpKEE8WZz12hbWjnH2Ckj_ZLPjwzG_hMoy4-w3gA2FXoyjEfhUakuCoYGqnaNAx-OyQZd0Jelt7PRzn--U3AB7Qee-a2PlgAAAYm0mj_7Uz05cw4ET9FKKRY5MYxurHfRoJb2fTkpo2p9slgUlN_yrmTTp0qvGjPAIN5Yr4NVh4uA5NFdsVztjrPUf-GHcz4JjSTg69SHOsMgifx0bOWc2HkrcDnxv4jgAF2DVxucjx5uPKzRdpAAeJEv7nV5rk6yTqQC3q1RjgDLbmLc9zKp8z1qXHU03PP0X58-8zdqhT6dnt5CsNNbUSAEJZHXCGX41Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2912
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:12 GMT
expires
Sun, 10 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
660286
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2E86 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 10 Sep 2023 09:07:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
01TAT1Q833PMJDV26FDW
Pug
image2.pubmatic.com/AdServer/ Frame C14A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DEzWQwJPg0MXHIUWDBudHw0ZiBIXStYfXhuqi5ri
42 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DEzWQwJPg0MXHIUWDBudHw0ZiBIXStYfXhuqi5ri
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 10 Sep 2023 09:07:13 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DEzWQwJPg0MXHIUWDBudHw0ZiBIXStYfXhuqi5ri
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
ads.servenobid.com/ Frame A580 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 10 Sep 2023 09:07:13 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=k5g_IT-kSX-_Ul57mryolA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=123154
accept-ranges
bytes
content-length
5606
expires
Mon, 11 Sep 2023 19:19:47 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C9A0
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=&ct=y
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.249.118.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-118-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.22.182
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.7.228
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame C9A0
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2652814803
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2652814803
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
via
1.1 google
last-modified
Sun, 10 Sep 2023 09:07:13 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
via
1.1 google
last-modified
Sun, 10 Sep 2023 09:07:13 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2652814803
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame C9A0
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=93983F21-3FA4-497F-BF52-5E7B9ABCA894
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Nzk3bjhXVGJXLTZTci1tYy1PVmtwMHo4dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6691273950527159550&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
54.174.89.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-89-161.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:17 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 10 Sep 2023 09:07:16 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame C9A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTM5ODNGMjEtM0ZBNC00OTdGLUJGNTItNUU3QjlBQkNBODk0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&ismms2s=1
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&ismms2s=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&ismms2s=1
date
Sun, 10 Sep 2023 09:07:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
127
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame C9A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAOhpcUSnjAzJv8spocHy88&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&ismms2s=1
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&ismms2s=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=93983F21-3FA4-497F-BF52-5E7B9ABCA894&ismms2s=1
date
Sun, 10 Sep 2023 09:07:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
127
content-type
text/html; charset=utf-8
pubmatic
um.simpli.fi/ Frame C9A0 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 09 Sep 2023 09:07:13 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C9A0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6691273950527159550
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7031372384577410706&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7031372384577410706&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7031372384577410706&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame C9A0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
93983F21-3FA4-497F-BF52-5E7B9ABCA894
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C9A0 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/93983F21-3FA4-497F-BF52-5E7B9ABCA894?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:e201:bdb5:e43c:2ec Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame C9A0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GWKOcudE2uWbFgrigJhHQJzcDtSfiU8-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GWKOcudE2uWbFgrigJhHQJzcDtSfiU8-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GWKOcudE2uWbFgrigJhHQJzcDtSfiU8-~A&gdpr=0
date
Sun, 10 Sep 2023 09:07:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
50f1e3a5-b9bf-54fd-96db-4a6ef226cd51
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D45D
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/50f1e3a5-b9bf-54fd-96db-4a6ef226cd51
0
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/50f1e3a5-b9bf-54fd-96db-4a6ef226cd51
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804684fa1c1c9b31-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:13 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/50f1e3a5-b9bf-54fd-96db-4a6ef226cd51
usync.js
eus.rubiconproject.com/ Frame 090B 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Sep 2023 08:42:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84952
Connection
keep-alive
Content-Length
10209
Expires
Mon, 11 Sep 2023 08:43:05 GMT
index.html
cdn.flashtalking.com/155251/4198896/ Frame 8A2E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/4198896/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/425/4253811/4198896/js/j-4253811-4198896.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
2c81a2400224a3748ac84fe01b516d91eb586e73a680f06cb4f398d2bcab9176

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=406
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1757
Content-Type
text/html
Date
Sun, 10 Sep 2023 09:07:13 GMT
ETag
W/"b1915753ef2729184381169c2f512bf5"
Expires
Sun, 10 Sep 2023 09:13:59 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:01 GMT
Server
Flashtalking (AKA)
Vary
Accept-Encoding
X-Varnish
136069218 135360943
dvtp_src.js
cdn.doubleverify.com/ Frame 1D13 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115739&sid=18330&plc=4253811&num=&adid=&advid=&adsrv=29&btreg=4253811&btadsrv=flashtalking&crt=4198896&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=29FD8DBB-3407-6CD8-D3A4-FC8706B4245A&auevent=&777586807
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/425/4253811/4198896/js/j-4253811-4198896.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
13ec52544bd81ab84352c7d1c781b85bdb9e8b917c9c0d52953b396859862242

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 05:48:08 GMT
Server
UploadServer
ETag
"bb48d33745b358fda8ccf2303418973c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3621
Expires
Sun, 10 Sep 2023 09:22:13 GMT
iconc.png
secure.flashtalking.com/oba/icon/ Frame 1D13 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:32 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type
image/png
X-Varnish
1054853558 766581083
Cache-Control
max-age=1390816
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
Expires
Tue, 26 Sep 2023 11:27:29 GMT
01dd9dac6618ae494ff52f036aa9334130fdc95bca3a70f963095b3470b0300a
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 6652
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/01dd9dac6618ae494ff52f036aa9334130fdc95bca3a70f963095b3470b0300a
0
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/01dd9dac6618ae494ff52f036aa9334130fdc95bca3a70f963095b3470b0300a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804684fa1c189b31-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:13 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 10 Sep 2023 09:07:13 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/01dd9dac6618ae494ff52f036aa9334130fdc95bca3a70f963095b3470b0300a
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
6691273950527159550
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 78E1
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6691273950527159550
0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6691273950527159550
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804684f96b5a9b31-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:13 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 10 Sep 2023 09:07:09 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6691273950527159550
server
nginx
usersync
usersync.gumgum.com/ Frame 090B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMD8EGDL-1V-CZFC
  • https://usersync.gumgum.com/usersync?b=mag&i=LMD8EGDL-1V-CZFC
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LMD8EGDL-1V-CZFC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LMD8EGDL-1V-CZFC
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
createjs.min.js
cdn.flashtalking.com/frameworks/js/createjs/1.0.0/ Frame 8A2E 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/createjs/1.0.0/createjs.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/4198896/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 19:26:47 GMT
Server
Flashtalking (AKA)
ETag
W/"c71464532c0fc2020d8e8667ecfd9a3f"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript
X-Varnish
316965698
Cache-Control
max-age=23824
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Sun, 10 Sep 2023 15:44:17 GMT
FY22Q4_CC_Student_Blank_CH_IT_DCOGeneralPathfinders_ST_300x250.js
cdn.flashtalking.com/155251/4198896/ Frame 8A2E 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/4198896/FY22Q4_CC_Student_Blank_CH_IT_DCOGeneralPathfinders_ST_300x250.js?1673563329989
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/4198896/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0a99ca80cd5f578e453b1b3249f7e39eb02cebfdb2faf1d8d4639e81600b8a58

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
10539
Last-Modified
Wed, 25 Jan 2023 18:35:00 GMT
Server
Flashtalking (AKA)
ETag
W/"c7581709d0cf7c2d3ac08d2b893f6998"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
109782299 109236744
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding
Cache-Control
max-age=1200
Content-Type
application/javascript
Accept-Ranges
bytes
Expires
Sun, 10 Sep 2023 09:27:13 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 8A2E 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/4198896/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
919664d4c088d6963c5c872ced7e8859a3cabc2cec3ef42f4afa99de7a3321da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Aug 2023 15:23:45 GMT
Server
Flashtalking (AKA)
ETag
W/"aa5cfa970907192576fba68520d94a44"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Varnish
331974945 322545084
Cache-Control
max-age=84769
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28723
Expires
Mon, 11 Sep 2023 08:40:02 GMT
csi
csi.gstatic.com/ Frame 5223 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmd8ej6y&c=222644881557&slotId=111322440778.5&ghmsh_eids=420706097%2C44772139%2C44777649%2C44781409%2C44781753%2C44782089%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv-measurements4648.js
cdn.doubleverify.com/ Frame E459 		421 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4648.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1d1c08d93103cdd0a6f614671663012e80dd00d1b17192480f6b6f3e43b910c0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 04:54:52 GMT
Server
UploadServer
ETag
"9ac43583cf805f5dd2a2d0912297418b"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100896
Expires
Mon, 09 Sep 2024 09:07:13 GMT
40cae9ad28f2598873c7356787afa123
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 10ED
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/40cae9ad28f2598873c7356787afa123?gdpr_consent=&gdpr=0
0
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/40cae9ad28f2598873c7356787afa123?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804684fa1c199b31-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:13 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 10 Sep 2023 09:07:13 GMT
Expires
Sun, 10 Sep 2023 09:07:13 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/40cae9ad28f2598873c7356787afa123?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1694336833472046-545
v1
match.sharethrough.com/universal/ Frame DA07 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.130.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-130-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
generate_204
tpc.googlesyndication.com/ Frame A804 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lFQRRg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
679ae3d04fb9237c0525c782cd5acb8f1f65bead7b05008d691cc846cb362555
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame 8D42
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/679ae3d04fb9237c0525c782cd5acb8f1f65bead7b05008d691cc846cb362555
0
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/679ae3d04fb9237c0525c782cd5acb8f1f65bead7b05008d691cc846cb362555
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804684fafd279b31-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:13 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 10 Sep 2023 09:07:13 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/679ae3d04fb9237c0525c782cd5acb8f1f65bead7b05008d691cc846cb362555
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 1D13 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type
image/png
X-Varnish
168962426 169251220
Cache-Control
max-age=707
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Sun, 10 Sep 2023 09:19:00 GMT
visit.js
tps.doubleverify.com/ Frame E459 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=147&ttfrms=6&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauBF2%3F%5C%3D%3A2%3F%5CE%3A2%3F%5C5%3A2%3F%5CK96%3F8%5C92%3F8%5CK9F2%3F%5C%3B%3A2%5C%3B%3AF%5C%3F8B%3A2%3F%5Cb%3E%3A%3F8%5C8F2%3F%5C%3BF%3F%5C%60E%3A2%3F%5C49%3A%5C%60A%3A2%3F%5C%3B%3AF%5C%3E%3A2%3F%5C%3D%3A2%3F8%5C%3D2%5D9E%3E%3D&srcurlD=1&aUrlD=-1&ssl=https:&dfs=1600&ddur=31&uid=1694336833636317&jsCallback=dvCallback_1694336833636370&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4648&tgjsver=4648&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14893_2023%26adk%3D1587687671%26adf%3D2452301107%26pi%3Dt.ma~as.3006%252F14893_2023%26w%3D336%26lmt%3D1694329631%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1694336829827%26bpp%3D585%26bdt%3D1041%26idt%3D1183%26shv%3Dr20230906%26mjsv%3Dm202309060101%26ptt%3D5%26saldr%3Dsd%26cookie%3DID%253D2a3ff77ae6a1af07%253AT%253D1694336828%253ART%253D1694336828%253AS%253DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g%26gpic%3DUID%253D00000c71948a2737%253AT%253D1694336828%253ART%253D1694336828%253AS%253DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ%26correlator%3D222644881557%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D1979338126.1694336831%26ga_sid%3D1694336831%26ga_hid%3D335291076%26ga_fc%3D0%26ga_cid%3Damp-Yw_54eXGiDXmm8WBMub-2g%26nhd%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D432%26ady%3D320%26biw%3D1600%26bih%3D1200%26isw%3D336%26ish%3D280%26ifk%3D3338044081%26scr_x%3D0%26scr_y%3D0%26eid%3D44759842%252C44759875%252C44759926%252C44798878%252C44798321%252C20222282%26oid%3D2%26pvsid%3D2702550075455041%26tmod%3D461397157%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.guzdno6knola%26fsb%3D1%26dtd%3D1196&fcifrms=36&brh=3&dvp_epl=533&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115739&sid=18330&plc=4253811&crt=4198896&btreg=4253811&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=29FD8DBB-3407-6CD8-D3A4-FC8706B4245A&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=1384199480641.6165&dvp_tukv=644481988090.8174&dvp_strhd=0.09999847412109375&dvpx_strhd=0.09999847412109375&dvp_tuid=1262715953538&jurtd=235298847
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
0e2f050862f60fbc1840aa0daf487784c45e901498b06adc67d41bc1940705fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:13 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
09/09/2023 09:07:13
manifest.js
cdn.flashtalking.com/155251/4198896/ Frame 8A2E 		99 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/4198896/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
a673cc4b8d035afebd4faf1a62394d9919e23b2ffd552aaca01928dbe519fcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:01 GMT
Server
Flashtalking (AKA)
ETag
W/"9653645e0084283f027d77bb6ad852fe"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
354437111 355628464
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99
Expires
Sun, 10 Sep 2023 09:27:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1D13 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvK-vKnvIdHjQxZNNyRiLgsrIMwNgFsx_Bm1D-BaoZ1Aqhaz_sFKg0ARosYEos6YNch6faGXWj96ZaTvBCB7ibc3aw7C1HVdMQwBZIbFw8a7aCO-hlFQe9kwyKM9YdtYXPOegwZPMCcLQ&sai=AMfl-YSEteNFw7NEDa1GJnQCkOlwwGNvULoXYJKr-IIw2GRmw7KNsP0bS5ZBPJApkc2ZYMwV8HLgxPhsmRwEF_ENrfsEMTwkaWKCTNVuLzmdDYPLB2gQArxbciGzxsw&sig=Cg0ArKJSzHv3cXAuV_3WEAE&cid=CAQSOwBpAlJW6d_OcaqPdAg5ftX93xG2HaEH0Q9I32hD-KD2E5JZVOHpzeZqa-RvuoDDuhWr9IyTu-thXBrfGAE&id=lidar2&mcvt=1142&p=0,0,250,300&mtos=1142,1142,1142,1142,1142&tos=1142,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694336831803&rpt=827&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B529 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:13 GMT
an-x-request-uuid
23d00729-be42-4c70-9a25-8916a3321ad3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bg.jpg
cdn.flashtalking.com/155251/4198896/images/ Frame 8A2E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198896/images/bg.jpg?1673563329978
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694329631&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694336829827&bpp=585&bdt=1041&idt=1183&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D2a3ff77ae6a1af07%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_Mat1hIfBgpemuCM-r6997sQ77eB7g&gpic=UID%3D00000c71948a2737%3AT%3D1694336828%3ART%3D1694336828%3AS%3DALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ&correlator=222644881557&frm=23&ife=1&pv=2&ga_vid=1979338126.1694336831&ga_sid=1694336831&ga_hid=335291076&ga_fc=0&ga_cid=amp-Yw_54eXGiDXmm8WBMub-2g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3338044081&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44798878%2C44798321%2C20222282&oid=2&pvsid=2702550075455041&tmod=461397157&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.guzdno6knola&fsb=1&dtd=1196
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
21b66fd120120971ef13a36728c6b048cdfb18bc6355a4c79f9d49d1fe5e94f8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:00 GMT
Server
Flashtalking (AKA)
ETag
W/"8a065c16527c487afc06ee3a519ae685"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
128761383 127129920
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6043
Expires
Sun, 10 Sep 2023 09:27:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 42AD 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c3a14d6f0939d20b9e0322a0615e56edf4bbbb016af69478f302ee7f1ecee2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11844
x-xss-protection
0
card.png
cdn.flashtalking.com/155251/4198896/images/ Frame 8A2E 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198896/images/card.png?1673563329978
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
dbed53cb11df083113e8a251de754e017eaaca303ba6dab2451235d16afb6cf7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:01 GMT
Server
Flashtalking (AKA)
ETag
W/"b5f1a67dc49c88094af94afe1dcbeaf3"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
130941746 129365068
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10729
Expires
Sun, 10 Sep 2023 09:27:13 GMT
resume.png
cdn.flashtalking.com/155251/4198896/images/ Frame 8A2E 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/4198896/images/resume.png?1673563329978
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-38.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
522d69a00b930b1a4af447000520e593b9d1f7092f4bf1d2f6e4dfe0bf08eae5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.flashtalking.com/155251/4198896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 10 Sep 2023 09:07:13 GMT
Last-Modified
Wed, 25 Jan 2023 18:35:01 GMT
Server
Flashtalking (AKA)
ETag
W/"bf45ab6a0a4164e81ebff4cdb9869ae2"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
238628515
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28729
Expires
Sun, 10 Sep 2023 09:27:13 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 42AD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:07:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD45 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 07:47:43 GMT
expires
Mon, 09 Sep 2024 07:47:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5D57 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
71066e3ac520789c5a60f4552ef3215e98535d7b23c83cbe650d32868119e353
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pYNc77Rtrt3y_TIWjMhmSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-pYNc77Rtrt3y_TIWjMhmSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:13 GMT
expires
Sun, 10 Sep 2023 09:07:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
pagead2.googlesyndication.com/bg/ Frame DD45 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 14:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
65964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 14:47:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5D57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=2702550075455041&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DD45 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?p6nLsQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C2BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=188232954465083&bg=!_v2l_bLNAAa6D61Rmg87ADQBe5WfOLrdb8C8a0e1qvzsXqe4CCl8OYsAzfHb-1k1_o5otWRzzt4Pg_3hkCK-aKXaeyqyAgAAAOhSAAAABGgBB5kCwzaKriwIPeDpZR67hreH6JV2f-EaEortzx6goGLnAJYNk3Y5C2EtYZ6ZUEHrqazLlxZJvHpLrdzbEKDQNOEz_2Ul2lplR_vLByS0JrN3ED8hkR3Pci1CRIWo_7xwzMNTbAWuiGa1qQtGMPcAtaK2LKFijLrdctk9AThibpVEVdiH7Honfbd0KeqLUBAUT3ieqyO1gdBxDmVobMMOKmmLU3bXVOh3HPiK0A0Ms01mre51VxuT0cyWpI84u0-oRaMh2xDtCW8g2tEJ3hmhKqHDL_mm37PwCgZlxrQ7AK8NX89wBuuiiTzEeMy1kb4cMM293z7X40CfMFb65gN_fJUT4pyNF0AETFjrU4oBFLqL20PQ_-0wiPCUiDhDxYafREON22kbez1uFhqrn2IDimQpXjsKBRscBPsOAilUq1W-gxAmtk4IoR7s0YrMzTvjwGAwcAqKrHQNbcPRlRfZJ7klT7sBBC-KxXF97xLH94wL5wgVugzLKMJmHTGfy5ZQtdd-QsAo4jCNqJ_jsyXFb-f_CU6fhj8OazCgj1n9iHQXUPpnmqKZuCQRv-MJ82NUXBkCya6OCSPPDGqhMFqffIAV723985jYW4kIkWYq3QWqPIU3J4cW7YrrYV2WBAsfDU1f6WKFZ0m7usHzIq5LYSrjZ7I2rKNj35HVxlJH-ePSo6gkJB-Q7_o8uvjeZEIreH930QusDDXzxIlMz2SwCf5AC1w84TEsoR68E2Zjeq45fBJ92dsdYNQUGxU__reMMet4V-jxKg2h0xrHZ3-dytgn56mlmQVnHHnLfhq6xURtEIVA5zvxKGerM9VXVhjOp9gNoTbX0LUXcUr0Y267grc93jcpt0GlFR-Hs2pKIvVW69C_o8Mvktxt50EvENmL2Ri0tcwVTbmHwCtolBnbiBxOU_Kq-vAf3_a-bfu4J8uc7IVKKUef
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 42AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=2702550075455041&bg=!paalpunNAAa6D61Rmg87ADQBe5WfOI-KlV6reapX0ZLZ5jK-cSOEIqOJ1ZqR6xOle2VozxvvQabK4e6Bi8ckOA1lq83CAgAAAFtSAAAABmgBB5kC0elSSDr9LScuM3Pfo4TUZM1YcJ3lsrO5-I50e1R1y1UkoZfv6kKdmAG77FMWLqc_MpP1dfbLf98VAyvKUCX9Lht0gUrbhfDenbwgyLN3RCPS04qKEYF2Qs6xQJvKcodtGgJFj8BtaUwpVVZs8XX3mD19TglLodwREB6frIS985qfOHuB64_TENjz7WLb3nCxfpirq2Z4D3ggtqPElxztv3lnVeEY6qVtQcsWLBcA2mLC_j1Ih35r6l-hQhiPc5HFHMmgxLfBi7HD403P8uVUZtO0sNMpRYoqBWI8UMJ6QR0udCsnw5uu48I2M8JXfdVqlN5MpztzCb9lRwwRaZ74946sMEwGqtcK7a_AhpxswVXIZEgSNLZpOBfBTfc3YtM9PNh1ufckrv5cVp71XKFkrjb_nb_NjXwDTKa1hCjlVBaY3ZtZGL1ZrD96fddNhC9EovSosyyxKAztiM5dL4MKtIRa5rNKhj3V3EnH_zHjlsqOOHvM-TLOeaXH-u23AI5hXaEY-dHmwPXLgYfgB-CBILr0bLRO73get8zZVYhY61ruBQR80Fh-vm1raqrqUMzT5nPrpF4XSdzeaoT4Tqd7_L2XQ8iOwXlQOM-1L-xJj_MsljQv_ShqFTrIY120aVF1TT7eKDnX2XQuGzVU6MyCJ40X29Bp4c8X7_rdCgV0PyE_wWNuyjq5KHhWPVBJBmRrsDCrbUTcKfRvZxcG_XufiGb9mHa2HYngzL3GkwClFDG_cgCsLvwrpSeq2ztA0dJpG1_H4ajWv8lc-cyGc1JbRAVO2pgdNs7IK9YlFAFKZgx3SgeoHhzzEzSm5fZDqwuiwODUNyjLGPQ8gjT7Ccr1ieWl66-lm2SJTjgsmwXEI-uANEx9JK1TzVyYD4MywgxjfNascU59cCgQ08_d6wBV_mfVxXuUeQcYx98tEgnJ0ybj09iBU1ZFjhLKxFisNJCr2Gw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D13 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7362063492083&version=m202307240101&ct=77&x=1&cor=14704618893209956000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C9A0 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694336835472&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1548&pt=-1982891882&tz=120&viewable=true&ddast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!pl1549_vB!ufm_vG!ufrlt_vA!ul3335_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:15 GMT
content-encoding
gzip
server
nginx
machineid
1490
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=10637&tvi50=9563&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
61
date
Sun, 10 Sep 2023 09:07:15 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59165
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
nginx
x-timer
S1694336836.885915,VS0,VE61
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
dc_pre=CJv998nYn4EDFQ_lmgodKvsMuQ;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1
adservice.google.com/ddm/fls/z/ Frame E459
Redirect Chain
  • https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1694336835925850
  • https://ad.doubleclick.net/activity;dc_pre=CJv998nYn4EDFQ_lmgodKvsMuQ;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1694336835925850
  • https://adservice.google.com/ddm/fls/z/dc_pre=CJv998nYn4EDFQ_lmgodKvsMuQ;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1694336835925850
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJv998nYn4EDFQ_lmgodKvsMuQ;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1694336835925850
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/dc_pre=CJv998nYn4EDFQ_lmgodKvsMuQ;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1694336835925850
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=1295336;dc_pre=CJCH-MnYn4EDFUuimgodDl8NYw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u...
adservice.google.com/ddm/fls/z/ Frame E459
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_3...
  • https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CJCH-MnYn4EDFUuimgodDl8NYw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5...
  • https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CJCH-MnYn4EDFUuimgodDl8NYw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5B...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CJCH-MnYn4EDFUuimgodDl8NYw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1694336835925479
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CJCH-MnYn4EDFUuimgodDl8NYw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1694336835925479
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
I7fe6%2B3OYLL39pQdHbt7M%2Fs7gyOS%2FH2DRpxJ47%2FGzd18aqd%2B1aX06iENknHL4Pj8H9OgTgmOGrk%2Bb2Gk9FK1cR%2FrMvJL%2FBrc0g6q0TAgk1ujywKGg1ltoaPUXb9Rv3Xm1bgnMDqE7ddyiNr1B0QjiEn4AZvzJoqtzbPilEv5Jtscb73%2Fry9...
ad.vidverto.io/delivery/v2/content/tracking/progress/1813/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1813/I7fe6%2B3OYLL39pQdHbt7M%2Fs7gyOS%2FH2DRpxJ47%2FGzd18aqd%2B1aX06iENknHL4Pj8H9OgTgmOGrk%2Bb2Gk9FK1cR%2FrMvJL%2FBrc0g6q0TAgk1ujywKGg1ltoaPUXb9Rv3Xm1bgnMDqE7ddyiNr1B0QjiEn4AZvzJoqtzbPilEv5Jtscb73%2Fry962rDoCt2bweZBRG%2BXlCm4c7aqkAAHfdjhFA%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:15 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
event.png
tpsc-ew1.doubleverify.com/ Frame 5431 		0
308 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=9623ba94ce404998b13b28cb24b101bb&flavor=0&gdpr=&gdpr_consent=&ee_dp_adlst=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_asmm=1&vdur=182&eoid=16&te_exec=0&msrjs=4648&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=8&msltms=65&vltms=182&sei=289&vetms=179&tuviims=312&tuviems=673&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ee_dp_tmads=2491&ismms=1082&isumms=1081&nvr=6&isgmmims=1082&isgmv4mims=1082&elmtp=1&isbxdms=2491&b0=100&b11=1442&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=1542&sftb=1542&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2084&isuiabvms=2084&isgmpims=1206&isgmv4dpims=2084&ispmxpms=2084&engalms=1081&dvp_dpr=1&vstsz=735&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3388&cbust=1694336836214908
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:16 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-09-09T09:07:16
PugMaster
image6.pubmatic.com/AdServer/ Frame 9305 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57951380&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0245999859ad810cd98312477f164cce7fdd3da35aec9b25abc7c38c1304d491

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame C9A0 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18140113&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0245999859ad810cd98312477f164cce7fdd3da35aec9b25abc7c38c1304d491

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 9C99 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 10 Sep 2023 09:07:16 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 69BB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
fe337a4b-e791-46fa-a8d5-2631b98dd1a1
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 10 Sep 2023 09:07:16 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame EEE5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 10 Sep 2023 09:07:16 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame E20B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 10 Sep 2023 09:07:16 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
bridge
cm.adgrx.com/ Frame 07EA 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 10 Sep 2023 09:07:16 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame C947 		85 B
252 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 10 Sep 2023 09:07:16 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1694336836.328314,VS0,VE89
Pug
simage2.pubmatic.com/AdServer/ Frame CBA8
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 10 Sep 2023 09:07:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 10 Sep 2023 09:07:16 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 037A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGbXNVN0otdzhBQUNZVHU3LVVMZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFmsU7J-w8AACYTu7-ULg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6958563974612820945&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAFmsU7J-w8AACYTu7-ULg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6958563974612820945%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6958563974612820945&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFmsU7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 10 Sep 2023 09:07:16 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
usersync
usersync.gumgum.com/ Frame DD43 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 10 Sep 2023 09:07:16 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame 9305 		95 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8046850b5ac09b95-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 9305
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
42 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:29 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:29 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9305
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bb098b59686a7c3e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=74b8e63af99c78ae05a10253917b3bd9&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=3d943e78f2b910c2
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3f13211-db15-492f-75cd-d719573dfd43&reqId=9d932ac7-91e1-4cd0-5ab1-6191030618e8&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKzNgZxm3YmkBrOY2zdozmY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3f13211-db15-492f-75cd-d719573dfd43&reqId=9d932ac7-91e1-4cd0-5ab1-619...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEKzNgZxm3YmkBrOY2zdozmY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3f13211-db15-492f-75cd-d719573dfd43&reqId=9d932ac7-91e1-4cd0-5ab1-6191030618e8&zcluid=3d943e78f2b910c2&zdid=1332
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8046850efec39b95-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEKzNgZxm3YmkBrOY2zdozmY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b3f13211-db15-492f-75cd-d719573dfd43&reqId=9d932ac7-91e1-4cd0-5ab1-6191030618e8&zcluid=3d943e78f2b910c2&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9305
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=62ff19ca327923f7&is_secure=true&networkId=17100&version=1&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM0gXEcuaJBANzPUdWAAAAAAA&expiration=1694423236&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&...
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM0gXEcuaJBANzPUdWAAAAAAA&expiration=1694423236&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM0gXEcuaJBANzPUdWAAAAAAA&expiration=1694423236&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9305
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c62150fe-aac9-4455-9338-d55307e4b730&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c62150fe-aac9-4455-9338-d55307e4b730&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c62150fe-aac9-4455-9338-d55307e4b730&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 10 Sep 2023 09:07:16 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 9305
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348&gdpr=0&gdpr_consent=
42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:15 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
mw
mwzeom.zeotap.com/ Frame C9A0 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8046850b5ac29b95-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame C9A0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
42 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:29 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:29 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=93983F21-3FA4-497F-BF52-5E7B9ABCA894&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame C9A0
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
match
c1.adform.net/serving/cookie/ Frame 7069 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 10 Sep 2023 09:07:16 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 46EC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
9cc41085-2184-4636-9761-d3406fea1a1c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 10 Sep 2023 09:07:16 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7194115729736594569&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3E57
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 10 Sep 2023 09:07:16 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oTH_VbrlVgVmDbqD-xfSKS0M3qs&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame A744
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 10 Sep 2023 09:07:16 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277121281869478046&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame C9A0
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=19396a9b6fb92416&is_secure=true&networkId=17100&version=1&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMxwJVc5_cEwMJkp4-AAAAAAA&expiration=1694423236&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&...
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMxwJVc5_cEwMJkp4-AAAAAAA&expiration=1694423236&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMxwJVc5_cEwMJkp4-AAAAAAA&expiration=1694423236&nuid=93983F21-3FA4-497F-BF52-5E7B9ABCA894&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
bridge
cm.adgrx.com/ Frame 7F9A 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 10 Sep 2023 09:07:16 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame ED5D 		85 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 10 Sep 2023 09:07:16 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1694336836.342070,VS0,VE95
Pug
simage2.pubmatic.com/AdServer/ Frame 5832
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 10 Sep 2023 09:07:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 10 Sep 2023 09:07:16 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 6C5A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFmsU7J-w8AACYTu7-ULg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26bee_sync_partners...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=1&userid=6958563974612820945&gdpr=0&gdpr_...
  • https://bh.contextweb.com/bh/rtset?ev=AAFmsU7J-w8AACYTu7-ULg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26userid%3D6958563974612820945%26gdpr...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&userid=6958563974612820945&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 10 Sep 2023 09:07:16 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFmsU7J-w8AACYTu7-ULg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C9A0
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9543a50c-832b-4260-88f4-3fac8ed52ed4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9543a50c-832b-4260-88f4-3fac8ed52ed4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9543a50c-832b-4260-88f4-3fac8ed52ed4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 10 Sep 2023 09:07:16 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame C9A0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:15 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
ads.servenobid.com/ Frame D20A 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 10 Sep 2023 09:07:17 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=658876816&cid=743386227.1694336828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1694336831&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dt=%E5%85%A8%E8%81%AF%E7%94%9C%E9%BB%9E%E6%AD%A3%E5%A4%AF%EF%BC%81%E5%B0%88%E5%AE%B6%E6%8F%AA%E3%80%8CNG%E5%89%8D3%E5%90%8D%E3%80%8D%20%E5%86%A0%E8%BB%8D1%E5%A4%A9%E5%90%831%E7%89%87%E5%B0%B1%E5%85%8D%E9%A9%9A%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-ew1.doubleverify.com/ Frame E459 		0
308 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=85c27ca35d634ce19fbf355af66e0823&flavor=0&gdpr=&gdpr_consent=&ee_dp_adlst=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_btreg=4253811&ee_dp_btros_64=0&ee_dp_asmm=1&vdur=44&eoid=15&te_exec=0&msrjs=4648&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=31&tetms=9&msltms=108&vltms=44&sei=290&vetms=137&tuviims=153&tuviems=334&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ee_dp_tmads=2293&ismms=32&isumms=31&nvr=6&isgmmims=32&isgmv4mims=32&elmtp=1&isbxdms=2231&b0=100&b11=2284&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2384&sftb=2384&msrdp=0&naral=704&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1043&isuiabvms=1043&isgmpims=178&isgmv4dpims=1043&ispmxpms=1043&engalms=31&dvp_dpr=1&vstsz=1144&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3187&cbust=1694336836818296
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Sun, 10 Sep 2023 09:07:16 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-09-09T09:07:16
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93f65d48d93afeb21ee1c96ec5c5ff29a62015900f293516d1778f06ef5c3ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11796
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5498&cid=amp-Yw_54eXGiDXmm8WBMub-2g&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dr=&dt=%E5%85%A8%E8%81%AF%E7%94%9C%E9%BB%9E%E6%AD%A3%E5%A4%AF%EF%BC%81%E5%B0%88%E5%AE%B6%E6%8F%AA%E3%80%8CNG%E5%89%8D3%E5%90%8D%E3%80%8D%20%E5%86%A0%E8%BB%8D1%E5%A4%A9%E5%90%831%E7%89%87%E5%B0%B1%E5%85%8D%E9%A9%9A%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1694336829&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=11759&epn.domain_lookup_time=12&epn.tcp_connect_time=774&epn.redirect_time=0&epn.server_response_time=1180&epn.page_download_time=1&epn.content_download_time=2060&epn.dom_interactive_time=2060
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E5%85%A8%E8%81%AF%E7%94%9C%E9%BB%9E%E6%AD%A3%E5%A4%AF%EF%BC%81%E5%B0%88%E5%AE%B6%E6%8F%AA%E3%80%8CNG%E5%89%8D3%E5%90%8D%E3%80%8D%20%E5%86%A0%E8%BB%8D1%E5%A4%A9%E5%90%831%E7%89%87%E5%B0%B1%E5%85%8D%E9%A9%9A%E5%95%A6%EF%BD%9E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-Yw_54eXGiDXmm8WBMub-2g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-lian-tian-dian-zheng-hang-zhuan-jia-jiu-ngqian-3ming-guan-jun-1tian-chi-1pian-jiu-mian-liang-la.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=11759&dns=12&tcp=774&rrt=0&srt=1180&pdt=1&clt=2060&dit=2060&a=5498&z=0.5123709553594973&gtm=45De1110&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 08:29:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2285
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 0399 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:16 GMT
server
Kestrel
server-processing-duration-in-ticks
678848
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 0399
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=7tidNF82YkljUE5XSzNPUUZUdUladXB4TXFad0ZWYzVOeDBzMHMlMkI0YVNuelFKaTRYQVl2VnBnQ3pITD...
  • https://mug.criteo.com/sid?cpp=--ez-Xw0aWN0RmZYY1hxOFFUaytFSStkTTRnWTJUM1ZaSkpmSnVMODdUZkVCUnZ5VWxkOTMyc00reDBBTGIxMXJFSmd1NVcwRStKMEwwSlNWbGdJK25VQnF2Tms3ODBONkRBS0czaEVtK0p2RTdyNTRBV0hreENGcmJ4U0...
420 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=--ez-Xw0aWN0RmZYY1hxOFFUaytFSStkTTRnWTJUM1ZaSkpmSnVMODdUZkVCUnZ5VWxkOTMyc00reDBBTGIxMXJFSmd1NVcwRStKMEwwSlNWbGdJK25VQnF2Tms3ODBONkRBS0czaEVtK0p2RTdyNTRBV0hreENGcmJ4U05aVXhIYlJ4bkZBZnhyQk93VTdZeHBXUzFzbG5ySVl6bXNmN1BHdkZDbzZ1NUplNUh6aGxXNXJhSTdZVm1JaUgvcDBpa0FmL2tUNytpRXRsMUFjQnFBekZPLzNtNkhua1I1dXdianlqc2lUQTNPbUEyc3ovaHlrRGdUUEFFRXp0QWtZa2JWclAxd09PcWI1ZEh0ejhRZy85Z2JyeGRRZz09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
273bb5957f3a796064109918af08c37ea3d8150c9a9c4108fed05385d5cbdd53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
799081
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=--ez-Xw0aWN0RmZYY1hxOFFUaytFSStkTTRnWTJUM1ZaSkpmSnVMODdUZkVCUnZ5VWxkOTMyc00reDBBTGIxMXJFSmd1NVcwRStKMEwwSlNWbGdJK25VQnF2Tms3ODBONkRBS0czaEVtK0p2RTdyNTRBV0hreENGcmJ4U05aVXhIYlJ4bkZBZnhyQk93VTdZeHBXUzFzbG5ySVl6bXNmN1BHdkZDbzZ1NUplNUh6aGxXNXJhSTdZVm1JaUgvcDBpa0FmL2tUNytpRXRsMUFjQnFBekZPLzNtNkhua1I1dXdianlqc2lUQTNPbUEyc3ovaHlrRGdUUEFFRXp0QWtZa2JWclAxd09PcWI1ZEh0ejhRZy85Z2JyeGRRZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
354402
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 09:07:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5548 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4774
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 07:47:43 GMT
expires
Mon, 09 Sep 2024 07:47:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0F50 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1f55b0e0d8ca10c30eeb52d0aeec948be78da21c55c31aaec9396974ccd307fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4ckBX6bJdb9k_yS44zWJQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-4ckBX6bJdb9k_yS44zWJQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 09:07:17 GMT
expires
Sun, 10 Sep 2023 09:07:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
pagead2.googlesyndication.com/bg/ Frame 5548 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 14:47:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
65968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 14:47:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0F50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309060101&jk=2751421224017173&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
perf
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/perf?tvi48=10637&tvi50=9563&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Sun, 10 Sep 2023 09:07:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
generate_204
tpc.googlesyndication.com/ Frame 5548 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UvSpng
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 9305 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame C9A0 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 09:07:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.eu.criteo.net/ Frame 30B9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=X2nqHIilo0KlerMX4rrM85WnmpbqGW1YvkThTq_-VHehKfqhIdn76aHlneN0lTg-LQS3Te08_zxrfXpTjPppvI7gFWpINcXwFIUzbKWimtOJu3y-PtUpthGO-AfwclfzIX8T8SL2SChJjshzxZffI5-KbQFIljlv-97NR9g3aPDUgqkwJIg-1qDtktcTmJnty58SANphMj2DIqNZJGRbz93TDC-HNwsim9lyV6oYglho60qvJVAVyfEjWVZLbwFVGxdLNA&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGFetJymeaOLQGk-MoVnHml-xBqn96ez78uPtpK550wh_2yZXjHQsjsOY5FLN4plQT42ruqzcqFqu-Nhy5MsdjHJP0UFCGF4jyq1kGjA5ra3eccd8LekAlrTtzu1-txKFrwf0Qb2kzKtCJDlgTK_hE1vPTJmsk0X__RLDEgHBaGMMWj9XjYuTysf_YvAW2cRADmi_QgjuG5VpTlwAMzKuXeHewp7F7Ib_SeH-JPqQ0FSaDKIZEwqwBYTRJzJkOUhcR7Q-xUgczi4tZoJuJ3eyRacZnMA7e0-SxsaemzpPROLfb5vFTjfJqyLW-LMZPZQPTVL8_DYCC0JdQQGEsjn06IQOcQvzAXSmJk3USfLWv3pWJ8RNEWld2ZBltfunQqp_prjTUpGclfEUlybVwh35yrQVqkHiOwUWcnSH2y8cxEUJQ--INyCa649KW0oY5kPzGHS6ILCjhpcMh_ZhFj9G7FZ7n1FDcv52byLoydcI_ySJT0KbjWEat4vfHpQT7s8tSlPUaAwb1pmkNgA-wkg3u5r-WeHtatAH8ZGl0wIVGGcbmJLa3wASfmOQH9OI7QClGSp_HQnMo3Nxq-_fQ_D--KR_ZVkr7tZLiL4oSKxmfqpY6g_k6ACDemm_I2VYoNCZ10jGzpxdGYeN45Idtp5Vnbk9UDY0lP0J1pwU7S35hCtO5B62D_j5iSetbimzIZvTVpwIajoinbhVnoMmbivI3AecRljTp3XoWNNjGvz8rliH16NCuh5mU_h_D0PJXHpQ53BEoAWoSw-pbsJ-DjFfvtQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:18 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694336838473&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1548&pt=-1982891882&tz=120&viewable=true&ddast=V8sPwCLAZA7CiwXiJfbRCA2FFgvUS-2igAAABgYID-AIksLI6ZbbJYK1wz01o0Wk3cCtdm4tYsTBObzWMcGUaDISCRhcUxs00Wa4VrZlqLRquJW-HaTNyahWlis3mMI8NoMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ-aDodPte9Xvf73SU-z1zj9yv8itfD7hY7HXa36Omwu0VOh90tPbrsPrfQYfe5pUfXw-6WOh1uqdP1lvscT4fdrVk77T63zvWwu6Wuu1sxejrsbo3R6VYMng67W-p0vdVOh90tdjrsPrfYYRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAeCZAwNdXs6P3_bw2V2efwAAAAAAAQAAAEACAAH9sARAjPHeif__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjCCWXixnJPegmkQK9IowAAAAAtDB4rx6ZpBNULKr8___3WwG4AgAQoOiHNWSfRXdQ4i0MAACAwJgFelj8frPDrvG7Xeb_________38z_mX80QjsUe2mApgs_1PwCAgCs-QUEAGCjbgAA3gjACToErRgMVicgZgcAAADgzv___78eEJgtRpuNY7fbzUwr22Ix2uxWLsfC5rHtRsPdxuU92dgPE4AQ6Bl9NoRl9vsOCsrp6TG7DDKWy2QQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYMI3WNkmnuFaNNss16KVx7FWLneLtWBkmliMs5VxONu4Ra-P6WLzDTYWjxcJBhDuRfK0SCeiycxjXMxWht3IZPE4Vs7lyrhbGUe-2Wg43G1MFrFEc7JIJ7LLvjBbjDYbx263m5lWtsVitNmtXI6FzWPbjYa7jcvf8A1WtolnuBbNNsu1aOVxrJXL3WItGJkmFuNsZRzONm7R62O62HyDjcXjb8yWo81mNpwM943ZcrTZzIaT4b5DZ_iuPmejsqySfFw-jzTz0t2cBoXLYPG-1KfzsGAsqM-eo9NmOFcLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdCB5mt8P0ckt8no3fIpYoTRfpRK_wK14Pu1vsdNjdoqfD7hY5HXa39Oiy-9xCh93nlh5dD7tb6nS4pU7XW-5zPB12t2bttPvcOtfD7pa67m7F6OmwuzVGp1sxeDrsbqnT9VY7HXa32Omw-9xih11oepstYongdJFORC_j6aL-owZazRWTuWQymSt2i1UCAAAAAAAAALAE00w3AQAAAHAyqOFmuFit08FMZpPBbrVcABdBWbqAQQAAAAAAAIo19lgDPMxuh-nllvg8G7-VAUgw5zHb7DOCWKvVsgYAACCADQAAIICbbrwJWIni_v___8cBAACQkUMPAACAfh9QFgAAAAAAAD-CXM02-wegQqzVanW7sVarFdBgZpPJbjWB_____w!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!pl1549_vB!ufm_vG!ufrlt_vA!ul3335_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0da3d00abc568b8cc9cb9fcf0d8dabdc01c36d6a15c277b1773ee48bead8053e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:18 GMT
content-encoding
gzip
server
nginx
machineid
1411
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
all
csm.eu.criteo.net/ Frame EAF6 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=WgfjZIilo0KlerMXuw2--3FpPgnyrRWPNRXkWJMyK8E_CYDO89N4BR0yTmVIxQ2LTOvi4FD35aRIpzUZTg7ExLOM1WsXl9GGfSVXgyT0mTfExtRxNwKN4F-RwlPIdNwhZuFVivrU_zKAdIijSRTUmRHtKXPZl2wUdER_ThBkOV4zJLmgIiAOUAL-Q1jvPdF4q474jVpZVjAt3t9HeD_ABmxofBW1lgLsFYxum5GaPz_WZrt8Fvu9nEcC84h-fZ2yzlL3Ng&sds=2&rev=88100.4&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CHDnncR%2FMv2xgQQY9yzcCBOpvil3BUPRLHi0bsCiVjTE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGnM-hZKWDmr0bS57pqIL63f3QSaMn_rNTikygPgGY-_KEJpeZE3DubiNIranRPiKQPfrcDe6n4eYomSJqREc-HYN_1VrwPcPHpsWOoPBKAdZinJtu6wgcL57Gr21rNNXRMIeJJkg_w6oUKjC5nliMzHu9svrd59RVZ9XLY-U2Q1EM7BVuCmdbDUf4Pu1s_qj0uWf6agw-8F6O824zVU22S-A2mdq5Y_qJX_QrRKlZAd5Rlzv89Tfh89WmAq-qHbcr171WeAnRxyGBe2PxkK21kSu-EvDALYHFh6ERPX0Ma5xTKp7ZkxSdwaq7ys76r-EsST0vGJCcHE623mYJuKU_Egv-OYW1HNTjKIzSfhc3LDP-ynGwS9kGPz4n52Qhb9a4pe4G4BjaISm6Ma0y5V2o7ClgJnQzZEGEEdm9TMG7yDo2uy4msaEzCk95c_LVatliycRq5l_a9ivo09yh91QtQGSqnUkvpKEnIOilwyAophKQrse6jpj1aYSfRLcVigDvJtAJZF1s9OPGH-58gFTK7kYX4OdFrrlFNPr3ffjgD2wD5wLyboy5IQRJQ_B-r78TqreKIpxdO-huWtUe8btPNpEnybepkYKIk-n2RYO4ZlyE8GMJV3wEMI_r4TbMdyPg1Wza_E_m4mDyNIhwE4w53c0xVkDnt9rKwIOu5hMQiCA079AKUpFoV_RtNg8cjSASKvFPlF9Z8kBM9ZrN0gdty15_NsBi9iEnd8w5mMgNVEDeiG8vcXmhWWr7KoTAED77GR-is3gisF8hdUqPgGv7tg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Sep 2023 09:07:18 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309060101&jk=2751421224017173&bg=!vL-lv_DNAAa6D61Rmg87ADQBe5WfOBrnnHQVbNYTTM09NNV4ZtU8-NZiuM5MO1o1uZTAE6usJb2O5hS7_JeP-pW62SFjAgAAAu1SAAAAHmgBB5kCuOW8o1SB7t2B4uMpGnHAWWPYIemhPKXmMZ-mZRYJ8HWIaeXHPDIIaXeGzFJxdMz5h3xhHpCIZhUvzd4rBrTeh9sEOb0O7-GKqAjnJWok6wSikmGl4lKR7EE4F9ZLH5_011YkUmzTH7gZ-Za8OPj07OAvhTzAMmsDD845Plxrx2cWVvIFUmNGYkb7eMqE-tCcx4epE3zCfgWYugKXahMHQV1D51z0lP4ciUNkgl34b0NAhO_SIwlTnQAyllu-yWldJaSuoBNFWw5n3HUrEFFgsBGC6g3sKpzK8t5jcenKph4tUEpednMzmLydZ9TtdX-QSzTiO4bso1lz1m_rI8tPhwb02UjKTOZBrhcpjh2MEszbl1ztPTRb3yBn6eXdGChjByyMXtIQPWdWuAei-k84DGrthlr138Cgq-NhHVyOzC4JDHVpUk_iagnFQc1Skzz8HLO3PfAEk5d7uaOkLyOw7_9u3yAiLDZkh_-1CcaBnYj6ANuoaRxlrWrDfCwi_UkvmZ08m7isBJvdLcNqoQ7kLI98VBuY7Owca95UnQlpnml6w9mEc6uXqiIoidu3DQE2wg47CR_XoR7xJiJ_ygwcLBW2t15tDkXIUeFdQIvDVEuDr7L6gpdpaGcApNu_eRSV3Y74X25MTiwDdD44cpuP23a8xrf0VesZc1QNeKjsBCAoR9qN4ww5BHdcFMm3iLmyM9iPRzlWXkvtcvsWAGHubLvizfGhZcT8zB-T8JXelvqciEMle1E8zHF099N0z0goxRvacbbYeHn2X8WB-7fsMkqiflKf5bAANc_iNBu2LQfWWVQDTYOcwPtLZHCqXIYhtG1VbUxTY41Ew2zeDalDl8DVfiqoz_1Y3tlfER1fwj20j4TJcrZbMTI3OtFGNrLViBoMqXt1DtEbXY2AnbVJMcWaewOcuyJBBg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 9305 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69133144&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
958f9cf3336751513bd051b5b73c72a6daec08cedfe2719d05026f36074435ca

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 10 Sep 2023 09:07:18 GMT
content-length
1548
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 5DC2
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1f6082619725431d8be9fd0101edea4c
42 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1f6082619725431d8be9fd0101edea4c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sun, 10 Sep 2023 09:07:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1f6082619725431d8be9fd0101edea4c
pragma
no-cache
server
Tengine
Pug
image2.pubmatic.com/AdServer/ Frame 83DC
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=4463025857368766481
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=4463025857368766481
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 10 Sep 2023 09:07:19 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=4463025857368766481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame D58C
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
42 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 10 Sep 2023 09:07:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=93983F21-3FA4-497F-BF52-5E7B9ABCA894&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame 5BEA 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 10 Sep 2023 09:07:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame EA23
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667051755788886163
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667051755788886163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5667051755788886163
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame B288
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=74b8e63af99c78ae05a10253917b3bd9&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYQRWYnTSMXhRbajX&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYQRWYnTSMXhRbajX&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYQRWYnTSMXhRbajX&gdpr=0&gdpr_consent=
cookiesync
core.iprom.net/ Frame 3EDF 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 10 Sep 2023 09:07:19 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-c53f6d2a0277@version_1.569v3
X-core-time
0ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 8943 		0
0
i.match
a.tribalfusion.com/ Frame 6CDC 		43 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8046851ecd204bdd-MXP
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
usersync
usersync.gumgum.com/ Frame 9A63 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=93983F21-3FA4-497F-BF52-5E7B9ABCA894
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 10 Sep 2023 09:07:19 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 9305
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7194115729736594569
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7194115729736594569
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 10 Sep 2023 09:07:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 10 Sep 2023 09:07:19 GMT
an-x-request-uuid
f59aeef5-0427-4dca-9b3f-ef10cab870fb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7194115729736594569
x-proxy-origin
45.12.222.171; 45.12.222.171; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ab01d85492333fea5f77789e8848b94d.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1e0f23653f25e38b315344b5ffe4e891.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/66f4a96d29e1a7f1531d165447783496.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5ea47cb7bfc4eb9f33b2ca16b085b32d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/24296dbd30ee6af16375414e2ec7c9b0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/db72f8b77dc9b7f0a90d3b144312d1ce.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/36dcd2513448401f7fe865347b48d70b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/f38c96664cd1569ef85b608d422a8747.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2b16fd9571f8c17077d425b24825eea3.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/07d81349bdc5dc0124952b6ce4050d54.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/562aeeb959fdcbc49e73ca19f2aca75f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/19a75d91960294b81fd7c07359db1a36.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8c7fa2ff3244458dc4860eb6223c51bb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/f0d7c7b30b9b93e991a51f775405cabb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/26a2ff5e43cbe959519c81ab0b410f58.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/15695bbfe3f9937b93f683200026c13f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202201/aec644a07195f4b2bf375a665cd34fc2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/b28f4b79a02cee0e662ff6dc4233b286.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/661e12fdc1b91b9526582e0b023f5962.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ba09f9d63fcc97bbdd1839e647fea8ea.jpg?w=150&h=100&q=100
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEHjhV9_mJfCCMElHDTGJhtU&google_cver=1&google_push=AXcoOmS19n0nbtkaEMC2ch_3UIYhfw9MSDqaISREfS-NYaJldM1pOKd2ymQn1W9j2z8CbITXNu0ODhqaLhNjCjKqymqcL5veNAiypNg
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| documentPictureInPicture object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| _statcounter object| TRC function| _typeof object| _tblConsole undefined| msg object| ggeac object| google_tag_data object| google_js_reporting_queue object| adRecover function| setImmediate function| clearImmediate number| ampAdSlotIdCounter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| google_measure_js_timing number| google_unique_id object| gaGlobal undefined| $ undefined| jQuery function| jqAlias string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| runAnimCheck object| aries object| google_reactive_ads_global_state object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN string| nam object| placementData object| pbjs object| ucf object| request object| regeneratorRuntime object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo object| Criteo_identitytag_141 object| _apPbJsChunk object| mnet string| nobidVersion object| nobid number| ampAdGoogleIfiCounter string| paramsString object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents number| ampAdPageCorrelator number| vidverto object| aries_registry object| cmTag function| quantserve function| __qc object| ezt object| _qoptions object| _cm_wfCounters string| lastWfUrl function| inView function| VASTClient function| IMA object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _aries object| inViewWindow object| vidvertoPromiseCache object| closure_lm_155912 boolean| noPreviewPage function| startCMTagMain string| category function| VidvertoPlayerVideoPlaylistUI object| listeningFors number| 3pla object| dataLayer function| gtag object| closure_lm_73368 object| closure_lm_9272 function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer object| google_ad_modifications object| google_prev_clients object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| GoogleGcLKhOms number| measureInterval

192 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1694336828.59A63CFA21A44FF3D27A9CB71F03FD35.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1694336827.0
.statcounter.com/ Name: is_visitor_unique
Value: 1694336827235109941
www.bg3.co/ Name: __AP_SESSION__
Value: 04d1b9fc-c1ed-47d6-a370-855b46f381ef
.bg3.co/ Name: __gpi
Value: UID=00000c71948a2737:T=1694336828:RT=1694336828:S=ALNI_MYh-QTIB00_6DR6ye5uTgXJtV7VvQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnaOPeN6aJ8sBQG821j3OODY63pMvest6laaSdNx8IheGj0HJk3h_fiOVgjvHo
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Da70e6b38-4639-4ec1-9971-0d4bb86e886c-tuctbf70cbc
.criteo.com/ Name: uid
Value: 2d95c7ea-7e2d-4542-8533-f0e4b2cdc824
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 40f4220c-e677-441d-92bf-5d854201e8a0
.openx.net/ Name: i
Value: 0d68c4bc-0989-4c61-b1f2-a610c64e8e77|1694336828
.prebid.a-mo.net/ Name: __amc
Value: 1_1694336829_1694336829
ad.vidverto.io/ Name: moxuuid
Value: 2c781e3a-1878-4a1c-852d-0bb1d796d868
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1694423229
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1694423229
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1694423229
.omnitagjs.com/ Name: ayl_visitor
Value: 1508ac3d5f8fa7a695e8e648b4136b26
.rubiconproject.com/ Name: khaos
Value: LMD8EGDL-1V-CZFC
.aralego.com/ Name: sspid
Value: 88f0f25e-2902-3538-a19b-e07f667d4a73
.teads.tv/ Name: tt_viewer
Value: da73df8e-312a-4879-9be0-9d6ca968774c
.aralego.com/ Name: euconsent-v2
Value:
.bidswitch.net/ Name: tuuid
Value: f8620ad5-a3c1-4aa9-ac79-0e417151bd1f
.bidswitch.net/ Name: c
Value: 1694336829
.bidswitch.net/ Name: tuuid_lu
Value: 1694336829
a4p.adpartner.pro/ Name: apuid
Value: 5c422e2c-06d0-4262-9c29-11054a32af1e
.quantserve.com/ Name: mc
Value: 64fd873d-d516c-87a85-2f8dc
.yahoo.com/ Name: A3
Value: d=AQABBD2H_WQCEFtAKzlkXQufi2rUwLiXWnwFEgEBAQHY_mQHZQAAAAAA_eMAAA&S=AQAAAtBh0kxf17zCqNyaDsVwbc8
ad.vidverto.io/ Name: adpartner
Value: 2c781e3a-1878-4a1c-852d-0bb1d796d868
.bg3.co/ Name: __qca
Value: P0-908569280-1694336829123
.uuidksinc.net/ Name: jcsuuid
Value: cuyorFz8fH0G9gvMeELs
.adform.net/ Name: C
Value: 1
.smartadserver.com/ Name: pid
Value: 6958563974612820945
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjExMzYwMrUwNTc2szA3MzOxMBTiM9TNKsyLqjA19S6wCMkFABh_ao4lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjExMzYwMrUwNTc2szA3MzOxMBTiM9TNKsyLqjA19S6wCMkFABh_ao4lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dfZJ9DcsDvIvSNUtinROT6qIcLVMLgcAlvqpAB4AAAA
.adform.net/ Name: uid
Value: 6691273950527159550
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a131ff55-bae5-5605-660d-ba83fb17d229.56mZuJ3Gs8hrVuOcyMs1u9ydmNg9UDZush%2Fq9dBzNPo
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a131ff55-bae5-5605-660d-ba83fb17d229.56mZuJ3Gs8hrVuOcyMs1u9ydmNg9UDZush%2Fq9dBzNPo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AoTH_VbrlVgVmDbqD-xfSKS0M3qs.i8JZuTESeRvWTbpMHCtga%2FGXCmCgzdck5ePe9rCPOQE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AoTH_VbrlVgVmDbqD-xfSKS0M3qs.i8JZuTESeRvWTbpMHCtga%2FGXCmCgzdck5ePe9rCPOQE
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIILobglGX94RlMa6GRP0ANLduiry6GJKCGlyHf5N-4IfEHwYBCC-jvanBjABOgTwi70wQgRSk-Lm.2vsx7Ehk9Go8ilzOSpA2w3yaWgn18nwGnad%2B1UCUfQs
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIILobglGX94RlMa6GRP0ANLduiry6GJKCGlyHf5N-4IfEHwYBCC-jvanBjABOgTwi70wQgRSk-Lm.2vsx7Ehk9Go8ilzOSpA2w3yaWgn18nwGnad%2B1UCUfQs
.doubleclick.net/ Name: DSID
Value: NO_DATA
.amazon-adsystem.com/ Name: ad-id
Value: A_BbQRAFEUf-sNqF7Sz4QDo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 7194115729736594569
.casalemedia.com/ Name: CMID
Value: ZP2HP-VkQFCZ8keQV-TbuwAA
.casalemedia.com/ Name: CMPS
Value: 5148
.casalemedia.com/ Name: CMPRO
Value: 5148
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: 50f1e3a5-b9bf-54fd-96db-4a6ef226cd51
.betweendigital.com/ Name: ss
Value: 1
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%226d04a8b0-4fb9-11ee-9649-e90816650a30%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%226d04a8b0-4fb9-11ee-9649-e90816650a30%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%226d04a8b0-4fb9-11ee-9649-e90816650a30%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%226d04a8b0-4fb9-11ee-9649-e90816650a30%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-dIXjkq55AUNErAyKSwMkYGYHQenop9jC8Vz2Tg%22%2C%22version%22%3A%22criteo%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-9StL7K55AUNErAyKSwMkYGYHQemeSnfZ6ynoYQ&KRTB&23144-uid:k-9StL7K55AUNErAyKSwMkYGYHQemeSnfZ6ynoYQ&KRTB&23286-uid:k-9StL7K55AUNErAyKSwMkYGYHQemeSnfZ6ynoYQ&KRTB&23287-uid:k-9StL7K55AUNErAyKSwMkYGYHQemeSnfZ6ynoYQ
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2IllhGAHk!]tbPl@/D!9hy6]/Cr+b1IA!iglg/xjFgTH_0pdHlh'AG7opU259WgggYPAa3[eZO>ljj4a+mIA%nugO%v4VB%nrPb+hLd>
.360yield.com/ Name: tuuid
Value: 1f604e30-d393-4ef2-be92-9572071bcbd6
.360yield.com/ Name: tuuid_lu
Value: 1694336831
a.twiago.com/ Name: deuxesse_uxid
Value: b1a22d62a16dd0c56ac393efee429142d65add93f0364bfe545d19d041726a12
.yieldmo.com/ Name: yieldmo_id
Value: 3ReaTHRssVRjhJNQoKv5%7C1694304000000%7C0
.ads.yieldmo.com/ Name: ptrcriteo
Value: k-3yNoYa55AUNErAyKSwMkYGYHQelbcX-cttkXZA
.demdex.net/ Name: demdex
Value: 20028056625342895651043748738614101079
.linkedin.com/ Name: bcookie
Value: "v=2&a42504e0-85c1-4fef-8229-f2906132f7f5"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTQzMzY4MzE7MjswMjFOL2gqRyQzh2o43Wqyyh35p2sv0WLFj3Np45fgP3RHPw==
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3044:u=1:x=1:i=1694336831:t=1694423231:v=2:sig=AQF0cPOJpUAJS5Syj7BGLtUv29YrJGUw"
.bg3.co/ Name: _ga
Value: GA1.1.743386227.1694336828
.360yield.com/ Name: um
Value: !38,wrDUHsQDI3WAPkbzQILYsLHVpWsrrBiBLeD4lcD1Ck.jqKI1EuCW3czB5WdWRZQXhH5S8mER,1702112831
.360yield.com/ Name: umeh
Value: !38,0,1756544831,-1
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1694336831.1.0.1694336831.0.0.0
.bg3.co/ Name: __gads
Value: ID=2a3ff77ae6a1af07-222765466dde0042:T=1694336828:RT=1694336831:S=ALNI_MbUgnu2v5rAh4X1ITR6sswqncK6LA
.dpm.demdex.net/ Name: dpm
Value: 20028056625342895651043748738614101079
.tremorhub.com/ Name: tvid
Value: 020680e32d5d4c0ca827e2bd8fd64922
.tremorhub.com/ Name: tv_UICR
Value: k-hXO4lK55AUNErAyKSwMkYGYHQel_BEuCBesOuQ
ad.vidver.to/ Name: bidswitch_com
Value: f8620ad5-a3c1-4aa9-ac79-0e417151bd1f
.krxd.net/ Name: _kuid_
Value: PyZKBWNZ
.3lift.com/ Name: tluid
Value: 3627505834406371159273
.acuityplatform.com/ Name: auid
Value: 825575633393
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRR9LBRaUmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUfSwUWlI90aGlyZFBhcnR5VXNlcklkWkNBRVNFTVczSlJDV3ZKd001RGo2VUZCcTR5MPv7hnZlcnNpb27C+w=="
.openx.net/ Name: pd
Value: v2|1694336829.3|iyvQvNgun0.j8gqwksLmOge
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-10T09%3A07%3A12%22%7D
.creativecdn.com/ Name: u
Value: duA9zx5Ik5RxMay7Ymjn
.creativecdn.com/ Name: ts
Value: 1694336832
.servenobid.com/ Name: pid_317
Value: 6958563974612820945
.servenobid.com/ Name: pid_337
Value: y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
.servenobid.com/ Name: pid_339
Value: y-s0jZ3l5E2uGJy5P4QHefj1Ki37BTP_bh1rUvhyQ-~A
.gumgum.com/ Name: vst
Value: e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dfZJ9DcsDvIvSNUtinROT6qIcLVMLg_iNTSzNDE2NrMwNjA0M3vFiMo_JY7gG1lYGAAATARKkk0AAAA
.lijit.com/ Name: ljt_reader
Value: HTAjrGZHC1kSg52IQqyLrwKK
.servenobid.com/ Name: pid_312
Value: 7194115729736594569
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.adfarm1.adition.com/ Name: UserID1
Value: 7277121281869478046
.simpli.fi/ Name: suid
Value: 35D12EF780EE4009BB829DD55E9E0604
ads.avct.cloud/ Name: uuid
Value: c8136c3f-8761-4535-b0b3-6413699b34b2
.w55c.net/ Name: wfivefivec
Value: N5rMIVQo1QFgpq5
.tribalfusion.com/ Name: ANON_ID
Value: abntuJxlqLlnJVsPT6n62XmLhHZa4ZbEiuSroBIBVOJ3pHUljq4JVGQ8TindIXL2ZcLeJXQlhFZdtZaQaibg9NZd99TVG1
.admanmedia.com/ Name: admtr
Value: dc0e5e02-155c-41af-8a8b-25e49bda20de
.go.sonobi.com/ Name: __uis
Value: a535217a-1240-4591-b31a-47fbd5b57c47
.go.sonobi.com/ Name: HAPLB8G
Value: s85183|ZP2HR
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-8044c00d-f143-3530-b556-f1ed0ccb8af4
.yellowblue.io/ Name: wrvUserID
Value: ElyULpT-Cp_s
.servenobid.com/ Name: pid_333
Value: ZP2HP_VkQFCZ8keQV_TbuwAAFBwAAAIB
.minutemedia-prebid.com/ Name: wrvUserID
Value: b2yULMT-kp_mm
.w55c.net/ Name: matchgoogle
Value: 5
.servenobid.com/ Name: pid_324
Value: 4463025857368766481
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_328
Value: dc0e5e02-155c-41af-8a8b-25e49bda20de
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_35d6d734-9b6c-4ca3-8da8-eb814eed8451
.servenobid.com/ Name: pid_309
Value: e_3c0a7e78-b7cc-40c1-8dcb-d37b5c36535d
.csync.loopme.me/ Name: viewer_token
Value: 57d2a313-eaca-4255-97c5-5c7f17e2adf6
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 93983F21-3FA4-497F-BF52-5E7B9ABCA894
.servenobid.com/ Name: pid_332
Value: a535217a-1240-4591-b31a-47fbd5b57c47
.brand-display.com/ Name: _knxq_
Value: 3bb2cb4c-8f5a-b65f-27a3ebdd.1694336833.0.1694336833.1694336833
.outbrain.com/ Name: obuid
Value: 6cd97ff2-f609-4b83-b9ad-f02374a0b41c
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZP2HQQAPOYX7WQBY
.contextweb.com/ Name: V
Value: abIQXEofxPTt
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6cdd5cbc8441db71
.turn.com/ Name: uid
Value: 7031372384577410706
.servenobid.com/ Name: pid_352
Value: ElyULpT-Cp_s
.servenobid.com/ Name: pid_348
Value: b2yULMT-kp_mm
.metadsp.co.uk/ Name: ruuid
Value: 26a715cb-f765-4600-b5f1-c0cfec966d82
.metadsp.co.uk/ Name: c
Value: 1694336833
.metadsp.co.uk/ Name: ruuid_lu
Value: 1694336833
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fab17d08-88f3-4b0d-9586-f5759b535701-003%22%7D
.quantserve.com/ Name: d
Value: EDUBGwH1KYEO-TCJiTCuu4EA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~2du9:196n~2du9:18z8~2du9"
.servenobid.com/ Name: pid_323
Value: LMD8EGDL-1V-CZFC
.bidr.io/ Name: bito
Value: AAFmsU7J-w8AACYTu7-ULg
.bidr.io/ Name: bitoIsSecure
Value: ok
.servenobid.com/ Name: pid_316
Value: 93983F21-3FA4-497F-BF52-5E7B9ABCA894
.weborama.fr/ Name: AFFICHE_W
Value: 8YhCXD6Dgy7x20
.richaudience.com/ Name: pdid
Value: 37bf855f-52f7-4b6c-a4ff-1zz1694336822
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6691273950527159550&KRTB&23263-6691273950527159550&KRTB&23481-6691273950527159550
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqzUoP5exo3DlqbBgMWySGKnddJL2ro258TPtXzgn8vBAIjnPKPGPdrswClNKwy9UIhVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-DEzWQwJPg0MXHIUWDBudHw0ZiBIXStYfXhuqi5ri&KRTB&19420-DEzWQwJPg0MXHIUWDBudHw0ZiBIXStYfXhuqi5ri&KRTB&22979-DEzWQwJPg0MXHIUWDBudHw0ZiBIXStYfXhuqi5ri&KRTB&23403-DEzWQwJPg0MXHIUWDBudHw0ZiBIXStYfXhuqi5ri
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAOhpcUSnjAzJv8spocHy88&KRTB&23025-CAESEAOhpcUSnjAzJv8spocHy88&KRTB&23386-CAESEAOhpcUSnjAzJv8spocHy88
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fab17d08-88f3-4b0d-9586-f5759b535701-003%22%7D
.us.ck-ie.com/ Name: CID
Value: 6e0b9ff26730680611f76137ec6580c7e763a81e
.richaudience.com/ Name: avcid-bsx-uid
Value: AAFmsU7J-w8AACYTu7-ULg
.servenobid.com/ Name: pid_321
Value: RX-fab17d08-88f3-4b0d-9586-f5759b535701-003
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 74b8e63af99c78ae05a10253917b3bd9
.betweendigital.com/ Name: ut
Value: ZP2HQQAIAsiUCDtyQftOzjwSStaqV_oz0eIbtg==
.zemanta.com/ Name: zuid
Value: o6XWJzRep4IfjfXzIeZX
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7031372384577410706&KRTB&23150-7031372384577410706
.rqtrk.eu/ Name: browser_id
Value: 1:71fd05eb-fcbd-486a-900b-a93c10cbda91
.bumlam.com/ Name: suuid3
Value: IiQ2ZTdkOWVmZS00ZmI5LTExZWUtYjFkYS0wMDI1OTBjODI0Mzc*
.ipredictive.com/ Name: cu
Value: 7c68c353-add7-4411-9764-3afe2dcb19ff|1694336833667
.smilewanted.com/ Name: sw_user_params_infos
Value: 3ViJBaMQpt6f1BNX1Yk%2Ba8JzaqwlVokF42JBPDVZEATPuwVMjRIynqHaon7ESJEaU%2BojdZPCVU1F0afKnGjIfv5dHZTmcfg0DXSlWc5mEeWExJOboPkwqDFl4R2mzivY5Qy0hENcwLPQ4VlKoihJqG5ThSYSxL3HWq5RioVMaMxINKpyCztZzPbEakNXf3ljVo2SKHDNAj1JZySJAoFFxT8txGQdnZQmhD0kVFJ8WiPDZMmxdXgfMUbBKGsXFUjEqmPUYdmitcgKpRnpKIgAfRViMWU8K1keqR%2B9PSjrg6h38im5g2Tupeza150DaNWLyjJTU7C%2B0mEuYhG6IHCwZ49KTj2CiNkpEjTaKHt2EMM%3D
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f8620ad5-a3c1-4aa9-ac79-0e417151bd1f
.bluekai.com/ Name: bku
Value: ikG99WscdVuFsQx7
.bluekai.com/ Name: bkpa
Value: KJhz062FLM9z9mOwDtd3byIofTDLmiMx+WPLGzCkyP/l8M2YzRkIIZVUcUjIXLh5B2G8K/FPd8KreVbT6Fu8Ld60wUTK3t53btG0tnRqQG2hfOl0NQQ/97JRr14PpJft6kpcjZjrayEAfrpQckKeQOpm5l+3mQEWBm4pGEs77IKHa7ZCtWYunAmPoJUWwkmXgJ1RLTppvL8XJgQwsoQvCSddIWocVySXNJnUq12aWq2bvrWaNgIw3GEF2AZ6oUkDay3XVg1BvyGLJudlRuojnvQimjSDkTnAPJVjtaqgoSJj7KLRDpIm+9uVE+fq4QMIEKfrgHIbgXRXQLP6mF6K9BNHUGR=
.socdm.com/ Name: SOC
Value: ZP2HQcCo8XwAALBFmTIAAAAA
.servenobid.com/ Name: pid_346
Value: ua-8044c00d-f143-3530-b556-f1ed0ccb8af4
.pubmatic.com/ Name: SPugT
Value: 1694336834
.audrte.com/ Name: arcki2
Value: 797n8WTbW-6Sr-mc-OVkp0z8w!20220908!1694336834984!ip#45.12.222.171
.audrte.com/ Name: arcki2_pubmatic
Value: 93983F21-3FA4-497F-BF52-5E7B9ABCA894!20220908!1694336834987
.audrte.com/ Name: arcki2_ddp2
Value: 797n8WTbW-6Sr-mc-OVkp0z8w!20220908!1694336835674
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 162412:4
.pubmatic.com/ Name: DPSync3
Value: 1695513600%3A197_235_201_245_241_227_226_219
.pubmatic.com/ Name: SyncRTB3
Value: 1695600000%3A35%7C1695168000%3A63%7C1695513600%3A233_22_81_251_220_8_55_234_166_71_21_56_54_13_3_165%7C1694908800%3A15_2_223%7C1696896000%3A203
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7194115729736594569&KRTB&23339-7194115729736594569
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7277121281869478046&KRTB&23369-7277121281869478046
.dotomi.com/ Name: DotomiTest
Value: 62ff19ca327923f7
.zeotap.com/ Name: zc
Value: b3f13211-db15-492f-75cd-d719573dfd43
.sitescout.com/ Name: ssi
Value: a9f8e620-f046-467e-8f81-385891e5d501#1694336836412
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NDMzNjgzNjQ0NX0
.servenobid.com/ Name: pid_310
Value: HTAjrGZHC1kSg52IQqyLrwKK
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-oTH_VbrlVgVmDbqD-xfSKS0M3qs&KRTB&23334-oTH_VbrlVgVmDbqD-xfSKS0M3qs&KRTB&23417-oTH_VbrlVgVmDbqD-xfSKS0M3qs&KRTB&23426-oTH_VbrlVgVmDbqD-xfSKS0M3qs
.adsby.bidtheatre.com/ Name: __kuid
Value: 9543a50c-832b-4260-88f4-3fac8ed52ed4.463550836
.smartadserver.com/ Name: csync
Value: 49:7277121281869478046|79:k-GYFZOa55AUNErAyKSwMkYGYHQekXm2qJ6fobAA|127:AAFmsU7J-w8AACYTu7-ULg
.semasio.net/ Name: SEUNCY
Value: F0F21313E5009E
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348&KRTB&23418-a9f8e620-f046-467e-8f81-385891e5d501-64fd8744-4348
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAM0gXEcuaJBANzPUdWAAAAAAA&KRTB&22713-AAAM0gXEcuaJBANzPUdWAAAAAAA&KRTB&22715-AAAM0gXEcuaJBANzPUdWAAAAAAA&KRTB&23519-AAAM0gXEcuaJBANzPUdWAAAAAAA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ms4|7dN.0.AAFmsU7J-w8AACYTu7-ULg|7bq.0.1
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFmsU7J-w8AACYTu7-ULg
.onaudience.com/ Name: cookie
Value: 3d943e78f2b910c2
.onaudience.com/ Name: done_redirects147
Value: 1
.audrte.com/ Name: arcki2_adform
Value: 6691273950527159550!20220908!1694336836211
.pubmatic.com/ Name: PugT
Value: 1694336835
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zsc
Value: %1B0%13%BB%D1%E0%8A%C3%BF%CE%09%EBr%BA%C5%FF%B3%80%DAy%9EG%25%17G%22%00%A3%BC%C2u2W%7BR%12%92r%D3%254%02%A6%E2%FA%D7%B4%00%7B%AF%10e%AC%CD%ED%BD%8C%BF%D2e.%CA%F7%1DY6%FF%9E%B8%D67%E8%25%95%025%BF%07%94%7F%FA%C6%FB
.bg3.co/ Name: cto_bundle
Value: YDlWJV82YkljUE5XSzNPUUZUdUladXB4TXFRZnFCbVFuQ2NpN211WjBOWlRDSExjcnBYbFB4MDhERHFtbGI1VldIR05PeHZoVzg3VkR5bzMlMkJJeWhVU1hvOGkwMHJNUFVxcHprN1ZZVUp6UkZrTGQwY0x5VVBSdDF5VGhCNnhMU0pwMEdmT05IbSUyRjlDbW9JZlliZkxGdDU0byUyQmclM0QlM0Q

30 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/f38c96664cd1569ef85b608d422a8747.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/36dcd2513448401f7fe865347b48d70b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/66f4a96d29e1a7f1531d165447783496.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ab01d85492333fea5f77789e8848b94d.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/db72f8b77dc9b7f0a90d3b144312d1ce.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/24296dbd30ee6af16375414e2ec7c9b0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1e0f23653f25e38b315344b5ffe4e891.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5ea47cb7bfc4eb9f33b2ca16b085b32d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8c7fa2ff3244458dc4860eb6223c51bb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/19a75d91960294b81fd7c07359db1a36.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2b16fd9571f8c17077d425b24825eea3.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/562aeeb959fdcbc49e73ca19f2aca75f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/15695bbfe3f9937b93f683200026c13f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/07d81349bdc5dc0124952b6ce4050d54.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/26a2ff5e43cbe959519c81ab0b410f58.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/f0d7c7b30b9b93e991a51f775405cabb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/661e12fdc1b91b9526582e0b023f5962.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202201/aec644a07195f4b2bf375a665cd34fc2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/b28f4b79a02cee0e662ff6dc4233b286.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ba09f9d63fcc97bbdd1839e647fea8ea.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js(Line 10)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 484)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EvcXVhbi1saWFuLXRpYW4tZGlhbi16aGVuZy1oYW5nLXpodWFuLWppYS1qaXUtbmdxaWFuLTNtaW5nLWd1YW4tanVuLTF0aWFuLWNoaS0xcGlhbi1qaXUtbWlhbi1saWFuZy1sYS5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 484)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 484)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
deprecation warning URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

47ab540382b6c5487d3ea0bfc970e42f.safeframe.googlesyndication.com
a.audrte.com
a.rfihub.com
a.teads.tv
a.tribalfusion.com
a.twiago.com
a4p.adpartner.pro
aabd529e31ce7dd774f0db284c9455d1.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad.yieldlab.net
adpushup-d.openx.net
ads.aralego.com
ads.avct.cloud
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
c21lg-d.media.net
cat.fr3.eu.criteo.com
cat.nl3.eu.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.doubleverify.com
cdn.flashtalking.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.vidverto.io
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d-9584005791704894627.ampproject.net
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
exchange.mediavine.com
f3c1161066193ca15a31aee1fc2b7869.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id5-sync.com
il-trc-events.taboola.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.openx.net
rtb0.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.thebrighttag.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.flashtalking.com
secure.quantserve.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-dmp.aura-dsp.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.aralego.com
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
widget.fr3.eu.criteo.com
ws.rqtrk.eu
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
cm-supply-web.gammaplatform.com
static.bg3.co
sync-dmp.aura-dsp.com
sync.tidaltv.com
103.231.174.251
104.18.38.76
104.18.39.155
104.20.218.77
104.22.69.131
104.64.126.246
104.75.89.75
104.76.200.221
124.146.215.42
13.32.99.115
130.211.44.5
141.226.228.48
141.94.170.64
141.95.172.216
141.95.32.71
141.95.98.64
142.250.185.66
142.250.186.166
147.75.86.239
151.101.129.44
151.101.66.49
152.199.21.70
154.59.122.79
162.210.196.208
162.55.236.225
175.110.113.211
178.250.1.11
178.250.1.6
178.250.1.9
178.250.7.11
178.250.7.9
178.32.210.231
18.196.65.44
18.196.86.219
18.208.74.11
18.210.34.36
185.106.33.48
185.180.220.208
185.184.8.90
185.255.84.151
185.255.84.153
185.64.190.79
185.64.191.210
185.84.60.20
185.86.139.104
188.166.17.21
190.2.150.148
193.0.160.131
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
2.18.160.23
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
203.195.121.142
208.93.169.131
213.155.156.169
216.52.2.16
216.52.2.48
23.206.81.43
23.32.184.180
23.32.184.192
23.35.237.75
23.50.131.87
23.97.225.52
2600:1f18:24e6:b901:b58:f655:b2f0:bc51
2600:1f18:612b:4216:65bd:bf52:226a:b097
2600:9000:223c:9800:6:44e3:f8c0:93a1
2600:9000:223f:e00:1f:4c18:bd40:93a1
2600:9000:2304:600:a:e047:753:6381
2602:803:c003:200::44
2606:4700:10::ac43:266a
2606:4700:10::ac43:db6
2606:4700:20::681a:467
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700:e0::ac40:6402
2607:f8b0:4004:c1b::5e
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2006
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9b
2a02:2638:3::10
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::4
2a02:2638:d::c
2a02:26f0:3500:d::1732:83c8
2a02:26f0:480:f::213:7ec8
2a02:fa8:8806:12::1370
2a05:d018:d29:3602:e201:bdb5:e43c:2ec
3.126.31.96
3.141.87.90
3.33.220.150
3.65.188.50
3.73.61.181
3.75.62.37
3.76.148.198
31.172.81.172
31.220.27.155
34.102.146.192
34.102.163.6
34.102.253.54
34.107.148.139
34.111.129.221
34.117.157.22
34.120.107.143
34.160.19.107
34.249.118.122
34.249.177.138
34.250.67.227
34.253.17.140
34.255.244.27
35.186.193.173
35.186.253.211
35.204.74.118
35.210.239.72
35.214.220.38
35.244.159.8
37.157.3.20
37.157.6.233
37.252.171.85
46.228.174.117
50.31.142.95
51.222.80.231
51.89.9.254
52.204.145.156
52.210.15.1
52.210.221.60
52.214.105.145
52.214.255.27
52.30.209.60
52.45.175.185
52.46.151.131
52.48.146.251
52.50.109.207
52.57.130.135
52.58.177.150
52.94.223.167
54.167.186.89
54.174.89.161
54.38.197.123
64.202.112.159
64.95.96.108
69.166.1.66
69.173.144.137
69.173.144.138
69.173.144.165
76.223.111.18
77.243.51.122
77.245.57.72
8.18.47.7
8.2.108.194
8.2.110.24
8.43.72.98
80.77.87.162
82.145.213.8
85.114.159.93
85.215.5.31
95.101.148.20
95.101.148.38
95.101.149.233
95.101.149.35
98.98.134.242
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0245999859ad810cd98312477f164cce7fdd3da35aec9b25abc7c38c1304d491
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
045e41472d44f47e489bc0bd1cb437c3713700afc4b5bff211cd7bca29f52527
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a99ca80cd5f578e453b1b3249f7e39eb02cebfdb2faf1d8d4639e81600b8a58
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf1e4568f9f26d535f7faa34442d781664d5e6c351019396a6d04d13a7dc4ef
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0da3d00abc568b8cc9cb9fcf0d8dabdc01c36d6a15c277b1773ee48bead8053e
0dc81139659a35c3ab52e782ce197ef74b47cb612dec4f0889348bbd4b3a90b3
0e2f050862f60fbc1840aa0daf487784c45e901498b06adc67d41bc1940705fa
0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13ec52544bd81ab84352c7d1c781b85bdb9e8b917c9c0d52953b396859862242
14ebeee0fa7d7bfa7a5c4ffb214d039a328630137b014fab0141d68af0ca5782
159b8e04385dc86ad47c0d413ca69e46eb6225c3a79aae9c97c74ba266a13279
15b1935d67282d2378868104fafd1a4807b44d87217d622f144191947bfcdf64
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ab1a641b68d4230f1589100a2ca16ee3e1187a65f1361827f1cc45e23d5f63
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
1b4acc25c424b09c47ac70f9c121ebb73deb5e3dbdcdcf96c00399d79fdd1b34
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d1c08d93103cdd0a6f614671663012e80dd00d1b17192480f6b6f3e43b910c0
1d7082e9253fc7753f8e457947872bbbae81919127a54d020a1427fd20cf5127
1f55b0e0d8ca10c30eeb52d0aeec948be78da21c55c31aaec9396974ccd307fb
200c95532c53da0912b3934fa9e60970a0c49c8a8a37dae3f1498d38abce6c12
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21b66fd120120971ef13a36728c6b048cdfb18bc6355a4c79f9d49d1fe5e94f8
252252acd6131aa529469c26df8e7a3cc793d5af695cb8047b4ebf9b5836f08c
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
273bb5957f3a796064109918af08c37ea3d8150c9a9c4108fed05385d5cbdd53
29883e144485d6042b45dbbede91ae6af9972a259cc6b546d52b27fdcbadb25c
29cb250b76a05410a93e22e7b9edfa544646a41efd02986caa7dd8d55f911d89
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2c81a2400224a3748ac84fe01b516d91eb586e73a680f06cb4f398d2bcab9176
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd5f9125bea948cf3f754daeb98cb6b8355af2323ba08b09391599ebf83492f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33d8387d1795ea5aeb34223a115aa375ee04374fb5a09bc647f3552374e6fda7
34de0a37c9b3564ed505a5d02457e015fc47354e9d1007aeef63884670110f07
36d79c43757e8975e1e1d8bc960fbeb5b9c6c68feed04b9641ee56f82865d412
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39639c92cd5626e413bffc75382a2e446539431e0c5dfd6fefae1a4dac467eba
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b12cb7b9d35cd9b173edb4230119c2422b5747eee4171cbf34ab8f27903d5a3
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25
3c0d9e37e84dce8c7cbdcf693b07b616bf8f1b6cfcba0eb651a159d8be031f8c
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40c4db9b00d1892fdeb1cc4a68fd7d97e280f2b82cee1bc9dda0c6ac0a2a13ea
40fb520ec5ee035cfe1ba6acb861e4a2cad28e66f5c3791a3895907feabf63c8
4196669fa5212e686a98bc93851be679a6587db2c854ea33fdf7f0c6b2469991
41f70bff8185b0bea52ff4ea35be81e4cd158335cdabd13dfa90afa0ca6967d2
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
4397f902ee61f7cbcacf6edeae4127dfafa438b3bd6207eb0489fe0367c11b72
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449070b43825070074f447e1cc8a3bb5d9579a6ec9af743beaf69a2c646ccf8a
4685facc3a223664b1e73cf59cacb3cf406c3db5707cf0e0e83c6b1f3c7a107e
46889a926383b633648847c58220b65ea7517f8fe7eae6a4bf2c2f58ec10a80f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46aa1e15fccfbf3afa562e18a264bcf1214f73f3b815d26b2ec1ceb2f8693b14
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a0f006fc0c9f18f4c731c9a889b4946474fd108a297940fcb02ea31d76d78d4
4a81bd686b444625c86e46d421e09d91e9f5245961adbe780c9195a19d6ccab2
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c36f265593f4cc5f10aeea8cf0de4893ff09349a63eb33edb56041390b93d73
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f4b12d22fb23ef64d59e59f8b359679c4d322a41f1cef15d37af70a46ff4034
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50673231857e2140ef878429a20b7c0223cdd88e1acb38a99c9ba8e338ba5aad
522d69a00b930b1a4af447000520e593b9d1f7092f4bf1d2f6e4dfe0bf08eae5
529af6a6b09af7db3e196e86770116f04ddf388374eceb623b7d52051a4155c8
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
540dfacb5653359db263f2d751b3494596b42b5acae30bc379eec33e87ed40bc
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b6efcf5f0b9ed822ede5d4cd518e62d9d39bd94a9e584039f67cf5c524643
56c10097fbdf6119a15a1a61cd031c1741b16e5cb89d128af0b1f86033645396
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
5b118e1496dca781d14a6f7e0dee34cc5cdb3d5b78f26d77b54089da8dbe7a1c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d3c90ee51bb9d9d2c9642c0fac6c5243d3375db196b203236cc4fe071ddce75
6071232b4947972c05e7ea4b40f919ae1a92be937cdb1b3f644208df48ffec5b
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
659c04daa2a54bef52f7966dc3500b8e702c6c8cd1c4a3bf5516234d3fb10a74
65db371eef1d8e5fe5b84b0e9e66a1f6cb3c321570e788d23c04bb93821436a1
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68c9b585e4b7bed0162034533ab90f9a0c90d308b059fddc9a21a483c6d065ab
6a699f333a3921d9df86f14601828ea393fd9d137cf0f00ba86c82d33d8f34c3
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6dcb86d699332e962737d5d1532f4414756b53717482c6321988edf424ff6087
6e7fec0805e56f82293f8f62c4f07b173436012f2afb14775027dab5bb769aec
71066e3ac520789c5a60f4552ef3215e98535d7b23c83cbe650d32868119e353
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
71e375d5444b117a25725466b97c277c7b7243523340f8ace4c58ad259f28982
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
746faef1bf1e65d535c118c1717e19c86518591d5045838024cc2f4bb6c5b2dc
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
788bc382d2a3eed58c27fb82620a4e5acac8fc9c23491037d878bad3cff9eb53
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79889b78ee94325200ca2fe6dcf14624a0abfbe7de5280c894c1f3cb1788b909
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7c3a14d6f0939d20b9e0322a0615e56edf4bbbb016af69478f302ee7f1ecee2c
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fa543258b5cab4d772db526de40595049c0c46c1757253e9a7eb93f42230cf7
82462483aa1bb3ecc00eaebcf9590f3f37a1c42ee5ebfa49e0728f3545cc1449
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
8311e322a50b6ffa4406120f85f0b204141c1fc84fd78da026b46d6fd029b45d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
838ba4614c7952c767352fceb8eb5d2e39c80848c4d08c8bdeeb343b6c9cf9ac
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
85359d47fe4914f2c1b3288aa63ddd1f0236457e7e849065881a4237ce76c014
859d69b85f5ba6498d697961105bbb1b94bac8665274b47aff716da5f6d14590
85a515e074b3031bd2246672472e9ba9a210444b7e9369c62d7a1ca57ade1f91
888f76105fb77df4b08a77b9fbf0746568ac052c7bc8597e5e0880565b86e895
893f5e388ab31c4c4041021c8354d9396e506e1f754769c74f5b62b910f11e94
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ae5ed4e4437479e9f2aa218f553f70edfd8e5cfae768fe82c1688fb863834d3
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd10c4eabe829c55b6dc7b0b3c581ef3809a309008d16aa34ba0ba092f2b1d1
8e57486336f055902979d429591bd46371c9dd5e517b7fb54433aba7fe362efc
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
919664d4c088d6963c5c872ced7e8859a3cabc2cec3ef42f4afa99de7a3321da
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93ed571b8ae692ae8d125a088c08a737ffd758dc6d771c7af07143d9384dec36
93f65d48d93afeb21ee1c96ec5c5ff29a62015900f293516d1778f06ef5c3ef5
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94b7211cd0fc8fe2a4fcd15bce510e5bc968581b896a8c168cb8203639edd6f6
958f9cf3336751513bd051b5b73c72a6daec08cedfe2719d05026f36074435ca
9848fd9c8e8d1002001cd245c2218c1c51d6e0aa9f543a0163e19bf6899af172
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a167b5cc9acf48977ded979c4ea14c3c69f015fb4c22476c3dca8343a993853
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9cab3225bc5ad29cf87d85f4907379efb2fad2cc3fd78b64890accfc2d956606
9cdc95a5a7530f63cb0596d39d3d085c03bbba9e887dece7aead9d82d96855f5
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9da2d7a84e76c27b93b2c4cacf7d94664404afa4c832a51b61516c3e510467c8
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0f9d74917fc454ac0bfbe71feb7d77b7572b21125dc5fdea561c771c1e2276a
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a2c0b56e48f5c453c09b9229d70e9e85aead182f70b1ff39245061bf60af6bc0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5a0a604cfc1b047c5cd3177469fbaa50a532b2af31308ab98c2e5217433bdad
a673cc4b8d035afebd4faf1a62394d9919e23b2ffd552aaca01928dbe519fcef
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7f6bf3d4e79e967e0b1b70de5e46a16da84b04fc505eedca6da03127901953c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab256a1fe117fb9da19588d614a4cff6828fe520714adc174d600f45202634d0
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be
ab583f888172755c472f6fca0b90e20bf7ad042a2fc37e2931309a5566f9006d
ac03e080b9a9887d448e3cfa63772cf3f124d22d307b07ba2eda46198c69d911
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17ec7183847fbdeca53470457b665ccf9994bc3ba80060f9075eecfecc4f1a7
b2667c5a21fcde467613da8c09a1137467ff3ddbefd3cd4a8cc9f1b794524fba
b375e319a0558772f62ce7bce6f93330bb5302a7f44a678df8d01c8b0e4f9a1f
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
ba37c2757fd3663d832c6076d5e517c7616f576c2d21cc38c971d7db2cb26fe0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776
bfb968ff7ebcfc502af4bee0e5b4fce1b3ddfc29b883947aa18737c7ddf4dc05
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2226a64b4b0d5564f70e72fd278374dac255a891f12b42f3c11fe9db2f205a9
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c2e108b13f9db2acc5baf4873111d47587fcfc08fac49592a736d7846993ff25
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea
c4c3a8faa349fdce75018086cf89ad9b5977de24a701c1730c16e9ed3d408599
c5cf45b26dde31bd5f458a26d4803b5d95e254059466a82ae8ce077cae298be6
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c74c1b623078af6f50db3f4b8bff0afd711fb3e2ab2321f21c2a29538869ad56
c86ab658c68e309d082b94e89f57c01030ac9798b7384910a9782d3858f9f9b3
ca47c85440c7d12d970ea0468b8464022b9c6e541a6d5c8d41635bdc7301795e
ca997f64a7f9564b97ecfd84682961ad9329a691f98c36de96286f7d208fc42f
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
cd451ce081cb2151cd4e5a5ce9fa660d3d427eca6b6bfab4ce753dab7c47bd98
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf472c9e60c18b1c6c85c1c4f18a10d781ceb5b7a8cf9e088aa9d437ac0558b5
cfa93736e21e6f8e446cba5e941401ec87939342c33ccc9d8ebd92d97537b35e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f52400697d111fb9f2271c72cf59eaabfe2712d075e6eaf6ef88226fe55a71
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
d6c56cff36e9b220cc02928038af86ac251683a17c542dd413a0470aec426925
d817c9d5e373b77777d55c671007c32d9f22f1c4998e4f680542fc860583ba06
d84e9440bfdfd5f3bd2880adfcfe7b7761603e50f150fa51df83fd410abbc65f
da381eeabfff6173b5788d61f8dd5fe49a4ef0f6c70301348cf03571d20bd194
dae0b88c1732815e47cb0d2d0d7e270b9225d316216ee4ba20ab74eea6d8525c
dbed53cb11df083113e8a251de754e017eaaca303ba6dab2451235d16afb6cf7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de956ad6152a1716629f73c381859f25219c49dac0845823d62ea7756bd845a8
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e016d3df93459256a6fe9e8138adba21bfba1589672c6149fb5bbde470580c20
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f298aa9d222ca8c24ed9c250d1b373904b3d39d68416e89c7edd702e436963
e42c097534c587551c67efe86ac5ab10586bd12d76749111848412a9fce92798
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b7babf84ce7797789a5680401cb436cdc9118988848a158ca54418412d1083
e953f7d5f73363f5d985130f70df726754d7ce828431b251e12f18a176d3bb0b
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ebdc314a4d78be7683fc9f73e6ea3ae65c931bb3c1e3db0e4fc9d9efc16f660c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dab040fd6fa463bebc0f42e4c70a353720ccd683d2e74ebed51f8249061ad6
f149685a7ee57be9021e9195fe13705d2656c54b066f08be7c06a22c91b30585
f24e7689e361a285f554af82ca4ae701d8d75c49265513fb5fbbc87b217433ad
f2528b8260f6703bff64d60b104edd00a929fe82e275c4237e2e4808b8a3cea9
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
f538b18149ea8f232f7fcee860f92d75fd8e928dabae5a8095bb542eb29eb255
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6600d2c86d9e08dac16091c9d0975439adcfa26515f513c6b98153465dc8cef
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
fee6798a9695f7027c1b72061c51d6a16ccf853b8521fd58021ad73999ffd8d1
feef3715ac4827f09fc92d88d562728707fb1f4c82bd8352880a2ed235778bb3
ff04b7aa5a8e20898e804fed1cbf640bf5e4352d8ce3298e32aa86bf74914e14
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0