urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Submission: On October 02 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 12 countries across 112 domains to perform 587 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
8 142.250.185.97 15169 (GOOGLE)
1 13 142.250.74.194 15169 (GOOGLE)
4 142.250.186.168 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
40 151.101.193.44 54113 (FASTLY)
2 5 162.210.196.208 30633 (LEASEWEB-...)
3 104.26.5.103 13335 (CLOUDFLAR...)
12 138.199.36.9 60068 (CDN77 ^_^)
2 151.101.2.137 54113 (FASTLY)
5 178.250.1.11 44788 (ASN-CRITE...)
4 216.239.34.36 15169 (GOOGLE)
4 151.101.129.44 54113 (FASTLY)
18 185.106.33.48 200478 (TABOOLA-AS)
8 23.97.225.52 8075 (MICROSOFT...)
1 139.144.5.218 63949 (AKAMAI-LI...)
4 142.250.186.74 15169 (GOOGLE)
2 4 91.228.74.251 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
2 185.255.84.151 200271 (IGUANE-)
8 12 185.89.210.212 29990 (ASN-APPNEX)
2 23.52.123.144 16625 (AKAMAI-AS)
2 6 35.227.252.103 15169 (GOOGLE)
4 19 104.18.26.193 13335 (CLOUDFLAR...)
2 69.173.144.137 26667 (RUBICONPR...)
2 213.19.162.21 26667 (RUBICONPR...)
2 18.192.168.246 16509 (AMAZON-02)
2 34.120.63.153 396982 (GOOGLE-CL...)
1 4 145.40.97.66 54825 (PACKET)
6 104.22.69.131 13335 (CLOUDFLAR...)
2 18.197.47.48 16509 (AMAZON-02)
15 63.34.177.0 16509 (AMAZON-02)
5 23 51.89.9.253 16276 (OVH)
2 178.250.1.8 44788 (ASN-CRITE...)
5 141.226.228.48 200478 (TABOOLA-AS)
14 52.223.40.198 16509 (AMAZON-02)
2 9 54.247.154.185 16509 (AMAZON-02)
3 7 3.123.242.198 16509 (AMAZON-02)
1 18.66.97.46 16509 (AMAZON-02)
1 18.66.97.31 16509 (AMAZON-02)
30 142.250.186.130 15169 (GOOGLE)
3 3 23.212.211.47 16625 (AKAMAI-AS)
8 95.101.149.233 16625 (AKAMAI-AS)
2 51.77.64.70 16276 (OVH)
6 9 3.71.149.231 16509 (AMAZON-02)
2 216.58.206.42 15169 (GOOGLE)
4 142.250.185.130 15169 (GOOGLE)
20 172.217.18.1 15169 (GOOGLE)
6 172.217.18.100 15169 (GOOGLE)
3 172.217.16.194 15169 (GOOGLE)
2 142.250.186.99 15169 (GOOGLE)
1 142.250.186.174 15169 (GOOGLE)
5 8 69.173.144.138 26667 (RUBICONPR...)
5 142.250.185.131 15169 (GOOGLE)
1 1 18.213.189.173 14618 (AMAZON-AES)
15 42 216.58.206.34 15169 (GOOGLE)
3 3 46.228.174.117 56396 (AMOBEE)
3 4 76.223.111.18 16509 (AMAZON-02)
1 1 202.241.208.52 4694 (IDCF IDC ...)
4 3.77.247.132 16509 (AMAZON-02)
3 3 188.42.105.236 7979 (SERVERS-COM)
2 142.250.186.102 15169 (GOOGLE)
1 151.101.2.217 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
5 12 69.173.144.165 26667 (RUBICONPR...)
1 142.250.185.194 15169 (GOOGLE)
2 6 209.54.182.161 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
2 5 52.95.126.138 16509 (AMAZON-02)
2 3 52.213.189.61 16509 (AMAZON-02)
1 13.32.99.61 16509 (AMAZON-02)
1 23.48.23.53 20940 (AKAMAI-ASN1)
1 1 52.204.19.136 14618 (AMAZON-AES)
2 144.76.91.199 24940 (HETZNER-AS)
2 178.250.1.3 44788 (ASN-CRITE...)
1 4 138.201.63.149 24940 (HETZNER-AS)
1 138.199.36.11 60068 (CDN77 ^_^)
12 138.199.37.229 60068 (CDN77 ^_^)
2 4 35.204.158.49 396982 (GOOGLE-CL...)
4 4 37.157.3.30 198622 (ADFORM)
1 1 54.166.53.84 14618 (AMAZON-AES)
2 2 69.166.1.66 27630 (AS-XFERNET)
2 4 216.52.2.16 32475 (SINGLEHOP...)
1 159.203.145.121 14061 (DIGITALOC...)
1 23.212.218.19 16625 (AKAMAI-AS)
1 23.52.120.27 16625 (AKAMAI-AS)
1 18.66.147.112 16509 (AMAZON-02)
1 23.213.164.226 16625 (AKAMAI-AS)
1 5 34.98.64.218 396982 (GOOGLE-CL...)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 13.32.27.108 16509 (AMAZON-02)
1 1 18.209.26.180 14618 (AMAZON-AES)
1 1 2.16.238.17 20940 (AKAMAI-ASN1)
1 3 185.29.134.248 30419 (MEDIAMATH...)
1 2 69.173.144.139 26667 (RUBICONPR...)
3 3 2.16.241.17 20940 (AKAMAI-ASN1)
1 3 81.17.55.170 60781 (LEASEWEB-...)
3 35.244.174.68 15169 (GOOGLE)
1 3 185.64.190.79 62713 (AS-PUBMATIC)
2 34.242.185.58 16509 (AMAZON-02)
1 2 81.17.55.123 60781 (LEASEWEB-...)
4 23.213.164.238 16625 (AKAMAI-AS)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 34.228.176.115 14618 (AMAZON-AES)
1 1 216.52.2.39 32475 (SINGLEHOP...)
1 1 8.2.110.24 46636 (NATCOWEB)
1 1 193.0.160.130 54312 (ROCKETFUEL)
2 52.210.15.1 16509 (AMAZON-02)
1 52.208.171.144 16509 (AMAZON-02)
2 142.250.181.226 15169 (GOOGLE)
1 216.239.32.3 15169 (GOOGLE)
2 198.47.127.19 3257 (GTT-BACKB...)
1 2 54.76.246.245 16509 (AMAZON-02)
1 178.250.7.11 44788 (ASN-CRITE...)
1 2 151.101.66.49 54113 (FASTLY)
587 102
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
8    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
cdn.ampproject.org
38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
2949c0199b434f97f74158b7d78f440a.safeframe.googlesyndication.com
13    142.250.74.194 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googleadservices.com
4    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
40    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
5    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
3    104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
12    138.199.36.9 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-9.bunnyinfra.net
cdn.unibotscdn.com
2    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
5    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
18    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    139.144.5.218 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-144-5-218.ip.linodeusercontent.com
socket.unibots.in
4    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
4    91.228.74.251 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
12    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com
a.teads.tv
6    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
19    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    213.19.162.21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    18.192.168.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-168-246.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
4    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
2    18.197.47.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
15    63.34.177.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
ads.servenobid.com
23    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-vid-events.taboola.com
am-match.taboola.com
am-wf.taboola.com
14    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
9    54.247.154.185 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-154-185.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
7    3.123.242.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-242-198.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    18.66.97.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-46.fra56.r.cloudfront.net
cdn.socket.io
1    18.66.97.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-31.fra56.r.cloudfront.net
rules.quantcount.com
30    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
3    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
9    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f10.1e100.net
imasdk.googleapis.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
20    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net
tpc.googlesyndication.com
6    172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f100.1e100.net
www.google.com
3    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
www.googletagservices.com
2    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.gstatic.com
1    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
mts0.google.com
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
1    18.213.189.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-189-173.compute-1.amazonaws.com
fksnk.com
42    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
cm.g.doubleclick.net
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    202.241.208.52 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
4    3.77.247.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    188.42.105.236 (Luxembourg)

ASN7979 (SERVERS-COM, US)
sync.gonet-ads.com
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
s0.2mdn.net
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
12    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
partner.googleadservices.com
6    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    52.213.189.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-189-61.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    13.32.99.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-61.fra60.r.cloudfront.net
live.primis.tech
1    23.48.23.53 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-53.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    52.204.19.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-19-136.compute-1.amazonaws.com
sync.ipredictive.com
2    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal9000.redintelligence.net
2    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    138.201.63.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal90009.redintelligence.net
1    138.199.36.11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-11.bunnyinfra.net
unibots.b-cdn.net
12    138.199.37.229 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-229.bunnyinfra.net
stream.unibotscdn.com
4    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    54.166.53.84 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-53-84.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
1    23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com
www.awin1.com
1    23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com
contextual.media.net
1    18.66.147.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-112.fra60.r.cloudfront.net
public.servenobid.com
1    23.213.164.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-226.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    13.32.27.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-108.fra56.r.cloudfront.net
s.ad.smaato.net
1    18.209.26.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-26-180.compute-1.amazonaws.com
google.partners.tremorhub.com
1    2.16.238.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-17.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
3    2.16.241.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-17.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    81.17.55.170 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync-global.smartadserver.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    34.242.185.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    81.17.55.123 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
4    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    34.228.176.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-176-115.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    52.208.171.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-171-144.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pubads.g.doubleclick.net
1    216.239.32.3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    54.76.246.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-246-245.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
Apex Domain
Subdomains		 Transfer
68 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262
trc.taboola.com — Cisco Umbrella Rank: 907
vidstat.taboola.com — Cisco Umbrella Rank: 3587
il-trc-events.taboola.com — Cisco Umbrella Rank: 16209
images.taboola.com — Cisco Umbrella Rank: 1957
imprammp.taboola.com — Cisco Umbrella Rank: 11278
am-vid-events.taboola.com — Cisco Umbrella Rank: 10788
am-match.taboola.com — Cisco Umbrella Rank: 13197
wf.taboola.com — Cisco Umbrella Rank: 3685
vidstatb.taboola.com — Cisco Umbrella Rank: 9042
pips.taboola.com — Cisco Umbrella Rank: 1909
cds.taboola.com — Cisco Umbrella Rank: 2514
am-wf.taboola.com — Cisco Umbrella Rank: 13824
1 MB
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
pubads.g.doubleclick.net — Cisco Umbrella Rank: 359 Failed
451 KB
54 googlesyndication.com
38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
2949c0199b434f97f74158b7d78f440a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
486 KB
37 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3048
pixel-us-east.rubiconproject.com Failed
61 KB
24 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 27342
stream.unibotscdn.com — Cisco Umbrella Rank: 37345
4 MB
23 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
12 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
dsum.casalemedia.com — Cisco Umbrella Rank: 2664
22 KB
18 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
7 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3520
public.servenobid.com — Cisco Umbrella Rank: 7575
10 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
2 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
acdn.adnxs.com — Cisco Umbrella Rank: 960
secure.adnxs.com — Cisco Umbrella Rank: 806
25 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18087
e3.adpushup.com — Cisco Umbrella Rank: 19655
283 KB
11 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
8 KB
11 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
adpushup-d.openx.net — Cisco Umbrella Rank: 32309
us-u.openx.net — Cisco Umbrella Rank: 863
eu-u.openx.net — Cisco Umbrella Rank: 3562
2 KB
9 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 1061
ads.pubmatic.com — Cisco Umbrella Rank: 837
image2.pubmatic.com Failed
image6.pubmatic.com — Cisco Umbrella Rank: 1171 Failed
simage2.pubmatic.com Failed
image4.pubmatic.com Failed
simage4.pubmatic.com Failed
51 KB
9 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1511
x.bidswitch.net — Cisco Umbrella Rank: 614
10 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
125 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
bidder.criteo.com — Cisco Umbrella Rank: 949
dis.criteo.com — Cisco Umbrella Rank: 910 Failed
8 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 11
mts0.google.com — Cisco Umbrella Rank: 6671
55 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 35069
hal90009.redintelligence.net — Cisco Umbrella Rank: 271511
23 KB
6 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7516
csync.smilewanted.com — Cisco Umbrella Rank: 3971
static.smilewanted.com — Cisco Umbrella Rank: 15268
15 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
3 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
imasdk.googleapis.com — Cisco Umbrella Rank: 657
359 KB
5 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2389
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
sync.smartadserver.com Failed
rtb-csync.smartadserver.com Failed
2 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
ce.lijit.com — Cisco Umbrella Rank: 1486
2 KB
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 35724
sync.aralego.com — Cisco Umbrella Rank: 4312
2 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2247
usersync.gumgum.com — Cisco Umbrella Rank: 2735 Failed
rtb.gumgum.com — Cisco Umbrella Rank: 2264
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
cm.adform.net Failed
3 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
2 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876
103 B
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
476 B
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
cms.quantserve.com — Cisco Umbrella Rank: 1260
10 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
395 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
360 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
90 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3579
cs.yellowblue.io — Cisco Umbrella Rank: 4325
2 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1301
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2250
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
www.googleadservices.com — Cisco Umbrella Rank: 178
549 B
3 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 17906
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
172 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
contextual.media.net — Cisco Umbrella Rank: 1062
hbx.media.net Failed
10 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16071
41 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377 Failed
854 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237 Failed
766 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1092
880 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1592
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
60 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
17 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
2 KB
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6135
550 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1774
1 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
594 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 33779
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 19210
c.statcounter.com — Cisco Umbrella Rank: 12701
15 KB
1 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 4973
cs.admanmedia.com Failed
366 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1417 Failed
759 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2785
160 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2902
985 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 27714
631 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2803
173 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16620
702 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 7015
134 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
1 KB
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 39054
1 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1542
493 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 2263
480 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2560
501 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
650 B
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 7313
145 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1516
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
576 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 8734
613 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
633 B
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 44737
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
2 KB
1 unibots.in
socket.unibots.in — Cisco Umbrella Rank: 75443
4 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
16 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 erne.co Failed
green.erne.co Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 de17a.com Failed
d5p.de17a.com Failed
0 ctnsnet.com Failed
ipac.ctnsnet.com Failed
0 opera.com Failed
t.adx.opera.com Failed
0 nrich.ai Failed
dsp.nrich.ai Failed
0 adition.com Failed
dsp.adfarm1.adition.com Failed
0 audrte.com Failed
a.audrte.com Failed
0 weborama.fr Failed
cr.frontend.weborama.fr Failed
0 loopme.me Failed
csync.loopme.me Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 mookie1.com Failed
odr.mookie1.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 avct.cloud Failed
ads.avct.cloud Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 ck-ie.com Failed
us.ck-ie.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 turn.com Failed
ad.turn.com Failed
0 minutemedia-prebid.com Failed
cs-rtb.minutemedia-prebid.com Failed
587 112
Domain Requested by
42 cm.g.doubleclick.net 15 redirects www.bg3.co
38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
onetag-sys.com
adpushup-d.openx.net
g2.gumgum.com
30 pagead2.googlesyndication.com ads.aralego.com
38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
www.googletagservices.com
23 onetag-sys.com 5 redirects cdn.adpushup.com
onetag-sys.com
csync.smilewanted.com
public.servenobid.com
20 tpc.googlesyndication.com 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.bg3.co
pagead2.googlesyndication.com
18 il-trc-events.taboola.com www.bg3.co
cdn.taboola.com
16 cdn.taboola.com www.bg3.co
cdn.taboola.com
15 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
onetag-sys.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
14 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
www.bg3.co
cdn.adpushup.com
onetag-sys.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
14 images.taboola.com www.bg3.co
12 stream.unibotscdn.com vjs.zencdn.net
12 pixel.rubiconproject.com 5 redirects www.bg3.co
onetag-sys.com
12 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
11 securepubads.g.doubleclick.net 1 redirects www.bg3.co
securepubads.g.doubleclick.net
cdn.aralego.net
10 ib.adnxs.com 6 redirects cdn.adpushup.com
acdn.adnxs.com
9 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 ups.analytics.yahoo.com 6 redirects am-match.taboola.com
onetag-sys.com
9 pr-bh.ybp.yahoo.com 2 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
8 token.rubiconproject.com 5 redirects eus.rubiconproject.com
8 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
8 e3.adpushup.com www.bg3.co
7 x.bidswitch.net 3 redirects imprammp.taboola.com
am-match.taboola.com
onetag-sys.com
6 s.amazon-adsystem.com 2 redirects www.bg3.co
onetag-sys.com
ssum-sec.casalemedia.com
6 www.google.com 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
6 rtb.openx.net 2 redirects cdn.adpushup.com
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
ads.pubmatic.com
5 fonts.gstatic.com fonts.googleapis.com
5 htlb.casalemedia.com cdn.adpushup.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
static.criteo.net
gum.criteo.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
4 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
4 ap.lijit.com 2 redirects public.servenobid.com
csync.smilewanted.com
4 c1.adform.net 4 redirects
4 um.simpli.fi 2 redirects ads.pubmatic.com
4 hal90009.redintelligence.net 1 redirects 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
hal90009.redintelligence.net
4 match.sharethrough.com 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
public.servenobid.com
csync.smilewanted.com
cs-server-s2s.yellowblue.io
4 eb2.3lift.com 3 redirects cdn.adpushup.com
4 googleads.g.doubleclick.net 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 prebid.a-mo.net 1 redirects cdn.adpushup.com
4 fonts.googleapis.com cdn.taboola.com
38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
hal90009.redintelligence.net
4 region1.google-analytics.com www.googletagmanager.com
4 trc.taboola.com cdn.taboola.com
www.bg3.co
4 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
cdn.unibotscdn.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 image8.pubmatic.com 1 redirects onetag-sys.com
3 id.rlcdn.com onetag-sys.com
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 ads.stickyadstv.com 3 redirects onetag-sys.com
csync.smilewanted.com
ssum-sec.casalemedia.com
3 sync.mathtag.com 1 redirects onetag-sys.com
3 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
3 match.prod.bidr.io 2 redirects www.bg3.co
3 sync.gonet-ads.com 3 redirects
3 www.googletagservices.com 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
3 secure-assets.rubiconproject.com 3 redirects
3 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
3 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 sync.crwdcntrl.net
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 image6.pubmatic.com ads.pubmatic.com
2 sync-tm.everesttech.net ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
2 usersync.gumgum.com g2.gumgum.com
public.servenobid.com
ads.pubmatic.com
2 secure.adnxs.com 2 redirects
2 us-u.openx.net adpushup-d.openx.net
2 cms.quantserve.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 s.ad.smaato.net 2 redirects
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 sync.go.sonobi.com 2 redirects
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 www.googleadservices.com www.bg3.co
2 hal9000.redintelligence.net 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
hal90009.redintelligence.net
2 s0.2mdn.net www.bg3.co
imasdk.googleapis.com
2 sync.1rx.io 2 redirects
2 www.gstatic.com 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 pro.ip-api.com cdn.unibotscdn.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 am-vid-events.taboola.com www.bg3.co
2 bidder.criteo.com cdn.adpushup.com
2 grid.bidswitch.net cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 prebid.media.net cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 a.teads.tv cdn.adpushup.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
1 dis.criteo.com ads.pubmatic.com
1 csi.gstatic.com imasdk.googleapis.com
1 am-wf.taboola.com vidstat.taboola.com
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 rtb.gumgum.com g2.gumgum.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 eu-u.openx.net adpushup-d.openx.net
1 sync.admanmedia.com 1 redirects
1 p.rfihub.com public.servenobid.com
1 ce.lijit.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 static.smilewanted.com csync.smilewanted.com
1 analytics.pangle-ads.com 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 tr.blismedia.com 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 www.awin1.com 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
1 cs.chocolateplatform.com googleads.g.doubleclick.net
1 sync.srv.stackadapt.com 1 redirects
1 unibots.b-cdn.net cdn.unibotscdn.com
1 sync.ipredictive.com 1 redirects
1 hb.yahoo.net www.bg3.co
1 live.primis.tech www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cds.taboola.com cdn.taboola.com
1 vjs.zencdn.net cdn.unibotscdn.com
1 pips.taboola.com cdn.taboola.com
1 tg.socdm.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 fksnk.com 1 redirects
1 mts0.google.com 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
1 pixel.quantserve.com www.bg3.co
1 2949c0199b434f97f74158b7d78f440a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 vidstatb.taboola.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 cdn.socket.io cdn.unibotscdn.com
1 imprammp.taboola.com vidstat.taboola.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 socket.unibots.in cdn.unibotscdn.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 match.adsby.bidtheatre.com Failed
0 pubmatic-match.dotomi.com Failed
0 pixel-sync.sitescout.com Failed
0 green.erne.co Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 d5p.de17a.com Failed ads.pubmatic.com
0 ipac.ctnsnet.com Failed ads.pubmatic.com
0 t.adx.opera.com Failed ads.pubmatic.com
0 dsp.nrich.ai Failed ads.pubmatic.com
0 dsp.adfarm1.adition.com Failed ads.pubmatic.com
0 image4.pubmatic.com Failed
0 a.audrte.com Failed ads.pubmatic.com
0 cr.frontend.weborama.fr Failed ads.pubmatic.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 pixel-us-east.rubiconproject.com Failed public.servenobid.com
0 csync.loopme.me Failed ssbsync.smartadserver.com
ads.pubmatic.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
ads.pubmatic.com
0 creativecdn.com Failed g2.gumgum.com
0 cs.admanmedia.com Failed g2.gumgum.com
ssbsync.smartadserver.com
0 pm.w55c.net Failed ssum-sec.casalemedia.com
0 odr.mookie1.com Failed ssum-sec.casalemedia.com
0 ad.360yield.com Failed g2.gumgum.com
0 b1sync.zemanta.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 ads.avct.cloud Failed g2.gumgum.com
0 cm.adgrx.com Failed ssum-sec.casalemedia.com
ads.pubmatic.com
0 cm.adform.net Failed csync.smilewanted.com
0 us.ck-ie.com Failed csync.smilewanted.com
0 ads.betweendigital.com Failed csync.smilewanted.com
0 image2.pubmatic.com Failed onetag-sys.com
ads.pubmatic.com
0 sync.smartadserver.com Failed csync.smilewanted.com
0 hbx.media.net Failed public.servenobid.com
0 bh.contextweb.com Failed public.servenobid.com
g2.gumgum.com
0 ad.turn.com Failed public.servenobid.com
csync.smilewanted.com
ssum-sec.casalemedia.com
0 cs-rtb.minutemedia-prebid.com Failed public.servenobid.com
0 static.bg3.co Failed www.bg3.co
587 185
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
cdn.unibotscdn.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
socket.unibots.in
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
cdn.socket.io
Amazon RSA 2048 M01		 2023-02-22 -
2023-12-20		 10 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
*.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2023-04-03 -
2024-04-02		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh

This page contains 96 frames:

Primary Page: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Frame ID: C01F2EE71F267B888B98842BC2F42467
Requests: 225 HTTP requests in this frame

Frame: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 170E4BAE4148F2F52E8C7EE8ADC9E0F5
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&cmcv=&pix=undefined&cb=1696230000409&uv=3343&tms=1696230000409&abt=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=36774f29-c216-4ce1-8ecc-c14324c5dc07&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 30AA3867AA4C54F0C530354DE28D0CFC
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: CE517A94BA3FEE1CC5CD3FE5DF3636C9
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5C9BCB16D7A23A9D9A66A8982FEB0A93
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 94C18A2A4B60E556909852B0A22D5D4A
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 36C894D7E7857794784482B0944C49FB
Requests: 16 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7BF56C998DEFF43BD169896214F59DD1
Requests: 4 HTTP requests in this frame

Frame: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E0E51A8B01E5508018E74D47CB2BC454
Requests: 18 HTTP requests in this frame

Frame: https://2949c0199b434f97f74158b7d78f440a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 470ADC9FBEC7A739FDD73ABDAE32079B
Requests: 1 HTTP requests in this frame

Frame: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9E77B083C3E634436FF958264E5450AF
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNVHUch6M-qf2EwJHZwkXreh2e7lj3y6eP3tAz5gdKoSzelmDBpx6JnlU3SAs1PPwQOv2Pg0wqTItR9dv4p0kmtmIU4rtg
Frame ID: 53F3BB8C29E3B0CD96BB84D1ECAF6AC4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ECE56E2E06BF2C7B9E610F44C212D8C4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: 66A1A0CD3FE8913A8F63976CE9B5FF94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Frame ID: 2DF600F14E6599245E4A2F19DE76F6DB
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D385E761FEECEB177547A2854C1C7E47
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Frame ID: 27FA36B2591BDDE38033C60340FF4315
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77107205AD44425386A83BD2469A175B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A3B64E2AB373EFB71B2DBDF1F76EA3B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4548DE4A9B0781E0C6C8544C933CE62C
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: FEDAD5DA8CF114228CBB3062A84FF071
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 040BC25747ECD829B2B7D908AB434DF1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Frame ID: A24FBD234B19FC1CC1743754F5E2681D
Requests: 1 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=80122400024887204438446012465009&a=6b82cd57
Frame ID: A38D351CEF22E1843343449DB1230670
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D9121C45ADED63A3FC0E1B7A92E500F4
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 9A01EEB34476F872D0D6F4F52B75392B
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 9E029BDD30069B4EBEFFEDF5A48F1628
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 7F7E15763CC6C10CACEB4B4EA665AA18
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1696230000473
Frame ID: 2964DD87E173676F91B6C7B6FF1B545E
Requests: 15 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 97A2ECAD02F6A32768F22662CEF0BCE9
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 015B753C0D5C104010D83055A2B61661
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 62FDE874D54B49B1207789BD14E7C65B
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: F9A139A746B95155826D940404D4FD42
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C6370DF0AC4157B1A370FDD6B0BF61C1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: EE8DD4D47B0605384FA01EC8E5361D1F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78AEBE8B89AC2845CB919451FF77034A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3ABF012EE8C4301784A668ABCBB7327C
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 425F8789E8023F98C94FF5487483E836
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 07A326568101E1173E5C6DF1E23CF58A
Requests: 16 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: E38C86E3DDE0631D40CB7EBE3AEF1BC9
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 58193E7727A86123EC19109DEE9EA73D
Requests: 16 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 76A37787DF7490E4C9CFDAF6BFD9B54F
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 539CCDA678FC60E9BA634C2D815359D1
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: A8D1E1DBDE7B47F2399E95B12E0C2414
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: D3DA8C295F8ACD0C39AF32A497A8613B
Requests: 18 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 89B03DF1C569C46C163BB2A739594C72
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 18FCF9F9361CB08D694D787455C443E6
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: ED786218683DC7B1BC088444CD871695
Requests: 5 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: BB3304074AC92868252AB63DDED76CF6
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
Frame ID: 1DB91ED51EC58DFA6F95E5BC091B31E9
Requests: 1 HTTP requests in this frame

Frame: https://ad.turn.com/r/cs?pid=45&rndcb=1746720314
Frame ID: D1EF1D56F655C914825F2C30EA5DC93D
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Frame ID: A9D15C9599380592D7AB94D31677C22E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 61853D8309939640FF7D184E6C2BC784
Requests: 10 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 110729AE397C5D7EA924675ACBFD96DE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 1BAEDB623C971C8D15AA9B766AA5316F
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
Frame ID: A657E1BDEC1E69F0C29502B944B8B41F
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: B2BD3F1B7E3FCB6CAADCDD49F6EF55FB
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: C5259128AE291E45A090FA1648A82F7B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=1224220665693558984&gdpr=0&gdpr_consent=
Frame ID: AE6A0FAD149D0C91BB4452B47093351D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 1DE28FDA80FF13F01D3ACF2CB3D13106
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81ODFmNWY4ZC1lOTA4LTQ4MGUtYTEwYy0yZDg2NTRmNzNiZTQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: AB0746DFA2B4138E10561DE77AA8A465
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 33C97A0CBE2A2EEAC77B6959EEC6A1DD
Requests: 13 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 3749D1A579B6EE97D3B5250C07D9EAA6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZRpqc8Co5r8AAFC5ubMAAAAA
Frame ID: 573E20568A0AC0AB780DFB80B2FE3750
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_581f5f8d-e908-480e-a10c-2d8654f73be4&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: DB88BF100532818C82BFE57B25220D9F
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 25992C2173D73CDA0D29F466F4E17C67
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 0C59891E1BB308DB8E5041F088319668
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: AFC93230017CD4ECA7355DDFA07DE074
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D9A60089CD8B1653EF2768F511AA3385
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4165A95C-45C6-40C1-9B5C-CCB105D8923B&redir=true&gdpr=0&gdpr_consent=
Frame ID: 9D1E7679485722353D7A666EDC5A340B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=313197623763080317&gdpr=0&gdpr_consent=
Frame ID: 7F5FBBE4C6F9987BE7330ED74CB4D98E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=elC-qnoEuPphXLn6fQCi-nhXuvJhXO77dFdVSRls
Frame ID: 5B2DFBE89829DC385636F9781ECD473F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Frame ID: 9AC533BA9EC4BBCA64B592D96492796B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 56713EBD9B145B8FAB0209554E5A68E3
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4165A95C-45C6-40C1-9B5C-CCB105D8923B&redir=true&gdpr=0&gdpr_consent=
Frame ID: 8098B92CE93EC38C4C1FF9F889C99FE1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=313197623763080317&gdpr=0&gdpr_consent=
Frame ID: C8F6FF13A374AE229544CC4225EF5D1C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=elC-qnoEuPphXLn6fQCi-nhXuvJhXO77dFdVSRls
Frame ID: B67C11C4F42A20742BB6D1FB93A2686D
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Frame ID: BA323BB68CF619EAF862FF915FA0E443
Requests: 1 HTTP requests in this frame

Frame: https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 692E91BF42E0E945F118AB136672459C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Twqw2BrIVCxjOdiqBQbarFTjfeQ&gdpr=0&gdpr_consent=
Frame ID: BCFCF7DFC8426D39B9717A5DBD68AFFC
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRpqeQARh6EfOQA4
Frame ID: 7765A473E5B4EEDBFE4CEC909DEFA032
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: D77CDA426AD2E8EB74AC7055B9178A25
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partneruserid=AAHiKk7KNNUAABjogNULsQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0
Frame ID: 965E92E70436840173C2403400C61C13
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 11840D8BD26AE41C6FB3071F61D37353
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: ABDB5CFE557F2202968EB3D2AFFF792B
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: B136AFD41F8242630238FD76BEFEB0C4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528015049405
Frame ID: 916E2E83D4FC377EDB0384AE86A3D9A6
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 6DE00688A45BABA69AA21AC7185F30EB
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 8B8D98A5DDE50E19FFB39E35CA4D1024
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: BB3984F709B25B8C879DB1DCB84B5C4E
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 34A957C96F1C95D6C08EEFA3774A8CF6
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: A138BFF7F28B81F02DF7169B2AFFA884
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Frame ID: 617DC1CF6DD60F2CE81C6806C61462C8
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Frame ID: 4F0A41E68ACB950ECE5360C05A291C70
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F41D1BAEC9A8C960C47C9D8E711C20F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F0A5FEC525C067053519DCBCE54C191
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MLB/若簽下達比修有 遊騎兵考慮不補菲爾德 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

587
Requests

66 %
HTTPS

0 %
IPv6

112
Domains

185
Subdomains

102
IPs

12
Countries

8090 kB
Transfer

17167 kB
Size

115
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 167
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 228
  • https://fksnk.com/cs/google?google_gid=CAESEBDmkAmX4mPVB0-hWf6bWy8&google_cver=1&google_push=AXcoOmRmU9_FZFS6jzkmF03v1UXK2vnR-0G-b1qpIG5V18UEJ-6fBjy34ZaKa2vW-DXMHlN5PnU6ADBBuY69ndMg3icOWcvircrAvQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OThCQTAzQjU2MDY1MzhFOQ==
Request Chain 229
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENWg0sPrEzJjrYMd-C1BQZE&google_cver=1&google_push=AXcoOmQKJUlYVv_JAfrYwKXQ5EQWIyp_rsmrgbdhhs0fL8c3Eraz3eJtFcRDaSWWDZxoj1l8yNSysQGdLsPyh51w5kP9Z1ZsxE6fuQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQKJUlYVv_JAfrYwKXQ5EQWIyp_rsmrgbdhhs0fL8c3Eraz3eJtFcRDaSWWDZxoj1l8yNSysQGdLsPyh51w5kP9Z1ZsxE6fuQ&google_hm=eS1vTVJsbzJSRTJwR0czcDJ5aVVFeGg1ZTd5QVdBRFZUTn5B
Request Chain 230
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDziEfAN1yz4fKwt_8NRl_4&google_cver=1&google_push=AXcoOmTMt6Oyj7iSM5VGF9yzRgUejji6lbPpa9_Op-pK3M0bfqEE79Dw7lXB6UAnu94dGoGrlXI5mwqrx1avbsuVRDjOaIMq-R_K3w HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTMt6Oyj7iSM5VGF9yzRgUejji6lbPpa9_Op-pK3M0bfqEE79Dw7lXB6UAnu94dGoGrlXI5mwqrx1avbsuVRDjOaIMq-R_K3w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1696230002327 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7d4ae2d3-1998-42b9-b449-d490f15c7427-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTMt6Oyj7iSM5VGF9yzRgUejji6lbPpa9_Op-pK3M0bfqEE79Dw7lXB6UAnu94dGoGrlXI5mwqrx1avbsuVRDjOaIMq-R_K3w%26google_hm%3DA31K4tMZmEK5tEnUkPFcdCc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTMt6Oyj7iSM5VGF9yzRgUejji6lbPpa9_Op-pK3M0bfqEE79Dw7lXB6UAnu94dGoGrlXI5mwqrx1avbsuVRDjOaIMq-R_K3w&google_hm=A31K4tMZmEK5tEnUkPFcdCc
Request Chain 231
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPFW9CE0VCwvL60yUlYoM9c&google_cver=1&google_push=AXcoOmSUYogSMLLxI-VXhlI9QrgMuX8tTLNcdKjHweREyj9_jM8YBRmy389i1v5fqszTVv0wXhn3tqiF5OgwUnimBwlMD6v3A5dIew HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSUYogSMLLxI-VXhlI9QrgMuX8tTLNcdKjHweREyj9_jM8YBRmy389i1v5fqszTVv0wXhn3tqiF5OgwUnimBwlMD6v3A5dIew&google_gid=CAESEPFW9CE0VCwvL60yUlYoM9c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyNDMwODA3NTA4ODg2Mzc1NDAxNA%3D%3D&google_push=AXcoOmSUYogSMLLxI-VXhlI9QrgMuX8tTLNcdKjHweREyj9_jM8YBRmy389i1v5fqszTVv0wXhn3tqiF5OgwUnimBwlMD6v3A5dIew
Request Chain 232
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECCRjeGgE3U2x2jmvj5OG9E&google_cver=1&google_push=AXcoOmQYAZj_DTEwbyDvw6pOBNzC4XUaL13BFeQvpGextp-RUm7lyDg-YIx1licggtBayiLFhCY1isuim10upu0cyBZwKVCjFqpADw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQYAZj_DTEwbyDvw6pOBNzC4XUaL13BFeQvpGextp-RUm7lyDg-YIx1licggtBayiLFhCY1isuim10upu0cyBZwKVCjFqpADw&google_hm=WlJwcWM4Q281cjhBQUZDNXViTUFBQUFB
Request Chain 234
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEBnKXlAmUUrpSr0U2bNTfrQ&google_cver=1&google_push=AXcoOmT9am-cPVgmrF-_ZimAxno8Lc4Raa5nwbUTYareq1bLy6QjHYJgG1qKWFzcss9EINP8PhEuePK0s_fXf2Ku58OtNJi9eCZFny0 HTTP 302
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEBnKXlAmUUrpSr0U2bNTfrQ&google_cver=1&google_push=AXcoOmT9am-cPVgmrF-_ZimAxno8Lc4Raa5nwbUTYareq1bLy6QjHYJgG1qKWFzcss9EINP8PhEuePK0s_fXf2Ku58OtNJi9eCZFny0&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NzJhNWZmOGZlNjVjNGNhNA&google_push=AXcoOmT9am-cPVgmrF-_ZimAxno8Lc4Raa5nwbUTYareq1bLy6QjHYJgG1qKWFzcss9EINP8PhEuePK0s_fXf2Ku58OtNJi9eCZFny0 HTTP 302
  • https://sync.gonet-ads.com/match/google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NzJhNWZmOGZlNjVjNGNhNA&google_push= HTTP 302
  • https://s0.2mdn.net/dot.gif?google_error=5
Request Chain 242
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LN8JJP2C-I-DSRO HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LN8JJP2C-I-DSRO HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1&C=1
Request Chain 247
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRpqciJIlSG43JjPQKHxEAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1
Request Chain 249
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE44SkpQMkMtSS1EU1JP HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPlPrZdkZxDgVEPN5sW7ma8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE44SkpQMkMtSS1EU1JP&google_push=
Request Chain 250
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/I2SZ44WrpqRJ7tvemPiAJw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cOs52E1E2oIPSTWy.U4gQRbbji6ZtFit9NuMuA--~A
Request Chain 251
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eBgklbmnQMaJwwK3ntzYMA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eBgklbmnQMaJwwK3ntzYMA
Request Chain 252
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN8JJP2C-I-DSRO
Request Chain 253
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzFjMWQ2ZWYxZGI4NDljYzQ1OGIzY2I0ZWI3ZGJmZTEzZDQ0N2IxMg
Request Chain 254
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1jxB1DiSTUOm-L9PniaYSA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1jxB1DiSTUOm-L9PniaYSA
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENurYu4GDqQiRpBRogr4sKU&google_cver=1
Request Chain 256
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHiKk7KNNUAABjogNULsQ&expires=30
Request Chain 257
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN8JJP2C-I-DSRO
Request Chain 258
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN8JJP2C-I-DSRO&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LN8JJP2C-I-DSRO&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1lZnZVTUNwRTJ1R1FKTXpCT2tGTWZHVE5KdW1CTmRJNX5B&ovsid=LN8JJP2C-I-DSRO&dpid=58160
Request Chain 259
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=78a92d03-eaeb-4451-b729-925419b6a25e&expires=30
Request Chain 265
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CROtXcWoaZZmdBZHugAfVv7zYDLHB28tywuzBkuQQypPA_OsCEAEguoTAM2D1hYCAiASgAb_tkOYByAEJqQJ7AHMyalSyPuACAKgDAcgDywSqBIEDT9AZKITqCNZv0ml8xJQABZe4xA74NErPTCVbcn6DS9pk6UIGrR8NMoOMoXsBV5X_j5gt_4yYNZVejOrkKZi4tGj58nX6zdz1QgL733xluOzhYvwFLS0JKOJBeiKChrx1mVMmeL8Zz9GZ_3b0ybDtkKFiOd2YjmLI9k82J1fP8ZXxMFVV-ejDR-iFaBJTZz9lYxRe8vOpDa3E3KsQyZ4OiGZieR_xPUtm_trreIF-A6TMtGfyerZCNOt1fOlpkyx9nXMKLKdQUmU1Q0Qzd9IrSNIwZo4WbQJgNMSCaNbPD1k7_ib7zDI92u7IXSSNdvw1Dgpy82-uCSzXYPsv8JUZBHqlMGvMahTOW5ErHnwRuorScBSrxiMUm55dShekgVrByN2CLosT-AsA8CevnWaBoATdaj_sYJxCfwMN8PFwWwGsuNfkGUn__AJJ5SqHqpChQ1raPjk4PZDwSb0lUSq97YjEC7rLoILDiarsC17eUQASoq82ff-34yjTYEozyOq4U8AEhbGCh5cD4AQBiAXk1_r7KpIFBAgEGAGSBQQIBRgEoAYugAepku-ZAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIHyGNIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwmgkYaHR0cHM6Ly93d3cuaGFpcmxpZmUuY2gvgAoDyAsB2gwQCgoQkPHRq5GJmL9bEgIBA-INEwjs-a6V5daBAxURN-AKHdUfD8u4E4gE2BMK0BUBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=ZKdhDe0sNqo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNoQdxVmifqqslnbQR7Y5W10dx3Da_N04KOkkESyr2dFq-PPOAk9jMEIxLzA1Q17z6Lc2t16QBUxgB&template_id=520&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcfb4945a74073d470000000000000000%22,%222%22:%220x77a416c6fabbd43a0000000000000000%22,%223%22:%220x4182af7f12f6dd020000000000000000%22,%224%22:%220x131c709ed9cbe2590000000000000000%22,%225%22:%220x1e4a3282ac9862f40000000000000000%22},%22debug_key%22:%2216275437844221044747%22,%22debug_reporting%22:true,%22destination%22:%22https://hairlife.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22482621119%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211382195870648953233%22}&andc=true
Request Chain 272
  • https://hal90009.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=68f084efc9&subid=&uid=69eaddd144a7ed06&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCprjYcWoaZevJBoTTgAek1JewB5HB0Jtp2--DktwP8C4QASC6hMAzYPWFgICIBMgBCakC5k5SORi9sT6oAwHIA5sEqgSWAk_QPn7ozUzHrrmm6rMEJNV5a-rKn5hx2rBAUrX_UXbBge4b9cvvCuIkCA_2Jrl4sMYlug3AHGBjmSkLRB_kJZYn8uCxbE7j_jvNlZel0R4IhbLRDi0ceZRI4aLz32KQfHrVv0cN3wsQjAH9e9hkVADH-RW40_0Ejxdd8h1xSrjaBQtLnkGLnbIlcwTpA7PaSb2VrPIBAjbxLHfFTawAuxZRKaWzjF-MMkpwRTPSiPAC33QukEkGr0pjRonatf3kr6tHYlEuPRw-UqzttlmdrX5z_2doaU7M5yanxXjvAzJPn9UJzjAA6A86s4Yjp-7qq8HKWL0_Zk5mUQ-4Y9a84XJipNN5mOpA-cjKXkDjP-MllhKXi3e4wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCMmksJXl1oEDFYQp4AodJOoFdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIq8axleXWgQMVhCngCh0k6gV2EAEYASAAEgJWo_D_BwE%26num%3D1%26cid%3DCAQSPADICaaNgLDcwc617zZ-U_aeaePv7KJaadj_PKnnuP4kH1FS5cEdLeSDTRNJMS0NCBxO-UalBjh5N_yyjhgB%26sig%3DAOD64_3Ri6E_DwUfyTFmDVzrK097VnHVAQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Bnvo2TuflDCGqZPCeh7RZMvpXW0mQwUWLjg1YiqwrbrvMDtl_k1sF5wTOuKw5a-c-Qt9WqUnsXZXSkSmWeSNjT1AC85pzmTWVEPsnBhf9aO6XIjv_rwR_-KAE6uTln9nEVHbAEtT4pKthZrgrHdKkMkN0CjNgWwH5_aI6W-yWTcGvW8hE%26cry%3D1%26dbm_d%3DAKAmf-Aq6OqrHHX3hhaPTVfbMbwBlVbh-S38yHD7CmkEOoG7WKOgowFnJW1rllsu6TdCQMUiY7SzfHWv3_delBvrQLvk9MyrMIEUW9A1Ep8jx3Oz5OXfX0db57wjxkSDeSkoOaSS23cVSPR1gLb6cieHZrMgAvJLecpDDEkBj2qdsPQkzkj18H4JqTZ-4_iesev6jdfwTVwV3-8j4AnfN7oUhlAIQ4Y524A-DEobvXde411Po4ffFrfviPClCTHmQEYRBvMhX3p8P4avH9xSjw-MQlxYZtmdDnkxTCC3PPEuS376uTy8tR9_0CTTBoYngxseq1bH7OdEKkbviqVzcSDnwJC-a0Xa9hxP2rVMNhfxbqN4RvTHbIXLzSbKXZfKEYaFf8_RIDIc72zS0Bzz3wgUacB0ycboVWX7lsFPwDxIyBfV6OoUJ0gnxhfaCw2u8G7Ck0CC7tpIyrZODYIYjTZc8-8iCdE3tSDHwMz0hGv4tx43cXDl7L3CZTfakrSWrlfhZU5FBrWzqA0KsGuggIH5JMd-sFQIHyoDLMigVqLjmMQCKbiH0XD3Ta9DHr4KwShcVeEeZ7rfwIqLhVx9iLpaMACZUShEsV4O04aUOjCjmLk24TcN3g6vgwTVc14mUzGPSUMVaYFI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9008680055861&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90009.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=68f084efc9&subid=&uid=69eaddd144a7ed06&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCprjYcWoaZevJBoTTgAek1JewB5HB0Jtp2--DktwP8C4QASC6hMAzYPWFgICIBMgBCakC5k5SORi9sT6oAwHIA5sEqgSWAk_QPn7ozUzHrrmm6rMEJNV5a-rKn5hx2rBAUrX_UXbBge4b9cvvCuIkCA_2Jrl4sMYlug3AHGBjmSkLRB_kJZYn8uCxbE7j_jvNlZel0R4IhbLRDi0ceZRI4aLz32KQfHrVv0cN3wsQjAH9e9hkVADH-RW40_0Ejxdd8h1xSrjaBQtLnkGLnbIlcwTpA7PaSb2VrPIBAjbxLHfFTawAuxZRKaWzjF-MMkpwRTPSiPAC33QukEkGr0pjRonatf3kr6tHYlEuPRw-UqzttlmdrX5z_2doaU7M5yanxXjvAzJPn9UJzjAA6A86s4Yjp-7qq8HKWL0_Zk5mUQ-4Y9a84XJipNN5mOpA-cjKXkDjP-MllhKXi3e4wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCMmksJXl1oEDFYQp4AodJOoFdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIq8axleXWgQMVhCngCh0k6gV2EAEYASAAEgJWo_D_BwE%26num%3D1%26cid%3DCAQSPADICaaNgLDcwc617zZ-U_aeaePv7KJaadj_PKnnuP4kH1FS5cEdLeSDTRNJMS0NCBxO-UalBjh5N_yyjhgB%26sig%3DAOD64_3Ri6E_DwUfyTFmDVzrK097VnHVAQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Bnvo2TuflDCGqZPCeh7RZMvpXW0mQwUWLjg1YiqwrbrvMDtl_k1sF5wTOuKw5a-c-Qt9WqUnsXZXSkSmWeSNjT1AC85pzmTWVEPsnBhf9aO6XIjv_rwR_-KAE6uTln9nEVHbAEtT4pKthZrgrHdKkMkN0CjNgWwH5_aI6W-yWTcGvW8hE%26cry%3D1%26dbm_d%3DAKAmf-Aq6OqrHHX3hhaPTVfbMbwBlVbh-S38yHD7CmkEOoG7WKOgowFnJW1rllsu6TdCQMUiY7SzfHWv3_delBvrQLvk9MyrMIEUW9A1Ep8jx3Oz5OXfX0db57wjxkSDeSkoOaSS23cVSPR1gLb6cieHZrMgAvJLecpDDEkBj2qdsPQkzkj18H4JqTZ-4_iesev6jdfwTVwV3-8j4AnfN7oUhlAIQ4Y524A-DEobvXde411Po4ffFrfviPClCTHmQEYRBvMhX3p8P4avH9xSjw-MQlxYZtmdDnkxTCC3PPEuS376uTy8tR9_0CTTBoYngxseq1bH7OdEKkbviqVzcSDnwJC-a0Xa9hxP2rVMNhfxbqN4RvTHbIXLzSbKXZfKEYaFf8_RIDIc72zS0Bzz3wgUacB0ycboVWX7lsFPwDxIyBfV6OoUJ0gnxhfaCw2u8G7Ck0CC7tpIyrZODYIYjTZc8-8iCdE3tSDHwMz0hGv4tx43cXDl7L3CZTfakrSWrlfhZU5FBrWzqA0KsGuggIH5JMd-sFQIHyoDLMigVqLjmMQCKbiH0XD3Ta9DHr4KwShcVeEeZ7rfwIqLhVx9iLpaMACZUShEsV4O04aUOjCjmLk24TcN3g6vgwTVc14mUzGPSUMVaYFI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9008680055861&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 312
  • https://um.simpli.fi/gp_match?google_gid=CAESEMsEUr8NQEGYytNVzz9f_R8&google_cver=1&google_push=AXcoOmSEkdjiXLNd1x4XsofMY4_vCEwqtvdwJQO2KG_YDYNbIMGs2jBaH104vNS-XZaaQCoDUlztnUnQ7GIuW64GqNvwnbl1m7QNt_TWkadBUCjPLuY5PdSPYRF__I2mri1xayL88K4YvWT_PaJyUrCvNTqP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F6539E88F114227908F3039A3DE673C&google_push=AXcoOmSEkdjiXLNd1x4XsofMY4_vCEwqtvdwJQO2KG_YDYNbIMGs2jBaH104vNS-XZaaQCoDUlztnUnQ7GIuW64GqNvwnbl1m7QNt_TWkadBUCjPLuY5PdSPYRF__I2mri1xayL88K4YvWT_PaJyUrCvNTqP
Request Chain 313
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEJinldPaMEe3vu26PJdAlc&google_cver=1&google_push=AXcoOmQzxZKId-vxQtPO8U3bQOhPTkSvVYvBFX9wCrFTnNrIo48-Uou_1FY4pwmC2KTeNERwbN2w3YIwjlz8LbbIJqbEyHvqLPz84MMXh5S9Ej6LDPtjpz5dzObK1stcMEIhK6dLojVKb_0clw27qOEjZAE HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEJinldPaMEe3vu26PJdAlc&google_cver=1&google_push=AXcoOmQzxZKId-vxQtPO8U3bQOhPTkSvVYvBFX9wCrFTnNrIo48-Uou_1FY4pwmC2KTeNERwbN2w3YIwjlz8LbbIJqbEyHvqLPz84MMXh5S9Ej6LDPtjpz5dzObK1stcMEIhK6dLojVKb_0clw27qOEjZAE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIyNDIyMDY2NTY5MzU1ODk4NA&google_push=AXcoOmQzxZKId-vxQtPO8U3bQOhPTkSvVYvBFX9wCrFTnNrIo48-Uou_1FY4pwmC2KTeNERwbN2w3YIwjlz8LbbIJqbEyHvqLPz84MMXh5S9Ej6LDPtjpz5dzObK1stcMEIhK6dLojVKb_0clw27qOEjZAE
Request Chain 314
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOevsu4HZiFHOXBTgW_TP9Y&google_cver=1&google_push=AXcoOmTD3v_oYEJjRw3M9nKgyobwSzwYhzdnqEeuBl0kayFnUcbpUENVt4SOC5GwAUp3yGC86Ed_4gH1aNt5FUP5_QM_76F3KcOMiD6kOpNYTdv12BioJbqQq-zhfmD1gsIFt-7F-B5h9lTv5BLCm2vSFZNw HTTP 302
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEOevsu4HZiFHOXBTgW_TP9Y&google_push=AXcoOmTD3v_oYEJjRw3M9nKgyobwSzwYhzdnqEeuBl0kayFnUcbpUENVt4SOC5GwAUp3yGC86Ed_4gH1aNt5FUP5_QM_76F3KcOMiD6kOpNYTdv12BioJbqQq-zhfmD1gsIFt-7F-B5h9lTv5BLCm2vSFZNw&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTD3v_oYEJjRw3M9nKgyobwSzwYhzdnqEeuBl0kayFnUcbpUENVt4SOC5GwAUp3yGC86Ed_4gH1aNt5FUP5_QM_76F3KcOMiD6kOpNYTdv12BioJbqQq-zhfmD1gsIFt-7F-B5h9lTv5BLCm2vSFZNw&google_hm=NMcKUPpQwb8TiVgb8wuDiw==
Request Chain 315
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEFNDJwtjpwoCHxZTv3F_6tk&google_cver=1&google_push=AXcoOmRuKEe-Nk8DrfFK0TWAzKtYtnnlWFeVkmt5RXLQr3C_agQg9aol3y3pSgLwpPcHrI46RHWihlz7YZbcnY7rY-_INprAuEux9T3b8obnZzS4Jh1TbORLRjRcuIX87n7JzrQN-KLL4Ne1BJEsSVMSMrw5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Twqw2BrIVCxjOdiqBQbarFTjfeQ&google_push=AXcoOmRuKEe-Nk8DrfFK0TWAzKtYtnnlWFeVkmt5RXLQr3C_agQg9aol3y3pSgLwpPcHrI46RHWihlz7YZbcnY7rY-_INprAuEux9T3b8obnZzS4Jh1TbORLRjRcuIX87n7JzrQN-KLL4Ne1BJEsSVMSMrw5
Request Chain 316
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT-jyb35Unfx4zdEBa-tfhpJf2FxuNRnz11eJ9g5QHyq-Kb9eQks0J1eLqt3zuomwZBIBMKH9903FtLacA8epKNxtexAD4dd75q4ic-qQhkPfoYa25KMNp3jqsjJTZDhvb5xldVASNzydF3uSKJ3hXW%26google_hm%3D%5BUID%5D&google_gid=CAESEMb2ZTqItL5lGKEV0cI_eaw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT-jyb35Unfx4zdEBa-tfhpJf2FxuNRnz11eJ9g5QHyq-Kb9eQks0J1eLqt3zuomwZBIBMKH9903FtLacA8epKNxtexAD4dd75q4ic-qQhkPfoYa25KMNp3jqsjJTZDhvb5xldVASNzydF3uSKJ3hXW&google_hm=fbd5152e-b767-47aa-a081-f4d6ab69df4c
Request Chain 317
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMZbK4hYI6zFPMluBq_7eZA&google_cver=1&google_push=AXcoOmQyLEGYkT-7am4SLWYfCL7X6YXKt3Smt2JsI_qVKfMUHJgEiVrt7TIiqi9_k8hAGapE5XJ85Q5dGogDs0cVhljN6EN8OXUkx_SPGaOdPcBCcislifHzjkn3KRpwX-xUYhXGrLT9euWw9kHpu6gEuKA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMZbK4hYI6zFPMluBq_7eZA&google_cver=1&google_push=AXcoOmQyLEGYkT-7am4SLWYfCL7X6YXKt3Smt2JsI_qVKfMUHJgEiVrt7TIiqi9_k8hAGapE5XJ85Q5dGogDs0cVhljN6EN8OXUkx_SPGaOdPcBCcislifHzjkn3KRpwX-xUYhXGrLT9euWw9kHpu6gEuKA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQyLEGYkT-7am4SLWYfCL7X6YXKt3Smt2JsI_qVKfMUHJgEiVrt7TIiqi9_k8hAGapE5XJ85Q5dGogDs0cVhljN6EN8OXUkx_SPGaOdPcBCcislifHzjkn3KRpwX-xUYhXGrLT9euWw9kHpu6gEuKA&google_hm=HatkrGZH4suyw0QsRTOF9U3R
Request Chain 339
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 342
  • https://um.simpli.fi/gp_match?google_gid=CAESEB_ldi-_BcU7gy_1dq0U6QQ&google_cver=1&google_push=AXcoOmSpCKB8DRrvAq9QdksmL71YyEwHiv67xWmoBzIBANcrrg0KriS-GaIg2EOmXQKHOyDyEHeYd2aUmvBD9eIDnLEKmhTL9s2DVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F6539E88F114227908F3039A3DE673C&google_push=AXcoOmSpCKB8DRrvAq9QdksmL71YyEwHiv67xWmoBzIBANcrrg0KriS-GaIg2EOmXQKHOyDyEHeYd2aUmvBD9eIDnLEKmhTL9s2DVg
Request Chain 344
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMU-bInfzZH--WSru8V2mCs&google_cver=1&google_push=AXcoOmTgKwvxFx_yDYrhlDgMPk1b0zyEFic4RzT1AaC0r5Z1pR144TxdtF9XyfZPOP_tQV7aPwzwnrmP09QxBMVNZAPL8E2EATcomA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMU-bInfzZH--WSru8V2mCs&google_hm=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&google_nid=index&google_push=AXcoOmTgKwvxFx_yDYrhlDgMPk1b0zyEFic4RzT1AaC0r5Z1pR144TxdtF9XyfZPOP_tQV7aPwzwnrmP09QxBMVNZAPL8E2EATcomA
Request Chain 345
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMmJzLOiQYIK1t1Ry8xXKgQ&google_cver=1&google_push=AXcoOmR138pJARlEj9hKJQrB8ZgfT10_grySQyO3KGbgPqQMteEZJwAkyxP8swoL-2Q1AOud8-xCYhWg4EEWcjhYjJbNqWLRLArpeg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=0410253733&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/verve?gdpr=0&gdpr_consent=,
Request Chain 346
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEJ18ey7BIK9K303F5uIsr_4&google_cver=1&google_push=AXcoOmR3YqtJwx42YR8GXfcEY5n5MJZvr0GqBTlSp4FRc5vCNg5KI2nxS7ggPqpwnXE1IsK_RNSpO-Xr1NNKTrFHmWSH1dGlvHZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZjJkZmNmY2Q4MzE3NDdkYWJhMjE5ZDZjM2FiYTBhZjI%3D&UIDF=CAESEJ18ey7BIK9K303F5uIsr_4&google_cver=1&google_push=AXcoOmR3YqtJwx42YR8GXfcEY5n5MJZvr0GqBTlSp4FRc5vCNg5KI2nxS7ggPqpwnXE1IsK_RNSpO-Xr1NNKTrFHmWSH1dGlvHZg
Request Chain 347
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENKTYR2XDHUvu57oJ_WdnEA&google_cver=1&google_push=AXcoOmTn-uHRGGuYMAan5aAijuM6IuIm77qFen14rU35mWJ0oLRzdhFKyqnoldJkitljzniZLRQr2yhr2wAWEQ8MMRiXRv6zV77- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyNDMwODA3NTA4ODg2Mzc1NDAxNA%3D%3D&google_push=AXcoOmTn-uHRGGuYMAan5aAijuM6IuIm77qFen14rU35mWJ0oLRzdhFKyqnoldJkitljzniZLRQr2yhr2wAWEQ8MMRiXRv6zV77-
Request Chain 348
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEGkXgOK9latRojFRKQKPavE&google_cver=1&google_push=AXcoOmQbp_Q0RL7DDbeX-mt78BHROqSO0Nb-X1a_2O5pIWegkOtaVnD3LZCEjosMthA0bQJ5clvoqir2kS2y2FqUB7fmuHvgREA4vhw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQbp_Q0RL7DDbeX-mt78BHROqSO0Nb-X1a_2O5pIWegkOtaVnD3LZCEjosMthA0bQJ5clvoqir2kS2y2FqUB7fmuHvgREA4vhw
Request Chain 354
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=313197623763080317
Request Chain 355
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=b3be3605ed27995980c5224ba727b8&gdpr_consent=&gdpr=1
Request Chain 357
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v1jszCPHGHsutiMegYN4VxJ_nf1wPkw
Request Chain 360
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
Request Chain 384
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 389
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=313197623763080317
Request Chain 390
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HatkrGZH4suyw0QsRTOF9U3R
Request Chain 392
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5756531302
Request Chain 394
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=fbd5152e-b767-47aa-a081-f4d6ab69df4c
Request Chain 395
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 396
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
Request Chain 397
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hOGMxNzc2Zi04YTNkLTNmNjktOGY3Mi1hNzMzNDhlNTAxYWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hOGMxNzc2Zi04YTNkLTNmNjktOGY3Mi1hNzMzNDhlNTAxYWEyAh0fOAE=%26gdpr%3D%26gdpr_consent%3D
Request Chain 398
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
Request Chain 401
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=bedd2c67-8c85-4902-9a50-e4442a496de1
Request Chain 404
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
Request Chain 405
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1746720314
Request Chain 406
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v2D505CxYf4-LBrYjfFItWzzQeDX0ew
Request Chain 409
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LN8JJP2C-I-DSRO&gdpr=0
Request Chain 410
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=313197623763080317
Request Chain 413
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=891261007834113212
Request Chain 414
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vsk8uOMCs3v9DG_g6GiCSa7JYjmgrT017YSDOzpGJ10
Request Chain 415
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDE2NUE5NUMtNDVDNi00MEMxLTlCNUMtQ0NCMTA1RDg5MjNC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
Request Chain 417
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
Request Chain 419
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&google_hm=M2IwMjJiNzktNjEyNS00ZWQzLWExYTMtZDJmMTg1YWQwMWQ1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDk2L5ZEFqedhOwVWdbu6CY&google_cver=1&ssp=onetag&bsw_param=3b022b79-6125-4ed3-a1a3-d2f185ad01d5 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&gdpr=&gdpr_consent=&us_privacy=
Request Chain 421
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=efca651a-6a75-4700-8fc8-c6318ced3a17&gdpr=1&gdpr_consent=
Request Chain 423
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=a6d8a1bd2f60411b57be4633f730ac22&gdpr_consent=&gdpr=1
Request Chain 425
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v2D4RnT07GsOFGwPpJh7lcexDurWUUg
Request Chain 428
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vsk8uOMCs3v9DG_g6GiCSa7JYjmgrT017YSDOzpGJ10
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
Request Chain 432
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=313197623763080317
Request Chain 437
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Vkmnm1YdoctNRaDLURm7y1ROo8NNRffKWE5xICGD
Request Chain 438
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1224220665693558984
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMZe5_JBTgHcuurVIT_cGpA&google_cver=1
Request Chain 450
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELhuLTqfGMCl5K-d4HauiEk&google_cver=1
Request Chain 452
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=313197623763080317
Request Chain 453
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=313197623763080317
Request Chain 454
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329528015049405
Request Chain 462
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=313197623763080317
Request Chain 463
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_581f5f8d-e908-480e-a10c-2d8654f73be4&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
Request Chain 465
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=38bc9adf-153c-053e-3130-9dad90cdf332
Request Chain 466
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4f0ab0d8-1ac8-542c-6339-d8aa0506daac$ip$84.227.125.228
Request Chain 467
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-wEnQDtFE2pfE9OfT2vnk6FuYqiJ5BcdGSplk~A
Request Chain 468
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=78a92d03-eaeb-4451-b729-925419b6a25e
Request Chain 473
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=891261007834113212
Request Chain 478
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZRpqck875hq32KDU7nQuNwAAFAoAAAIB
Request Chain 479
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&ssp=index&gdpr=&gdpr_consent=
Request Chain 481
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=La3I9y35zqc2oc-nKv3Upy-qzK82oZimI6oDkHBy
Request Chain 482
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=313197623763080317
Request Chain 484
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=1224220665693558984&gdpr=0&gdpr_consent=
Request Chain 489
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZRpqc8Co5r8AAFC5ubMAAAAA
Request Chain 492
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 495
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=0410253733
Request Chain 503
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=a6d8a1bd2f60411b57be4633f730ac22&gdpr_consent=&gdpr=0
Request Chain 504
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Request Chain 511
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LN8JJP2C-I-DSRO HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LN8JJP2C-I-DSRO
Request Chain 533
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=313197623763080317&gdpr=0&gdpr_consent=
Request Chain 534
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=elC-qnoEuPphXLn6fQCi-nhXuvJhXO77dFdVSRls
Request Chain 536
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QWWpXEXGQMGbXMyxBdiSOw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 540
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIN-7S-AQWIkMHZIe8Mp6SE&google_cver=1
Request Chain 542
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1224220665693558984
Request Chain 544
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5QIIPw9E2uXkIByA55Yv28Ns2rN9Fts-~A&gdpr=0
Request Chain 546
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QWWpXEXGQMGbXMyxBdiSOw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 547
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent=&ct=y
Request Chain 550
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIN-7S-AQWIkMHZIe8Mp6SE&google_cver=1
Request Chain 552
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1224220665693558984
Request Chain 556
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=313197623763080317&gdpr=0&gdpr_consent=
Request Chain 557
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=elC-qnoEuPphXLn6fQCi-nhXuvJhXO77dFdVSRls
Request Chain 558
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5QIIPw9E2uXkIByA55Yv28Ns2rN9Fts-~A&gdpr=0
Request Chain 561
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 562
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Twqw2BrIVCxjOdiqBQbarFTjfeQ&gdpr=0&gdpr_consent=
Request Chain 563
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRpqeQARh6EfOQA4
Request Chain 565
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIaUtrN0tOTlVBQUJqb2dOVUxzUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAHiKk7KNNUAABjogNULsQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAHiKk7KNNUAABjogNULsQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAHiKk7KNNUAABjogNULsQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0
Request Chain 569
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528015049405

587 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
www.bg3.co/a/ 		57 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
985f747f87379767a742298e0f1935eeb304627f089b849367c62d99f7932279

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 02 Oct 2023 06:59:58 GMT
etag
"e5d3-jEfC0C6yqvsTiDJj4z4GYc97tYo"
expires
Mon, 02 Oct 2023 07:00:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 02 Oct 2023 06:59:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73010
x-xss-protection
0
server
sffe
etag
"b44d49b4390daba4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 02 Oct 2023 06:59:59 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 02 Oct 2023 06:59:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9649
x-xss-protection
0
server
sffe
etag
"72b1ab72fa86fbb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 02 Oct 2023 06:59:59 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
aaf8ad94a21829eaa050674651c02e8a731a87a09e601cdf0ab4e4e3ce54812e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29389
x-xss-protection
0
server
cafe
etag
21 / 19632 / m202309260101 / config-hash: 9162079683277741110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 06:59:59 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
614c6d112827c5c814c7489413c183793f8e1fd50ead1954368363875bfef62c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91238
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 02 Oct 2023 06:59:59 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 15:25:52 GMT
server
cloudflare
age
29381
etag
W/"6516ec80-a1c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80fb10d53c890078-CDG
expires
Mon, 02 Oct 2023 10:50:17 GMT
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 02 Oct 2023 07:59:59 GMT
date
Mon, 02 Oct 2023 06:59:54 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Mon, 02 Oct 2023 06:00:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
adpushup.js
cdn.adpushup.com/42753/ 		681 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
br
age
163254
x-cache
HIT
x-client-device
desktop
content-length
145467
x-ap-device
DESKTOP
last-modified
Thu, 28 Sep 2023 16:35:35 GMT
server
ECAcc (ama/48F2)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Mon, 02 Oct 2023 07:59:59 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		563 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
56b39bd015b4274cd9a208b5dbfc15becb34993d0f389a8faad14cd0f80329e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
F_ZbL61.5jnjr1ZwbT0XAJJK75idMJyh
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:58 GMT
x-amz-request-id
7M3WR16DBPXYQ8RR
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
16
x-amz-replication-status
FAILED
content-length
55662
x-amz-id-2
n3VWAwKqrbUn7beiFi2YY5rwk5jUM/7A+Nak7rKWEUkG2w3eEMIN9S1V8QSU1Df3jXjgsYld3/E=
x-served-by
cache-ams21063-AMS
last-modified
Mon, 02 Oct 2023 01:04:36 UTC
server
nginx
x-timer
S1696229999.942798,VS0,VE25
etag
"17fe86840c70397edf1b1710cc3b683c63a28ee4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
28
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13217
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6weHDOJ6WF67KinVPEZOPaeOztXYlbK4oN0IKijW2HH6POICjTiCEjxkPpH%2B%2FkCwCG8kwPUfYlR0w2krvtlCrYIIL5f%2FeFV1QHTxziGqdShtyIOU20WzxUUPnLo8mFg0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
80fb10dbca853c8f-CDG

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
player.js
cdn.unibotscdn.com/player/mvp/ 		316 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
b9ca88ff32a453c0d8a5bd64d52474826dd9225343b12bca882251daf5448682

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
09/30/2023 06:49:35
cdn-pullzone
873945
last-modified
Sat, 30 Sep 2023 06:49:13 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
656
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6517c4e9-4eedb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
d524ee22c5bd082b8f5645e22c0eacd9
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
t.php
c.statcounter.com/ 		192 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=3C6485CF8C424FC42C49C6EE01B49F8D&java=1&security=dd738f34&sc_snum=1&sess=95cc7e&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&t=MLB%EF%BC%8F%E8%8B%A5%E7%B0%BD%E4%B8%8B%E9%81%94%E6%AF%94%E4%BF%AE%E6%9C%89%E3%80%80%E9%81%8A%E9%A8%8E%E5%85%B5%E8%80%83%E6%85%AE%E4%B8%8D%E8%A3%9C%E8%8F%B2%E7%88%BE%E5%BE%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2159&sc_rum_e_e=2163&sc_rum_f_s=0&sc_rum_f_e=2157&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
80fb10d5ed520078-CDG
expires
Mon, 26 Jul 1997 05:00:00 GMT
impl.20231001-10-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a27ce63798bf6d6cfd220a5e4b425404dfe9aef4fdb2bd967e92ab3858064d52

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
id4D2s3GBJWd6VEPcmCCFJpnfwcC6msI
content-encoding
br
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
JG95Q37TCGQYZE0A
age
10779
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171910
x-amz-id-2
FjeHozRBB0LluLDM3wiE3vQ3AqoKfRmUvaOjdYQ8KTF3i/WaHvdb+8xGIYUkZiCG8JwKWw+FALc=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 12:00:20 GMT
server
AmazonS3-br
x-timer
S1696229999.117878,VS0,VE0
etag
"24c6269eb0273b59ddcba1673296af38"
vary
Accept-Encoding
content-type
application/javascript
abp
53
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6642
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
991899
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-ams21078-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696230000.610910,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
32446, 473406
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
268723
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		75 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=08%3A59%3A59.264&lti=deflated&data=%7B%22id%22%3A204%2C%22ii%22%3A%22%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696164421535%2C%22vi%22%3A1696229999260%2C%22cv%22%3A%2220231001-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html%22%2C%22vpi%22%3A%22%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3596%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1946.765625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea32992140c25154617ebfb474d5518028290220d50e0b9bf2355f4780c0ac12

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
339
date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.9864583333333333
x-fastly-to-nlb-rtt
66102
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-ams21063-AMS
x-log-content-encoding
gzip
server
nginx
x-timer
S1696229999.301157,VS0,VE339
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ae737a695a8ddcae486ff98f885b377d.jpg
static.bg3.co/imgs/202105/ 		0
0
05db76c17227aa9b78589de617a4ff70.jpg
static.bg3.co/imgs/202105/ 		0
0
b02ba158580ca9e03b59f5163da513fa.jpg
static.bg3.co/imgs/202105/ 		0
0
33e4fd0e681f6f2b91aa39be646671a5.jpg
static.bg3.co/imgs/202105/ 		0
0
7321329be97bddad18ddf6f55cb70d15.jpg
static.bg3.co/imgs/202105/ 		0
0
d09ad06cff765c7bf397d64cf1e7b9a6.jpg
static.bg3.co/imgs/202105/ 		0
0
bd6977f810bb28c226292bf859d9d5df.jpg
static.bg3.co/imgs/202105/ 		0
0
a9532c143a40dd434018802c75fba23f.jpg
static.bg3.co/imgs/202105/ 		0
0
7e3f9b3f829e70ee97a9bb508540ad6e.jpg
static.bg3.co/imgs/202105/ 		0
0
227eeb40360775d6105e8d597ce19483.jpg
static.bg3.co/imgs/202105/ 		0
0
b02ba158580ca9e03b59f5163da513fa.jpg
static.bg3.co/imgs/202105/ 		0
0
84f02ad7614223612341dede58e80155.jpg
static.bg3.co/imgs/202105/ 		0
0
34e97d2b8e749f4fdaa055e87920556b.jpg
static.bg3.co/imgs/202105/ 		0
0
f9d8635e6421878f5c0f084413073181.jpg
static.bg3.co/imgs/202105/ 		0
0
6a2dff9af8b0f383a92945cc8c85ab7c.jpg
static.bg3.co/imgs/202105/ 		0
0
bb3d7b55a90924f5c4b245b6471623e6.jpg
static.bg3.co/imgs/202105/ 		0
0
755a3c3dba7802239712d7075bb7aec3.jpg
static.bg3.co/imgs/202105/ 		0
0
a58b736b35a366470ebfab208aaa785a.jpg
static.bg3.co/imgs/202105/ 		0
0
9fbc2108695aa5c9ff2881c5f4e6f2f1.jpg
static.bg3.co/imgs/202105/ 		0
0
ec46f06c7f92d8668c176ca69a4c3b0e.jpg
static.bg3.co/imgs/202105/ 		0
0
b08f2412f9f1fa973b71a8055fa447f9.jpg
static.bg3.co/imgs/202105/ 		0
0
aec9d5ec80a4ef1a00e1ad37bfb9a406.jpg
static.bg3.co/imgs/202105/ 		0
0
4db8c3337876399452d52b354cf47f43.jpg
static.bg3.co/imgs/202105/ 		0
0
5c99e3998934a33df6094170479da6ec.jpg
static.bg3.co/imgs/202105/ 		0
0
4f2294375a8ee3c2bce727c900856c30.jpg
static.bg3.co/imgs/202105/ 		0
0
872a869190c93953ef758b630d4c0335.jpg
static.bg3.co/imgs/202105/ 		0
0
e922119d549b5a6ae3ce548cd4f9b2f9.jpg
static.bg3.co/imgs/202105/ 		0
0
e669a00de6f7849cffe8117d1c28d7f1.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012309151607000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:02 GMT
age
473337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2976
x-xss-protection
0
server
sffe
etag
"07fb3dc7eac63481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:02 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012309151607000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:02 GMT
age
473337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3936
x-xss-protection
0
server
sffe
etag
"3d96bab6a7d5a37d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:02 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 		410 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 12:53:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
65185
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132541
x-xss-protection
0
server
cafe
etag
15229329507080665565
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 30 Sep 2024 12:53:34 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je39r0&_p=1194065067&cid=404882103.1696229999&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696229999&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&dt=MLB%EF%BC%8F%E8%8B%A5%E7%B0%BD%E4%B8%8B%E9%81%94%E6%AF%94%E4%BF%AE%E6%9C%89%E3%80%80%E9%81%8A%E9%A8%8E%E5%85%B5%E8%80%83%E6%85%AE%E4%B8%8D%E8%A3%9C%E8%8F%B2%E7%88%BE%E5%BE%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 06:59:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1427796
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-ams21078-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696230000.610855,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
3794, 10523
floating-unit.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c248cbbf83e1b946ebc62424d0dc95052b88f66c2ebf9f38cc1c896d97f47e3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1pyZcYSPjQm43Uso7dsOw5JSr2N54._s
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
CWHNBQXD3KJZ08F4
age
59454
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
kVpYsv1ZjUKerhLKQIiiyMkLCn4ZjcVFjn2/1a+adOJaNeju5FA9Dgr5LL4wNyQZTAy/9aoO2xA=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:29:06 GMT
server
AmazonS3
x-timer
S1696230000.731372,VS0,VE0
etag
"3ff5a796dcd4c369bceeb3faca4f617f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2347
taboola-vignette-new-scanning.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24779492e09ab7074ac2838f765a56575f9d3146807f6a1d5ad97341ced884d1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j.qaisTV02RN.h4unxA_L9AN5TpWh10I
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
RBPNHFADGJT44VXM
age
59431
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
8K07gcdAi1w8QPiCozdz0IOQ6/gTbyJ6fnECI5hp7CQS2e7Lp9pak7suPoAsg8n4aujtiQWGRw0=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:29:28 GMT
server
AmazonS3
x-timer
S1696230000.731352,VS0,VE0
etag
"5eea9c073aeb6cf087efb3ea63d9f5d0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
93
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1342
distance-from-article.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f22eb3448a443f950989ee02b815d7239a0cb487b56171f84e426db77dbbcffc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8E7tAq2UZXo4DgzJ.HIkfWTMvl12HwbZ
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
CHK005HHA9R1AH6J
age
59467
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
dylD2bmuYNXq2ffTGScNNOdkNwC+SE6u+8JWRLk5b9M8Igyk2bzp30SKq9d31u83umTx6JL7wvE=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:28:53 GMT
server
AmazonS3
x-timer
S1696230000.755109,VS0,VE0
etag
"e49c00f1b87954a8d1bbcb1c5a9eaf13"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
14
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
26120
article-detection.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9809b000023d94394d540824cf3cfcc81ef258b8af7a15a676d9f51b29c1dc6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XaR06qso0BVA4Oo33McKpMRu_ZexhPXF
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
GKER0K4EMQB46319
age
59475
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
4DhKUnsyXQSdR40xsezZ/kwMNJ6Djr0Fv6gYAxtB+A2F2S1hphBftXQtaWenPO8MjveXwBObtB8=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:28:46 GMT
server
AmazonS3
x-timer
S1696230000.755081,VS0,VE0
etag
"f218d9c462a3c4e9faf570002611fabc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
26116
article-and-feed-area-scanner.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f738a2651ab75ee70ab19f3d790a692b5d0985bdf73a4e34972630a5f0d9e095

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
roqFMv401q.lXKNL21yvIEAbrxJUWWzl
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
KJKKNYGESFAGCEAC
age
59475
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1147
x-amz-id-2
0aLVyushyg8M3LkgtYHHpxX9RzsQrB+EDWPdTA0zbqRJ6DwyuySv3YWJW3gT1FvUrT4XKbU92/c=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:28:44 GMT
server
AmazonS3
x-timer
S1696230000.755071,VS0,VE0
etag
"ea712bf41ac75715cf0456674751dc47"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
46
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7934
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.5/ 		124 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0184c504cb17eca263d2767e44a9c32662cb60821d2744411e70e6c26816a67a

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:59:59 GMT
via
1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
AMS1-P3
age
422691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34285
x-served-by
cache-ams21031-AMS
last-modified
Wed, 27 Sep 2023 09:33:38 GMT
server
AmazonS3
x-timer
S1696230000.883447,VS0,VE0
etag
"1aea83e6a823fea9d804d1737de139cd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5xIjLBscTZPnDo97_2kNCe2k3gG3zkjZKVwM9KqA5Z8vHQNQq5TD-A==
x-cache-hits
8338
feed-card-placeholder.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97cf806466c39d7e2d4103dfcf5b1b3a4f32715b92737d0a7025d3967f693fba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
E08Fl9z2JhDI1tXC53LhK9TXcmtrQp7D
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
0AMZ483PWA1MDK71
age
59460
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
EddrWwvW9yIDML2S4/hZ+RCTe4ygPRQqSH80RhNDTljF8uX1m2psiWL2b+LjKququfOgQkcxY28=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:28:59 GMT
server
AmazonS3
x-timer
S1696230000.755031,VS0,VE0
etag
"c13dcd0998386ad4017bdbf1160bc3f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
21465
userx.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd1f1644e6d0573f3ff811e97a23f7c91c0ff43fe9c2082828fef214be36847f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
TpcS0OhO99R7exOif0pR4bz8XMFQ_1bm
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
BB2Q58CN82MF0VPN
age
59427
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
5DmgrPRXanhK04UZYUEbEwtt8oxJZ+9mp98Un07yjvWplOfSGgX5PK8vto/cBpkRLc9Lm1vGMC8=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:29:33 GMT
server
AmazonS3
x-timer
S1696230000.777936,VS0,VE0
etag
"fede0a2e08421bed0ba19d741394fee6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
82
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2612
explore-more.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
606813c27027f7d4b6f1ddca3ee78eaa96457ae792681c149224ea2fbae1d9ca

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mY97TIHfe_EyI9XxSak.nMCsi.R7vacU
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
ESA9RPB22EFYAVST
age
59463
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
Cv8O+XrOkaRmA3VMFJnFwaAd0XqJcMYt2Ml0GVbFUsveDR6/rOuC6QDAP6XoAXc164S6i14T5Ds=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:28:57 GMT
server
AmazonS3
x-timer
S1696230000.777923,VS0,VE0
etag
"3e552a3a58db53b3b42a1a1143453c33"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9695
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=08%3A59%3A59.707&id=6936&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1696229999708%7D&tim=08%3A59%3A59.708&id=1157&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696229999717%7D&tim=08%3A59%3A59.717&id=1390&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubs-generic
trc.taboola.com/palmate-bg3co/log/3/ 		0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/pubs-generic?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1696229999727%7D&tim=08%3A59%3A59.727&id=7382&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
76
date
Mon, 02 Oct 2023 06:59:59 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
75195
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-ams21063-AMS
pragma
no-cache
server
nginx
x-timer
S1696230000.801392,VS0,VE76
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=08%3A59%3A59.727&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=7101&cv=20231001-10-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22taboola-below-article-feed%22%5D&vi=1696229999260
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82122
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A59%3A59.745&id=9065&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=08%3A59%3A59.748&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6650&cv=20231001-10-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82122
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=08%3A59%3A59.749&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=7756&cv=20231001-10-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82122
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=08%3A59%3A59.756&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7066&cv=20231001-10-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82122
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=08%3A59%3A59.757&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=8276&cv=20231001-10-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82122
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=08%3A59%3A59.763&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7784&cv=20231001-10-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82122
block.jpg
delivery.adrecover.com/ 		631 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1696229999771
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 01 Oct 2024 06:59:59 GMT
date
Mon, 02 Oct 2023 06:59:59 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
3959675
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 06:59:59 GMT
x-amz-request-id
TZRV815EMAFY1JBF
age
81
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
v5SDmim5AHD1xUYx+tpwQ3ehER8nJJjDtZKSR7zLZUfaHgPhMWhJVk4BNKiXJLg3LG/QSQSHEMY=
x-served-by
cache-ams21063-AMS
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1696230000.801373,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
81
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
29
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3b81ea77193cef7e60595347b4c11fd4528cec7133075aba100d37f5ce9c5cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 02 Oct 2023 06:59:59 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
1004339
edge-cache-tag
356686445197087509435470419559440289029,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
402
req-referer
https://www.bg3.co/
content-length
108920
x-request-id
466c78ae91881447ca566e41c3d38d10
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000098-IAD, cache-iad-kjyo7100121-IAD, cache-iad-kiad7000034-IAD, cache-ams21063-AMS
last-modified
Sun, 10 Sep 2023 20:32:02 GMT
server
nginx
surrogate-reporting
width=1194,height=896,bytes=179786,owidth=1344,oheight=896,obytes=2099614
x-timer
S1696230000.970678,VS0,VE2
etag
"e00df394c71531c4b5ea0c7f18e73922"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a8a347e67412b43a5f7b1f5dd68e82101655949c78da94255ae1708e5ff38819

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 06:59:59 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
2923875
edge-cache-tag
356686445197087509435470419559440289029,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
276
expiration
expiry-date="Mon, 11 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/
content-length
83890
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200035-IAD, cache-iad-kiad7000042-IAD, cache-iad-kcgs7200070-IAD, cache-ams21063-AMS
last-modified
Fri, 11 Aug 2023 15:43:40 GMT
server
nginx
x-timer
S1696230000.994342,VS0,VE1
etag
"81f305b7f9c27554fb01203c3e1001ff"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 34, 1
5a51e092ada8691e95cd9058d7c36e4f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
59627d3e720fada9d462300835396b47228004be295364d3f31e6d5e533c2e3d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
age
2239010
edge-cache-tag
547477969683236898343824969404383427749,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
547477969683236898343824969404383427749,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
183
expiration
expiry-date="Sun, 17 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.viepratique.fr/
content-length
21198
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kiad7000139-IAD, cache-iad-kcgs7200165-IAD, cache-ams21063-AMS
last-modified
Thu, 17 Aug 2023 12:37:59 GMT
server
nginx
x-timer
S1696230000.123506,VS0,VE1
etag
"e6efd2098c0264a7e0272b99c4d1c82a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5, 1
cea80ddf3609efb290faf64050ec1637.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c5b0e49e3944dbfaed572cb581440050393e979e01dcec9120589bb31303bd62

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
age
2292801
edge-cache-tag
424011715391862438643660917372215574904,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
424011715391862438643660917372215574904,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
95
req-referer
https://www.calcalist.co.il/
content-length
10216
x-request-id
620e6edb153a9c23ac5e0ab660da910c
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200168-IAD, cache-iad-kjyo7100162-IAD, cache-lax10668-LGB, cache-iad-kjyo7100025-IAD, cache-ams21063-AMS
last-modified
Sat, 26 Aug 2023 19:45:45 GMT
server
nginx
x-timer
S1696230000.178794,VS0,VE1
etag
"23cc301e9c64cefcf712e642c88b24fe"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 29, 1
eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44c9e4d6cc84fe235db0800274090c3335ecc1fcb54bbbebc324c278bb50c197

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age
4036750
edge-cache-tag
486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
486431112865747330230722196242728132931,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
352
req-referer
https://www.oe24.at/
content-length
35954
x-request-id
59c46f608018852f1f8a5438f139c686
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000071-IAD, cache-iad-kjyo7100118-IAD, cache-sna10747-LGB, cache-iad-kcgs7200136-IAD, cache-ams21063-AMS
last-modified
Thu, 03 Aug 2023 18:24:54 GMT
server
nginx
x-timer
S1696230000.178751,VS0,VE1
etag
"f9d7aab2dcdde7833ec39551e6347199"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 5, 1, 61, 1
78e04642-8a3b-4634-b0e6-c61a19e5ca89__lCxSL4EA.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/78e04642-8a3b-4634-b0e6-c61a19e5ca89__lCxSL4EA.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc006bfbbcbad80c8963e9c777aa692c334580f0c7107004e9d00529c642fd2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/78e04642-8a3b-4634-b0e6-c61a19e5ca89__lCxSL4EA.jpg
age
3474544
edge-cache-tag
298553599539550640127806367447896217209,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
298553599539550640127806367447896217209,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
34
req-referer
https://www.express.de/
content-length
25286
x-request-id
8ad9e295befcba6193777971090e2005
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000151-IAD, cache-iad-kiad7000151-IAD, cache-sna10721-LGB, cache-iad-kiad7000052-IAD, cache-ams21063-AMS
last-modified
Wed, 23 Aug 2023 01:50:56 GMT
server
nginx
x-timer
S1696230000.178722,VS0,VE1
etag
"5c7db35fba1d397222bf244c92b7ce8b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 28, 1
4219ebbf4f258a3254dda5ffd90004d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4219ebbf4f258a3254dda5ffd90004d2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81503164d8bba62006bb12b60243a74021f20dd5fdc2e22d54a22be13a6c5373

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4219ebbf4f258a3254dda5ffd90004d2.png
age
1554640
edge-cache-tag
428503994419776433926221180474074951718,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
428503994419776433926221180474074951718,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
868
expiration
expiry-date="Thu, 21 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fox8live.com/
content-length
20394
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000049-IAD, cache-iad-kcgs7200091-IAD, cache-lax10681-LGB, cache-iad-kcgs7200163-IAD, cache-ams21063-AMS
last-modified
Mon, 21 Aug 2023 15:28:38 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=1344,oheight=896,obytes=1396873
x-timer
S1696230000.202010,VS0,VE3
etag
"24b9ac115c9ca0d9124e2666abb3c7b7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 25, 1
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
2910433
edge-cache-tag
356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
274
expiration
expiry-date="Thu, 14 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sueddeutsche.de/
content-length
94302
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100128-IAD, cache-iad-kjyo7100157-IAD, cache-iad-kjyo7100132-IAD, cache-ams21063-AMS
last-modified
Mon, 14 Aug 2023 17:13:56 GMT
server
nginx
x-timer
S1696230000.243229,VS0,VE2
etag
"78af0e2d92f1d0853f93e08bf0474e82"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 76, 1
eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age
3645638
edge-cache-tag
486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
486431112865747330230722196242728132931,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
480
expiration
expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
42778
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100114-IAD, cache-iad-kiad7000064-IAD, cache-lga21931-LGA, cache-iad-kjyo7100053-IAD, cache-ams21063-AMS
last-modified
Fri, 18 Aug 2023 15:33:27 GMT
server
nginx
x-timer
S1696230000.243206,VS0,VE1
etag
"0a2c75440724365af393e298015be867"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1348, 1
5a51e092ada8691e95cd9058d7c36e4f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
518ca4ff6d83fab8f9f854ffdd2f771a7b457fe56480c5badd00931abd8bd708

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
age
2239009
edge-cache-tag
547477969683236898343824969404383427749,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
547477969683236898343824969404383427749,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
422
expiration
expiry-date="Sun, 17 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
53680
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kiad7000097-IAD, cache-sna10724-LGB, cache-iad-kjyo7100123-IAD, cache-ams21063-AMS
last-modified
Thu, 17 Aug 2023 12:37:59 GMT
server
nginx
x-timer
S1696230000.243185,VS0,VE1
etag
"e6efd2098c0264a7e0272b99c4d1c82a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 17, 0, 41, 1
cea80ddf3609efb290faf64050ec1637.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
91eea04a2b7be10820e7adf0c0cf6a1aa2cdc24f60c419fc6020f0369f048ce4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cea80ddf3609efb290faf64050ec1637.jpg
age
4136444
edge-cache-tag
424011715391862438643660917372215574904,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
424011715391862438643660917372215574904,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
231
expiration
expiry-date="Sat, 02 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.noen.at/
content-length
22490
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100122-IAD, cache-iad-kjyo7100122-IAD, cache-lga21982-LGA, cache-iad-kcgs7200125-IAD, cache-ams21063-AMS
last-modified
Wed, 02 Aug 2023 10:59:37 GMT
server
nginx
x-timer
S1696230000.266364,VS0,VE19
etag
"28ff65357179fbced0eb34ee398279c5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 21, 1, 10, 1
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
br
age
1524536
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (ama/48CC)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Oct 2024 06:59:59 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
br
age
4492821
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Oct 2024 06:59:59 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 02 Oct 2023 06:59:59 GMT
content-encoding
br
age
1524536
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Oct 2024 06:59:59 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYyMjk5OTk4NTIsInBhY2tldElkIjoiMDAwMEE3MDEtMzJlNGU0OTgtMTNhMC00MmY2LThhN2UtZjkxY2QwMDZlZDAwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21sYi1ydW8tcWlhbi14aWEtZGEtYmkteGl1LXlvdS15b3UtcWktYmluZy1rYW8tbHUtYnUtYnUtZmVpLWVyLWRlLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=3040.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
next-up-widget.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8be40bf99168e92df8fcce7ba6034cd810e348597170fc49c9507b3cf1ff8afa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qk9y09KiRd7D62Y3Tq.mf.OmH.OT.tWx
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 07:00:00 GMT
x-amz-request-id
9ZA2NFC5PAVMJYXG
age
59450
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
DzcD9Mk+Evc4KqVXaf+ziBj1a1FhaQ2MmysnLHT6GETCBqMXz1QR38/U2nwpxc5f/porveuxyv4=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:29:10 GMT
server
AmazonS3
x-timer
S1696230000.109722,VS0,VE0
etag
"9c8299e0b9b2f9f0ab969d3d1b4d4c90"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
51
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2295
playerConfig
socket.unibots.in/website/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.144.5.218 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
139-144-5-218.ip.linodeusercontent.com
Software
/ Express
Resource Hash
16c1a8284ac22bac6889f84dcbc193f8ffd78f080d9e4378406b3a67b6b555b3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 02 Oct 2023 07:00:00 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
3609
etag
W/"e19-vwRj2d0Nu4XpH6939n9fbHUAS6s"
content-type
application/json; charset=utf-8
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYyMzAwMDAwNDQsInBhY2tldElkIjoiMDAwMEE3MDEtMzJlNGU0OTgtMTNhMC00MmY2LThhN2UtZjkxY2QwMDZlZDAwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21sYi1ydW8tcWlhbi14aWEtZGEtYmkteGl1LXlvdS15b3UtcWktYmluZy1rYW8tbHUtYnUtYnUtZmVpLWVyLWRlLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3232
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYyMzAwMDAwNTAsInBhY2tldElkIjoiMDAwMEE3MDEtMzJlNGU0OTgtMTNhMC00MmY2LThhN2UtZjkxY2QwMDZlZDAwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21sYi1ydW8tcWlhbi14aWEtZGEtYmkteGl1LXlvdS15b3UtcWktYmluZy1rYW8tbHUtYnUtYnUtZmVpLWVyLWRlLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3238.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYyMzAwMDAwNTUsInBhY2tldElkIjoiMDAwMEE3MDEtMzJlNGU0OTgtMTNhMC00MmY2LThhN2UtZjkxY2QwMDZlZDAwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21sYi1ydW8tcWlhbi14aWEtZGEtYmkteGl1LXlvdS15b3UtcWktYmluZy1rYW8tbHUtYnUtYnUtZmVpLWVyLWRlLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3241.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=375766901515413&correlator=914244492102094&eid=31077692&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696230000071&lmt=1696222800&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=404882103.1696229999&ga_sid=1696230000&ga_hid=1194065067&ga_fc=true&dlt=1696229998788&idt=770&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_0_0_pv%26cluster_reporting%3Dchrome_DESKTOP_0_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
b2f1bacc6c1358d22e92d0d703b59f55c22e5c45da8229785626027ba3e4677e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
714
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 170E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:00 GMT
expires
Tue, 01 Oct 2024 07:00:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
3ab8007c277130826b8a87e5b30bd689ee55a199d430c36e2032c9611a538dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 11:40:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
69599
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13202
x-xss-protection
0
server
cafe
etag
9134410016569746439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 30 Sep 2024 11:40:01 GMT
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A00%3A00.098&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3855&cv=20231001-10-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82403
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 05:47:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Oct 2023 07:00:00 GMT
spa-detector.20231001-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231001-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63b5415842a0950a3783f45d83215e93dbe7ef1aacaf22628d69a3b9f3832279

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cRSHQ2eR7e5kRFRlTtgVYNIoAtreMpMj
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 07:00:00 GMT
x-amz-request-id
8D3N5ZZ7XXFQFZ3J
age
59443
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
777
x-amz-id-2
vAXP1kSTflfNajnA22qmdAPZiBVF0HlqT+DcCIHAhkm2pIZtpjYEXFxfNzIwYyJGIC+z8I+90AQ=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 01 Oct 2023 14:29:17 GMT
server
AmazonS3
x-timer
S1696230000.155348,VS0,VE0
etag
"f42d6fdded570cde444c8eeaf4a9cf5f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
64
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10245
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A00%3A00.099&id=2468&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1696230000103%7D&tim=09%3A00%3A00.103&id=3714&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A00%3A00.105&id=3262&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1696230000106%7D&tim=09%3A00%3A00.106&id=8004&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYyMzAwMDAwNDQsInBhY2tldElkIjoiMDAwMEE3MDEtMzJlNGU0OTgtMTNhMC00MmY2LThhN2UtZjkxY2QwMDZlZDAwIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21sYi1ydW8tcWlhbi14aWEtZGEtYmkteGl1LXlvdS15b3UtcWktYmluZy1rYW8tbHUtYnUtYnUtZmVpLWVyLWRlLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3301.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22389.15625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A00%3A00.127&id=6802&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=9598&tvi50=10882&lti=deflated&ri=1a95cc86ede4b309866e7974ba8ca9c4&sd=v2_579dc23e5cbe64809aa600fae1f7d839_cc720391-f959-4335-b961-e491463fccdd-tuctc13efef_1696229999_1696229999_CNawjgYQ2YJdGJyFv_muMSABKAEwKziy0A1AwogQSM7R2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&pi=/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&wi=-4342022789169631726&pt=text&vi=1696229999260&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1343%7D%22%2C%22eventTime%22%3A1696230000129%7D&tim=09%3A00%3A00.129&id=4185&llvl=2&cv=20231001-10-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 09 Oct 2023 07:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231002
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f8f0e6487904fc554d741c1711821911ea29ea9b75b6742d31b77bd5e536c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10746
x-jsd-version
1.0.1830
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"637-jHTfxA5WF5KhCVIkhGcQK8uV73I"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URY%2BvKgHqsHcag2JtPIWWhNtQLbtmXf6m2DQDCA0Q4ZIuHZgSFUWRFiZi%2B39OiPj0Fbdj5NwXeI6hVxvUxneQX1Rl0WhOz8G4nLjTOdkM%2BpmlzLs6LW%2BaXUneUnKFV25hN0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80fb10dffa2a0215-ZRH
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
70
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		138 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
287e807a2ea1d888b922d4d04efb6c508c10f5c30486b90d7f66e9a158f196b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
an-x-request-uuid
94e0212f-b2fd-4dd4-ab6b-584bb83f85d2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		813 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ca121181499f1506eeeb39b53538311b023d12c99f6d9a183b6759520aec600d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
353
expires
Mon, 02 Oct 2023 07:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3499ddebef3a529b7a535027816cdddb941c3258c932337f939ac73e71c0824c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1947433ae57ae0116de0945c479cec327b8316985e1f89520c84faa017e7c1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkndEbyzI4EkWy6SepFmv4%2BEe75o83PCaokz%2BELnt%2FLdYmDNAeejY3b0IrdpSVsrdP5auAA%2BTJAAMAHA39jgkkddv7Rx4RxQWmssUY4ENhlyBhrn7mUfMmVdfmAi2wQrhuZzY0rP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80fb10dedb3f03c3-CDG
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09cb2b0b78096ad616660236523a32d752bb50011956d01bff365532dcad35a5

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqfmJSN1rDt3WkuGx6rT90oJT9BeNeH879IvHRlRV7O4yF%2BpRKOV%2Fs55W%2BUgH%2Fuc5WdIi3ec7yp%2FktXhtxQjCmmBSPQxrJQu6bfI0H%2Bjx89tRV%2BUTsc6p9S3tS35pelvfYODoDod"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80fb10dedb4103c3-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
431a27b2608fd79ecd69bf7de0df672af9ef33fe27939987a0803b49a47d2f49

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.130.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		403 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=81e48bc4-b180-48e4-a141-a483b4a85926%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8CMLB%EF%BC%8F%E8%8B%A5%E7%B0%BD%E4%B8%8B%E9%81%94%E6%AF%94%E4%BF%AE%E6%9C%89%E9%81%8A%E9%A8%8E%E5%85%B5%E8%80%83%E6%85%AE%E4%B8%8D%E8%A3%9C%E8%8F%B2%E7%88%BE%E5%BE%B7&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=92b27722-b49e-435a-b604-ca4d62d4be48&l_pb_bid_id=281c2b05e56fdad&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=92b27722-b49e-435a-b604-ca4d62d4be48&rp_maxbids=1&slots=1&rand=0.7311824275495509
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b1d1ad2510d04fa0fabf9cae76b05337e9e4c8b862fa42bd2ea924445b3b9a76

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
403
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.168.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-168-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fb144eafbd85325b5dd4115335426c21d965cb34bf5b08917bdd4a76f3345dcc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 02 Oct 2023 07:00:00 GMT
c
prebid.a-mo.net/a/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80fb10deeb78d696-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
hbjson
grid.bidswitch.net/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
09798029e5b3cdff692b9688a6155c7d551402285b2446b2f0e53bde22782c97

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Oct 2023 07:00:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
8146
adreq
ads.servenobid.com/ 		981 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6666
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=79113828133&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 02 Oct 2023 07:00:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9764
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2AkmUv%2Bji5Q2b4Xsj%2BFiAK9GNr81ycdvbmD780YHVHkHRA5XtTh5FHI04DxDv4VAu1PyYLdxGT8v4VBRbfyZsBfHCGj1aua2Jzk2u49VAfFFWGTYgRo8mIx%2FtbCmPc6%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
80fb10de0d4c3c8f-CDG
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a2d14dc972639b36011d605d4f34343c303857a72f5109c641ae38e20b06b503

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.2594997342959202&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
3866617
edge-cache-tag
356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
35
req-referer
https://kifache.com/%D8%AC%D8%A7%D8%A6%D8%B2%D8%A9-%D8%A3%D9%81%D8%B6%D9%84-%D8%AD%D8%A7%D8%B1%D8%B3-%D9%85%D8%B1%D9%85%D9%89-%D9%81%D9%8A-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-%D9%8A%D8%A7%D8%B3%D9%8A%D9%86-%D8%A8/
content-length
8250
x-request-id
a9345f3c6a017abfd5fd26145d40a354
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200023-IAD, cache-iad-kjyo7100108-IAD, cache-sna10735-LGB, cache-iad-kiad7000124-IAD, cache-ams21063-AMS
last-modified
Thu, 10 Aug 2023 11:47:17 GMT
server
nginx
x-timer
S1696230000.363777,VS0,VE1
etag
"0f290e0e1bf2b6824ad4b0ee1e205321"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 13, 1
eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92b6509860512f6d249439e8a2b559c5334d94187d276ea02b245d528e3870d1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb6fcc20c5c4b143c1a759de9119eb5c.jpeg
age
2710621
edge-cache-tag
486431112865747330230722196242728132931,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
486431112865747330230722196242728132931,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
210
req-referer
https://www.italiaatavola.net/
content-length
6140
x-request-id
d49932275f4966cc2e34792658795160
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000169-IAD, cache-iad-kiad7000169-IAD, cache-sna10738-LGB, cache-iad-kcgs7200051-IAD, cache-ams21063-AMS
last-modified
Thu, 03 Aug 2023 18:24:54 GMT
server
nginx
x-timer
S1696230000.392392,VS0,VE1
etag
"d556883197025a9ed2665876d1876378"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 42, 1
5a51e092ada8691e95cd9058d7c36e4f.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_720%2Cx_126%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_720%2Cx_126%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5d50a1bb19f114654736fdc27536a37bff99285b6e5661ea43b674b36e87426e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_720%2Cx_126%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
age
3955532
edge-cache-tag
547477969683236898343824969404383427749,326936120212480349572388909887166671650,29ecf9b93bbf306179626feeda1fab70
cache-tag
547477969683236898343824969404383427749,326936120212480349572388909887166671650,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
393
req-referer
https://ads.taboola.com/
content-length
53698
x-request-id
b7a42efefc9ef66d8389e2b899245910
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200067-IAD, cache-iad-kjyo7100160-IAD, cache-sna10721-LGB, cache-iad-kcgs7200130-IAD, cache-ams21063-AMS
last-modified
Thu, 17 Aug 2023 12:14:05 GMT
server
nginx
x-timer
S1696230000.392374,VS0,VE1
etag
"9efc6386c835d4858c4ae3abded7dd8a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 224, 1
st
imprammp.taboola.com/ Frame 30AA 		422 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&cmcv=&pix=undefined&cb=1696230000409&uv=3343&tms=1696230000409&abt=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=36774f29-c216-4ce1-8ecc-c14324c5dc07&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3165d39410ba0be38b324407b5857f0b0812fdb00796e09463e53a6400e5b6e1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21063-AMS
x-timer
S1696230000.456834,VS0,VE3
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&cmcv=&pix=31589837&cb=1696230000408&uv=3343&tms=1696230000408&abt=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1696229996813.4!ts:1696230000408&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
content-length
0
server
nginx
sync
am-match.taboola.com/ Frame CE51 		422 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
3165d39410ba0be38b324407b5857f0b0812fdb00796e09463e53a6400e5b6e1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 02 Oct 2023 07:00:00 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696230000417&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1557&pt=145714822&tz=120&viewable=true&ddast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1476
x-cache
MISS
x-served-by
cache-ams21063-AMS
pragma
no-cache
server
nginx
x-timer
S1696230000.461000,VS0,VE249
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 30AA 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&cmcv=&pix=undefined&cb=1696230000409&uv=3343&tms=1696230000409&abt=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=36774f29-c216-4ce1-8ecc-c14324c5dc07&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
cc720391-f959-4335-b961-e491463fccdd-tuctc13efef
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 30AA 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/cc720391-f959-4335-b961-e491463fccdd-tuctc13efef?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&cmcv=&pix=undefined&cb=1696230000409&uv=3343&tms=1696230000409&abt=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=36774f29-c216-4ce1-8ecc-c14324c5dc07&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.154.185 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-154-185.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 30AA 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&cmcv=&pix=undefined&cb=1696230000409&uv=3343&tms=1696230000409&abt=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=36774f29-c216-4ce1-8ecc-c14324c5dc07&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame CE51 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
cc720391-f959-4335-b961-e491463fccdd-tuctc13efef
pr-bh.ybp.yahoo.com/sync/taboola/ Frame CE51 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/cc720391-f959-4335-b961-e491463fccdd-tuctc13efef?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.154.185 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-154-185.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame CE51 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
adreq
ads.servenobid.com/ 		981 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7790
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		139 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ac137304ab4d4930e110695e58ea679afcb6f8f2147ae817b115366c52aa441e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
an-x-request-uuid
815dadcd-bf32-45e9-bb93-bf47c39d634a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80fb10e07d59d696-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-48.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8136b6f5cdaae8268756bc5e0011679d1fe97372fda15032f799e7888e11fe48

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Oct 2023 07:00:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.168.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-168-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status
29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 02 Oct 2023 07:00:00 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=63722660317&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 02 Oct 2023 06:59:59 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
9d4fae62ee40c5de56576d84c19aed428f79f00d500849d0a338bae1f5b5bfa2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.130.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		390 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=81e48bc4-b180-48e4-a141-a483b4a85926%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8CMLB%EF%BC%8F%E8%8B%A5%E7%B0%BD%E4%B8%8B%E9%81%94%E6%AF%94%E4%BF%AE%E6%9C%89%E9%81%8A%E9%A8%8E%E5%85%B5%E8%80%83%E6%85%AE%E4%B8%8D%E8%A3%9C%E8%8F%B2%E7%88%BE%E5%BE%B7&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=7653cbbf-e506-4c38-a3cd-ad7d81596a61&l_pb_bid_id=74f462540c4458f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7653cbbf-e506-4c38-a3cd-ad7d81596a61&rp_maxbids=1&slots=1&rand=0.28933040629017626
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4203ae4cefb9b6a01ff04701d989298d7ab1c318a7744d9850590d17b2e9ebc4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
390
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b613d8a2839d32b9849f927a4e49160703fda13951d435d0946b0027c83b860

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shZU0gBadlFWp%2BzJ%2BQ%2Bt%2F9kX1Av9O8wTM48lbtaxcrP4axa%2FM5R1JIXvT5wYJrpYov7%2FZ4vVK8jXX37ocKg%2FGI%2B0vfT1up66uhTHV%2BsvcmLdZ2ov5OzJMHmgM%2Bf8ViCgFQhAF4b4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80fb10e08d2303c3-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b613d8a2839d32b9849f927a4e49160703fda13951d435d0946b0027c83b860

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYbqMWHmagChOcTRYZyp2FT6%2B2DssXJfiUiVhKFNtkJWsMSkk1hObRz9BeBgOy%2FvyX%2BifKprCIWamgMFNB10FYT%2BCg95kn9S2zAl222dcygP4ds6x7iG0c6%2But2pLLVjqZW8O%2Boq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80fb10e08d2503c3-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b613d8a2839d32b9849f927a4e49160703fda13951d435d0946b0027c83b860

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=su2LgVCak1Y54DCe1vwIeEEpm0oX3A8jXM5fecy8XA0OgwTukXfTnjHT2lxlNDgoONw6L3TO34g%2Fq0qyli8twi3FKFomD5i8q6ltZ%2FCJQXMLfqk5u9qNXNkwdewPUCH5QYo2czH7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80fb10e08d2603c3-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
5
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 02 Oct 2023 07:00:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ 		1 KB
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
42cf5fdc1512fe2be4054470c3aee5f2b08cb6bfb6df193b9ca6575f4c03ed26

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 02 Oct 2023 07:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f332e339d14fe0eb32f990021f88c89b8a9258c79feadc0b5b0f4f75e1500716

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
socket.io.min.js
cdn.socket.io/4.5.4/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-46.fra56.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:53:50 GMT
content-encoding
gzip
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA56-P2
age
6049304
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
cdg1::5jf72-1690394030373-77073517fca8
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
RIt0WyK6Zy-ircgA-2Iivr_e3MFwNZAGFa5p3O0IP69X02hR9Frxng==
prebid.js
cdn.unibotscdn.com/player/prebid/ 		465 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
3518aec29d9d15101a5c9a36164c0d18bf4cc9a38f870a5174ad9e3292201867

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:00 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-588
cdn-cachedat
09/22/2023 04:09:06
cdn-pullzone
873945
last-modified
Wed, 02 Aug 2023 08:32:45 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64ca14ad-7435c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
2fb775e2f67491dc51792ae3f4938709
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_4_3/infra/ 		881 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_3/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
12f671dc70e03fd34ff707eee40017714886632aeae47cd8e581517e79caaf9b

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696064901
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
44VT0NS5DG3TXF1M
age
164982
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696064901
x-amz-meta-mode
33188
content-length
147012
x-amz-id-2
NY2JUJ+GniyI07TsZLLfdanUTErjY4e4Nc2+tw1mC1xu/k1Il5R7zDhpstp4Md91D/94OnQvrjI=
x-served-by
cache-ams21031-AMS
last-modified
Sat, 30 Sep 2023 09:08:22 GMT
server
AmazonS3-br
x-timer
S1696230001.794515,VS0,VE0
etag
"76607e75a1d8a4ef30e4276227b9084c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
15785
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_3/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_3/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696064918
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
44VSWEQSKEY3WQGV
age
164982
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696064918
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
WeWpsd5IPV/YMSzjiV78ZYx82YofP8yP1S11E5tet/9UwYuPbjwnbUV0PDW7JXvmL6seopCw6Es=
x-served-by
cache-ams21063-AMS
last-modified
Sat, 30 Sep 2023 09:08:39 GMT
server
AmazonS3-br
x-timer
S1696230001.794193,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
21698
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=-2&tvi48=9598&tvi50=10882&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
81
date
Mon, 02 Oct 2023 07:00:00 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
66074
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-ams21063-AMS
pragma
no-cache
server
nginx
x-timer
S1696230001.847434,VS0,VE81
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:55:26 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
276
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
8JzbAQfL_ZrzV4LwUIwiglRV6kogWoP6N1wjqvTtGaIz0QOdPl9Kig==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5C9B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0e83bd31af7d90e35e92e338f69d5d35c77e12f4b70dabd0b15aad4778cf3dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
server
cafe
etag
3092432677699942622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 07:00:01 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tbGItcnVvLXFpYW4teGlhLWRhLWJpLXhpdS15b3UteW91LXFpLWJpbmcta2FvLWx1LWJ1LWJ1LWZlaS1lci1kZS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtMzJlNGU0OTgtMTNhMC00MmY2LThhN2UtZjkxY2QwMDZlZDAwIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI0MmUyYTFmNS0zNjM3LTQ4ZmEtOTMwYi0xODAwYTc5ZTU0ZWMiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk2MjMwMDAwMjI2LCJiaWRzIjpbeyJjcG0iOjAuMDcsImFkSWQiOiI4OTI3Mzc0MzljMGZlM2UiLCJvcmlnaW5hbENwbSI6MC4wNywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDA3MDAwMDAwMDAwMDAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NTYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2MjMwMDAwNzA1fSx7ImNwbSI6MC4wMywiYWRJZCI6IjkwYmZmZTE3YTViMWQ4MyIsIm9yaWdpbmFsQ3BtIjowLjAzLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NTgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2MjMwMDAwNzA3fSx7ImNwbSI6MC4xLCJhZElkIjoiOTEwMjc3NTg3N2I2YThjIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjU2NywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTYyMzAwMDA4MDd9LHsiY3BtIjowLjEsImFkSWQiOiI5MmM1NzIxNTEwY2RjMWMiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTY4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjIzMDAwMDgwOH0seyJjcG0iOjAuMDc2OTU5LCJhZElkIjoiOTM3OWJhZWE5NTBjMzM4Iiwib3JpZ2luYWxDcG0iOjAuMDkwNTQsImJpZGRlciI6ImFkbGl2ZXRlY2giLCJyZXZlbnVlIjowLjAwMDA3Njk1OSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NjU1LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjIzMDAwMDkyNH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJ0ZWFkcyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiOTEwMjc3NTg3N2I2YThjIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDF9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=4145.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		156 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=375766901515413&correlator=295039564847852&eid=31077692&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&arp=1&abxe=1&dt=1696230001029&lmt=1696222801&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsn4LBastqKYQDQU4vhAMSQoEeysf6efv62LbxOHdVPM&ga_vid=404882103.1696229999&ga_sid=1696230000&ga_hid=1194065067&ga_fc=true&dlt=1696229998788&idt=770&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_0_0%26cluster_reporting%3Dchrome_DESKTOP_0_1_active_0%26refresh27Split%3Drefresh_control_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D9102775877b6a8c%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=1420297610&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a65d634fe39d34d1c8f4238d5752b8151f2ea7ad37b52ece8a4626242663cf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47945
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 94C1 		714 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
1838
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
80fb10e2aac63c8f-CDG
content-encoding
br
content-type
text/html
date
Mon, 02 Oct 2023 07:00:01 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcdaXhk8ytdakFfGKzd0tKKAdyC%2FUpiwJLnRQOCnojSNmZPRTXNkuh7Er3UStCN%2FYc5BP6C25aNKHfaqNMB9IlOyxUEbQvtFdO9ysU8iIDQ%2BediJMhikHMV5mQ2MBfX07g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 36C8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Oct 2023 07:00:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 02 Oct 2023 07:00:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
connection
close
content-length
35
content-type
image/gif
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tbGItcnVvLXFpYW4teGlhLWRhLWJpLXhpdS15b3UteW91LXFpLWJpbmcta2FvLWx1LWJ1LWJ1LWZlaS1lci1kZS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtMzJlNGU0OTgtMTNhMC00MmY2LThhN2UtZjkxY2QwMDZlZDAwIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjE4NDEzMDgwLTNhZWUtNDMxMC05NTU0LTkyOTc5ZmNkZTRkOCIsInRpbWVPZkF1Y3Rpb24iOjE2OTYyMzAwMDAyODMsImJpZHMiOltdLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdfV0sImNvdW50cnkiOiJDSCJ9&c_b=4232
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:01 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=375766901515413&correlator=2994962902525747&eid=31077692&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&arp=1&abxe=1&dt=1696230001052&lmt=1696222801&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsn4LBastqKYQDQU4vhAMSQoEeysf6efv62LbxOHdVPM&ga_vid=404882103.1696229999&ga_sid=1696230000&ga_hid=1194065067&ga_fc=true&dlt=1696229998788&idt=770&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_0_0%26cluster_reporting%3Dchrome_DESKTOP_0_1_active_0%26ap_refresh_type%3DAV_3%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
3839fc6d5d6a4e38cebc1c2d4ae37f665555b79ab103c5b9afa0633319042176
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12565
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pro.ip-api.com/json/ 		119 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
866a536f9b7b40e6e94f02cb5381f054c127c0329ebb41f20597a2b37ea22c64

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 02 Oct 2023 07:00:01 GMT
Content-Length
119
Content-Type
application/json; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 94C1 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e71f64f66cece1b2465804fdfdad53a401bb05aacb5db2a5000c5195d277be60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29319
x-xss-protection
0
server
cafe
etag
128 / 19632 / 31078264 / config-hash: 9162079683277741110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 07:00:01 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
AMS1-C1
age
2150505
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-ams21063-AMS
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1696230001.155392,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
A6eSXa8mzm8pvy_g4qU43SWxHhg7-JxFo9dy2qx0Z0FOI9MVcvzpjQ==
x-cache-hits
69232
sync
am-match.taboola.com/ Frame 7BF5 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
07ef14e2f25d46ff983058007ab982a8ece931a3b1bd7f020602114e3e14d7bd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 02 Oct 2023 07:00:01 GMT
machineid
3401
server
nginx
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 02 Oct 2023 07:00:01 GMT
via
1.1 varnish
x-amz-request-id
ZFRPC3PFTHSKWAJC
age
13062
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
I3ik5JowKcfEGbtrriHouz1flL96hfvN+S8YuupPMlmly2fde9Exqqba1OwCj7qV+igbuNUsCvE=
x-served-by
cache-ams21063-AMS
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1696230001.178805,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
35
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
968
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Mon, 02 Oct 2023 07:00:01 GMT
via
1.1 6750d77433312fa1bf305e9ae7af80ae.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
AMS1-P1
age
2264752
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-ams21063-AMS
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1696230001.224454,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aMbbnOmg1VE3Pr2yFaiHpIZhHxo3sETSuv1N7hdOiyVEbEUpcsOAdA==
x-cache-hits
213336
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.7/ 		464 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
125abd02e7e26bfbbb3638931f04b0afcd1d70a18dcc12bd10f7e8491258c90c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1695800289
date
Mon, 02 Oct 2023 07:00:01 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
RPS3CN4F1ZP0AYJ8
age
429650
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1695800301
x-amz-meta-mode
33188
content-length
88887
x-amz-id-2
RP485XiCjOnxqLTcLWXd+AwyXaGI29NN+CqxMKxq5UtYxn/t68+kVIsG4fkv9EXVqvcw/aQ/t+k=
x-served-by
cache-ams21031-AMS
last-modified
Wed, 27 Sep 2023 07:38:22 GMT
server
AmazonS3-br
x-timer
S1696230001.208921,VS0,VE0
etag
"69d325441f7bb5002e3ec402bb46366b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
110655
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&cmcv=&pix=31579697&cb=1696230001187&uv=3343&tms=1696230001187&su=3&abt=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 7BF5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
cc720391-f959-4335-b961-e491463fccdd-tuctc13efef
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 7BF5 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/cc720391-f959-4335-b961-e491463fccdd-tuctc13efef?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.154.185 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-154-185.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 7BF5 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
L2EvbWxiLXJ1by1xaWFuLXhpYS1kYS1iaS14aXUteW91LXlvdS1xaS1iaW5nLWthby1sdS1idS1idS1mZWktZXItZGUuaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvbWxiLXJ1by1xaWFuLXhpYS1kYS1iaS14aXUteW91LXlvdS1xaS1iaW5nLWthby1sdS1idS1idS1mZWktZXItZGUuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 01 Oct 2024 07:00:01 GMT
date
Mon, 02 Oct 2023 06:59:57 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ Frame 94C1 		410 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3377
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132541
x-xss-protection
0
server
cafe
etag
15229329507080665565
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 01 Oct 2024 06:03:44 GMT
bg3.co_1695642730139.js
cdn.unibotscdn.com/clientdata/js/ 		667 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-662
cdn-cachedat
09/26/2023 10:16:02
cdn-pullzone
873945
last-modified
Tue, 26 Sep 2023 10:14:53 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6512af1d-29b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
402aa38e56c9017e397436a7358eab26
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
/
pro.ip-api.com/json/ 		119 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
866a536f9b7b40e6e94f02cb5381f054c127c0329ebb41f20597a2b37ea22c64

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 02 Oct 2023 07:00:01 GMT
Content-Length
119
Content-Type
application/json; charset=utf-8
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-680
cdn-cachedat
09/28/2023 14:29:50
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
e3deff98da6e582e5ff79330817d335d
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-165
cdn-cachedat
09/22/2023 13:07:19
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
6b74c0ffe29a65b9d74372453aa7e192
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-662
cdn-cachedat
09/28/2023 12:52:20
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
de8a4b0eed56c94df17e82166b0f6e31
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
cdn-edgestorageid
1078
cdn-storageserver
DE-680
cdn-cachedat
09/28/2023 12:54:34
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 05:21:29 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e83a59-1333"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
89466ac67521c2f124345307ffb2ac15
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f10.1e100.net
Software
sffe /
Resource Hash
dea582ef1baf5e03535a91a5b3dc94658a3622fe76b34aa07634a7f3078ca007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125651
x-xss-protection
0
expires
Mon, 02 Oct 2023 07:00:01 GMT
container.html
38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E0E5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:00 GMT
expires
Tue, 01 Oct 2024 07:00:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 94C1 		492 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=123982773364500&correlator=4464055763277363&eid=31077098%2C31078264%2C31077231&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1696230001485&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=93sbi8vu1dq0&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1466863490.1696230001&ga_sid=1696230001&ga_hid=623075134&ga_fc=false&dlt=1696230001103&idt=358&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
21ba3174442c248be25b8a8fccb1b161af2cf9db4afb3190e532e10aa0bf6e2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2949c0199b434f97f74158b7d78f440a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 470A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2949c0199b434f97f74158b7d78f440a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:01 GMT
expires
Tue, 01 Oct 2024 07:00:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9E77 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:00 GMT
expires
Tue, 01 Oct 2024 07:00:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 36C8 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2a6874083f0e1ba2b7e1342b75200cadcaa71b754b1b844f00120eafad14b1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 01 Oct 2023 09:57:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10609
Connection
keep-alive
Content-Length
10474
Expires
Mon, 02 Oct 2023 09:56:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 53F3 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNVHUch6M-qf2EwJHZwkXreh2e7lj3y6eP3tAz5gdKoSzelmDBpx6JnlU3SAs1PPwQOv2Pg0wqTItR9dv4p0kmtmIU4rtg
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E0E5 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 07:00:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0E5 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJdWw1RuN1kJFQ5qL0DZLOyxySGBlbHU9H_16O3TkcdM6K9v8u4h1CoM7ix3A9p6CUv6O2HDxGfxJNH6Y7_Too0LeI9cjjBnaTmwm_JF2KqAJuG_U
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0E5 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6234372808269580621&x=1&ct=77
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame E0E5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
1707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 06:31:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame E0E5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
51064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame E0E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRArKrAt6JOLoVNfdyi4wJSeoWEsB095JVFof0X0T4DkgMZUEpECGfJYR-4XSnFbVoDzp1AJbLyZJpdbTtiuC5XSzH_Ow
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E0E5 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Oct 2023 07:00:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5C9B 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3f37d46b08205e8b1400156c75b371a30ed82a7c393d719971905edf39b7360e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50891
x-xss-protection
0
server
cafe
etag
5941193967723680594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 07:00:01 GMT
pixel;r=233920774;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb092...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=233920774;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-896247855-1696230000903;pbc=81e48bc4-b180-48e4-a141-a483b4a85926;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1696230001564;tzo=-120;ogl=;ses=38ce81ff-bc73-463c-8265-aa055e3205e6;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
css
fonts.googleapis.com/ Frame 9E77 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 06:58:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Oct 2023 07:00:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 9E77 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 16:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
51065
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 16:48:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 9E77 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
1707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 06:31:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ECE5 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
84087
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 07:38:34 GMT
etag
48472445140208031
expires
Mon, 02 Oct 2023 07:38:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 9E77 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
51064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame 9E77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTswZ7uMma9os86z88vcQQoTXgOoiyOwAFOTcCaVwhsb0kyiXcvIVxHHSXLiavfnDBsQ_piJrrq5mg0Vl7o7UG_rT5mdg
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9E77 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Oct 2023 07:00:02 GMT
fda82c26911938d9c7ca79f9220f8b0c.js
www.gstatic.com/mysidia/ Frame 9E77 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15328
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 10:18:01 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
27eefc7344a7a0b111b1e17c53e133d4a28defa92c944d4354702c7869f38136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91484
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 02 Oct 2023 07:00:01 GMT
data=_UYxdZFohoLnhS0yxWqW0h8kP1Q3pYy2CY58s-K2n4WJ7JwneSDj1nRfR2zRzUDEnsM_SbB5tVLATnzfurpNFA
mts0.google.com/vt/ Frame 9E77 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=_UYxdZFohoLnhS0yxWqW0h8kP1Q3pYy2CY58s-K2n4WJ7JwneSDj1nRfR2zRzUDEnsM_SbB5tVLATnzfurpNFA
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
99f592812d5f7c7fc4bb3a6eaff505d0483788bc7273afd762c94b2d675be754
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53507
x-xss-protection
0
x-server-version-bin
CggIBBDiptSoBg==
server
scaffolding on HTTPServer2
etag
07a71ab1f434b19a2
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
expires
Mon, 02 Oct 2023 08:00:02 GMT
truncated
/ Frame 9E77 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9E77 		465 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9E77 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9E77 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/getconfig/ Frame 94C1 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6d9f588174bbbb03008b55f27b3aa0d2f5203d4a9f1726368a49ad53a02da0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12179
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 36C8 		7 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 07:00:01 GMT
x-amz-request-id
QGKR13PZZQJQBXVH
age
823
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
1qtQVxWi/DHISGBHIO99deg4ePVGlY/71vCcXWbIc/jfDAWUGJ4XlnjrYRO633VuuJhSs6lOt9I=
x-served-by
cache-ams21063-AMS
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1696230002.891097,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1292
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Mon, 02 Oct 2023 07:00:01 GMT
x-amz-request-id
VQM60MBKQFQCY8SS
age
12636
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
c0fAurhn9vBgbP8wnJn2qGbHXMl5w9VV2jDxhusPnM555o+lMkYVqeqQaj6/ZFBDYNqAhNcfUlc=
x-served-by
cache-ams21063-AMS
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1696230002.891072,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
7
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2269
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9E77 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:04:01 GMT
x-content-type-options
nosniff
age
179761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 05:04:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0E5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4701300102774&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0E5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4701300102774&version=m202309120101&ct=77&x=1&cor=6234372808269580000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E0E5 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDH_sBWERsOelNDyDObyAgWh7phcWzQ45cLbDNYWHmQyhqNOVOOY1cBOYpr76bm4ddLfZgx6mOIIemrhJWWU_pUeHoCGenrMhmQdWvqpJc2ZbN0GcbP4kuczdKCTtzq2PfzXk6E3IysKXAoM-dPkDFQYueF9lVO1OLfVcoJNoQTjPxpi8&cry=1&dbm_d=AKAmf-A3HN2-SbSWJK_TCTYNQRAqDBjAL2Vg2DRucuXryCJm_RB4gshnyBcTXSwb-VLEPCtnvUNTM-ndxlOIbOx_fa9Qy4aWPqxc1VzUBwfxFQJHJmsHUzVwo0fgYK_N0LrU75vooRN-RqBdOtuWQBp_vMZifuMOgZlHZcNWTLTSoeG8SMykwGK357hnPi97cLHzZFOwgw0dJmpq6jgzFB2g-lujPfW7BJpJ3wHM0p9ufNqQdb9tZ3776j3zA4-VCdmGwtiUNtTf2dYH8r_k-HHfLnfObUFhZB75uZ9EHhsCkNBN-uuLQ0COknnKqhpYfEmx8fiY6s2_sxETobkovcIIY9YgZgSaCQaQu_KX0dV4mPitQUN8Ysvb4WWH0kisWd6f24BwubM51zXl3XFFoY4G_VSaDfxRZOHDi6i9Gqfk0mPLjzyHcQqYjONcUeBUQtc0OsGRNlwoGXRAwu8GO-Ur_fX-z-TDUFz4lwJO8_CDfSXrRY9e55yMO9MHAUYOuknk5RXDGFUOCNa1CfQuxH3NPd8-Dkwlmhmz9_ufTY749UnfxW2OrMV224FwGhGepNO8yPuPDReDZ_zPGM2nrPE7nsKophQkSMUHY1eZ-7e4yy6mjFJioBdjPaTEiEEVjjPM_5k-d3zCOSrk16vXATpTdIuErYBeBY-F1fDSTEOMoEt3dl9LGf1vHbODtOnEFFiAiE9DckonmZdh84tdv64UOCWgAwnYkG0E5xtnCIoEkMPvjA-UKX2_mY4nZ1EM3zoxEYTvxi2I-YR1xqCcsym1bqZd8q0toi4PvcmvdveMEhWbktwRo33pI63sdYhh_UEKmQ81XIc6AXMo8jnl2Q5RaG5BkpzAJQWKN5RNUDLmjdJp74CQoAHov2i6mAjQrHh-vapRiPop3GYnEGy6KY9wWlz88gY9_BOsEkP3sWLONKUs51OGNBCtmYhfQP4EYSsaf2nv31b5tEsmtXRdZkW-q81MWTtpO9L2HBs0eW5F34dOVGQEtQs1uc8broil2fAJvg-GfckRm0SfoLQv8C8_Z9XbKsRnilHxSnp_gl9-CxSCjV9GsRcGKAoDwu6jnD3KkfW1l9Dal_4gYnklLuJf2yhZt7FDhqFgsUKWzNFDbknosMNX-dUFCwrIuX2sJ8gjx914SvuK5GETLw8nHjk7JdwXfz_Qx1R1u6-kWWTLRUU9CqEFM2d-sbf0KvrfK0XUkKH78ZZ6w3cC7XVF_ELdmibBKuztFHS8PPTVlhKwOF2tXPARAEMSMbnb5EiziL9xotwShT1vOKf4IyLRKxR7oVdL2TWxbqR42kkxC1tHqdrca_9h3rlSCnVmRzFmjX8NBbVJqc93IngJ94RxUTnPRzTrFjCJBhJgvgujSDmjGvwIQD2SA39fFmLU4xEfl2lQvI1Lspq0-GIQEqvwitGMr0sZbmV-Jp-qohAvTEog3UJ_cIo4-xi2PEYFHXoHKHoeDJH8Ivmis3Upw4q6DlpiF0pBFgQ73ZuulvuJHcAQj0a7FOB2Tk-BaYiY4K7C_qi3aeYwJddPX3kCgY-b0Btki6czGXTv2WX0fS9_f9_ITyFxDZVIt_Jc2yPJNzcnzNmhWBxFKQz9kxve4cicwG_87DwzCz2E2080pWPdmcdUxVxL8ogG9i8Xnd36naX__nMCyjzOWnmyhq7AjT7UbHm-ry14jGnGuBY3aZTM6LnUSnxSM5JFb9OEqdyth5rxN00lduDF9UC2A5y6ddt9VduzYOffJVa-FTRJpTYAuyHq7qtMFN9XSe77rUege0RWNw9XbkQpSmjiG8tMDPsTA9w0q-0-I9KCUISf0faHIYZL-3nOr85ErKfQwZv6TByIASL-oYl_JQdnnKzUXidtlQPxQQxIfjLwFTNJ7Ino4OmJMXC5AA6gKWve3O2AatXmpx6LXc6fyXRWi-4FdU3fdpdYkmvVABs5A6mxIMeCt5uv9fawJFU7nzsB8cvGfebvz3hvIR1vapj_wS_oYfDKNwFja8KxPxboJdTIeGNYTfeoDYH3lVm22ReCh5Vor-SinfFYc0brKD7rz-GnYPQPM9wu4WOMRoRdNA81kNs104xIf4apkeQDovg0yfkIlqqyaiDeAHudkgoAwdMom5DwyXnppKJFhUrh5NuYK6kcWuLTmvAnPH3YPldE76ah03Npz1JFRcVuJBkQpCLFMjpqoDb6ucx_pPi5lM12BvLLKS_qL3Nrwg6oAXw58TgOCdERqThC95cEuZnOreAM_sz_ZK-koD2fUMkK9x05JykRPhDyXtRpHk1QhE0D4Wl1Es8EtJLtIWUoQ-9gKa3-skQrBhPtSjTW1x0Wfy71Fx48azhiO4_TW7Atm-bbb2FxiZyHd--2gjV6Myj97SSB262NzIyjbWAW9CSMvMzH8Dv4TMQ2hrUyL8bUe5vi85DIPyoz2N_836uuTTdZsLpYod-rzvEBuWevIaO-R2OZAgNj320yCki_-wBopvt6kYusK6DUyHjK_2lve4mYm0gGOBtViMS32PPppQnUUxRdvKB371UANzoWv0E3CFS9YdNYKw_tNCWk0DFb9kC3DwZ3JBnE4WEovOBlbNUsXqJvZhnSRTIC_ZC7UJRHZVaN8KsLLDSnTQ05RPKOSfX9pA3LAbvO6NXLuDkgbwrdGnZ0P4NaZRYEpIsFXe1CHXaeydkz06hx9-LNruMvLM2eGa3NCZ2K8qb1Mu6mVWl21tMVIljueubTesaoyLBs1BjrvpCpCxOTbexuJz3vV16P8_vez01SItqbGKrSyDJdI0x5EtzMcFkbxBzf1HTyLpb3qNJGLGbA08dgDkBZz8C9NeKD8LfReGNzXKfHOb0BZoMbqRjQmkHWr0AVNgATtbLlhcsAJJ0SYPmO-vF_rAHTxdJnaH-SU1kMQGtYNmaM7XOPJZfT-RhXRhO8V0GD3m25ZeRDsSNy10J1qreOcbN9siKnZCn-q1s9A5Z5ZHE8uDH_HW3Ll-tSVmsgsu5MkM8wwQZq6ucLRNvlVIgHBFIv1fKUdRyPS5qQj--x_yy8bWMy5B1yr5AKV_awtnmJMCJmaZpYQy81aK0fs7OO2b-hof44nxmbkZ3IqI_SHWNY92zpvXjrly8RRBlmfa5rrWZXefIUOE3zNGl_aRGJcdDsKnnANAuEbd-0fyvnieVz0Yr23xQ1SrXMPm76S4Lw7_iWnGlhBvqUEDgvnLwBWdtX9GslFysRthO3vc5gGrIiZeJRU0VhD_GrFPRDLLi-xWmoDFAC7As7R-WpV2pQrYiqvDjaNO4R6SQaHR2lgDhH46JmkdRwpIbMNcWTCUH0tcItbJU5PbM9vzxVG_EfJG2TZdyb0GJwummii-Fv6Yx7H2qUuhUxFgymjazxOV6VsbUSzVwHXYarUnMbshS6HPfFDBXYA-30-CMcJrOB7KfMOtTr1pjrAcT1WjDal_g3uin2IZa_y2aSaxmmCZ6dtB58Ot9JuSsmql2hSpsHgLIkklF2WujKN8RW5OFwjzf0KhzVff_Tgt7s8HCiQMvbUgRBkEVZf7aSLbP_O0iweEvpE2W5BGus2QFSF_qewswmC5fFhzmzBA4QWEOd3P8ZtAfXxfkh73opvM7XztMp29oeuJY5dsV7c_Ah-sPTL3jBMCUvsDKarvyjlXLTp1lbR-4S8dwhuN-IHnyVmZnIIOR3KDzYq6-qAJGZHk8-EEBihh_d7xXS2OwAJwFIfpgcFduW3BeQoaBuKb-nts7T8ylc2S_X9gxT0pLlgveo1dWAOhzUkAblESAM5EJoDWG8-y1QvAiZ4X4TnY6Ipj9wxhu_MMGW-hMhQWq6tI7jqZja63Xz60CqyeQnl2qjOilR0o3f2PTxLVciRbByNPIkZSt8FMPjksJ1atmB61kEfdttuxyX6AAGG4mcidqnLhm4akEGOMqKE3Xy8NzvXgr5FwofboHH6lPRIwRi8C59dIsEdsUCb9pJHKlk7yK-QtDr5c0q7-LBGHXaWGU-74YpHAKm-oYUBH5W6isNgq0uyfh9dlYssFJ5-BlNTpT713QG_FgCXuzVuAkrkXhpRElvopHxWQWok9r2Bjtz_yxuKz5wL0GY1nSJDXlLILFzkMKu11Y-tKGf3dVOgUp58QOpwsNE5mh4f6uDxHs5NXTZGTXlRnM&cid=CAQSPADICaaNgLDcwc617zZ-U_aeaePv7KJaadj_PKnnuP4kH1FS5cEdLeSDTRNJMS0NCBxO-UalBjh5N_yyjhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=6234372808269580000&adk=2857193498&idt=145&cac=0&dtd=41
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7bc0bfb1d50197a581f0f5905de6da3f1a8d82f7e31cf722ebbbbf77682535f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12054
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ECE5
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEBDmkAmX4mPVB0-hWf6bWy8&google_cver=1&google_push=AXcoOmRmU9_FZFS6jzkmF03v1UXK2vnR-0G-b1qpIG5V18UEJ-6fBjy34ZaKa2vW-DXMHlN5PnU6ADBBuY69ndMg3icOWcvircrAvQ
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OThCQTAzQjU2MDY1MzhFOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OThCQTAzQjU2MDY1MzhFOQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OThCQTAzQjU2MDY1MzhFOQ==
date
Mon, 02 Oct 2023 07:00:02 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame ECE5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENWg0sPrEzJjrYMd-C1BQZE&google_cver=1&google_push=AXcoOmQKJUlYVv_JAfrYwKXQ5EQWIyp_rsmrgbdhhs0fL8c3Eraz3eJtFcRDaSWWDZxoj1l8yNSysQGdLsPyh51w5kP9Z1Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQKJUlYVv_JAfrYwKXQ5EQWIyp_rsmrgbdhhs0fL8c3Eraz3eJtFcRDaSWWDZxoj1l8yNSysQGdLsPyh51w5kP9Z1ZsxE6fuQ&google_hm=eS1vTVJsbzJSRTJwR0cz...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQKJUlYVv_JAfrYwKXQ5EQWIyp_rsmrgbdhhs0fL8c3Eraz3eJtFcRDaSWWDZxoj1l8yNSysQGdLsPyh51w5kP9Z1ZsxE6fuQ&google_hm=eS1vTVJsbzJSRTJwR0czcDJ5aVVFeGg1ZTd5QVdBRFZUTn5B
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 02 Oct 2023 07:00:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQKJUlYVv_JAfrYwKXQ5EQWIyp_rsmrgbdhhs0fL8c3Eraz3eJtFcRDaSWWDZxoj1l8yNSysQGdLsPyh51w5kP9Z1ZsxE6fuQ&google_hm=eS1vTVJsbzJSRTJwR0czcDJ5aVVFeGg1ZTd5QVdBRFZUTn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame ECE5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTMt6Oyj7iSM5VGF9yzRgUejji6lbPpa9_Op-pK3M0bfqEE79Dw7lXB6UAnu94dGoGrlXI5mwqrx1avbsuVRDjOaIMq-R_K3w&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-7d4ae2d3-1998-42b9-b449-d490f15c7427-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTMt6Oyj7iSM5VGF9yzR...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTMt6Oyj7iSM5VGF9yzRgUejji6lbPpa9_Op-pK3M0bfqEE79Dw7lXB6UAnu94dGoGrlXI5mwqrx1avbsuVRDjOaIMq-R_K3w&google_hm=A31K4tMZmEK5tEnUkPFcdCc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTMt6Oyj7iSM5VGF9yzRgUejji6lbPpa9_Op-pK3M0bfqEE79Dw7lXB6UAnu94dGoGrlXI5mwqrx1avbsuVRDjOaIMq-R_K3w&google_hm=A31K4tMZmEK5tEnUkPFcdCc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTMt6Oyj7iSM5VGF9yzRgUejji6lbPpa9_Op-pK3M0bfqEE79Dw7lXB6UAnu94dGoGrlXI5mwqrx1avbsuVRDjOaIMq-R_K3w&google_hm=A31K4tMZmEK5tEnUkPFcdCc
date
Mon, 02 Oct 2023 07:00:02 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7d4ae2d3199842b9b449d490f15c7427003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame ECE5
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPFW9CE0VCwvL60yUlYoM9c&google_cver=1&google_push=AXcoOmSUYogSMLLxI-VXhlI9QrgMuX8tTLNcdKjHweREyj9_jM8YBRmy389i1v5fqszTVv0wXhn3tqiF5OgwUnimBwlMD6v3A5...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSUYogSMLLxI-VXhlI9QrgMuX8tTLNcdKjHweREyj9_jM8YBRmy389i1v5fqszTVv0wXhn3tqiF5OgwUnimBwlMD6v3A5d...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyNDMwODA3NTA4ODg2Mzc1NDAxNA%3D%3D&google_push=AXcoOmSUYogSMLLxI-VXhlI9QrgMuX8tTLNcdKjHweREyj9_jM8YBRmy...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyNDMwODA3NTA4ODg2Mzc1NDAxNA%3D%3D&google_push=AXcoOmSUYogSMLLxI-VXhlI9QrgMuX8tTLNcdKjHweREyj9_jM8YBRmy389i1v5fqszTVv0wXhn3tqiF5OgwUnimBwlMD6v3A5dIew
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyNDMwODA3NTA4ODg2Mzc1NDAxNA%3D%3D&google_push=AXcoOmSUYogSMLLxI-VXhlI9QrgMuX8tTLNcdKjHweREyj9_jM8YBRmy389i1v5fqszTVv0wXhn3tqiF5OgwUnimBwlMD6v3A5dIew
date
Mon, 02 Oct 2023 07:00:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame ECE5
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECCRjeGgE3U2x2jmvj5OG9E&google_cver=1&google_push=AXcoOmQYAZj_DTEwbyDvw6pOBNzC4XUaL13BFeQvpGextp-RUm7lyDg-YIx1licggtBayiLFhCY1i...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQYAZj_DTEwbyDvw6pOBNzC4XUaL13BFeQvpGextp-RUm7lyDg-YIx1licggtBayiLFhCY1isuim10upu0cyBZwKVCjFqpADw&google_hm=WlJwcWM4Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQYAZj_DTEwbyDvw6pOBNzC4XUaL13BFeQvpGextp-RUm7lyDg-YIx1licggtBayiLFhCY1isuim10upu0cyBZwKVCjFqpADw&google_hm=WlJwcWM4Q281cjhBQUZDNXViTUFBQUFB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 02 Oct 2023 07:00:03 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESECCRjeGgE3U2x2jmvj5OG9E&google_cver=1&google_push=AXcoOmQYAZj_DTEwbyDvw6pOBNzC4XUaL13BFeQvpGextp-RUm7lyDg-YIx1licggtBayiLFhCY1isuim10upu0cyBZwKVCjFqpADw","cluster_id":0,"gdpr":false,"ipv4":"84.227.125.228","key":"ZRpqc8Co5r8AAFC5ubMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad374"}
X-SO-Key
ZRpqc8Co5r8AAFC5ubMAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad374
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQYAZj_DTEwbyDvw6pOBNzC4XUaL13BFeQvpGextp-RUm7lyDg-YIx1licggtBayiLFhCY1isuim10upu0cyBZwKVCjFqpADw&google_hm=WlJwcWM4Q281cjhBQUZDNXViTUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad374.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40001.dc2p.scaleout.jp
X-SO-IP
84.227.125.228
v1
match.sharethrough.com/E4rooAtA/ Frame ECE5 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHUGISYwzV5qBhvpToBW774&google_cver=1&google_push=AXcoOmQZws5621ByCQJd-FIMtay8eojq7wRy1PUI0YFynN2Bmx2LBl1AGvgh0b2-rdhTvtuv_uSy6OqdKK30gdRDIuvCMK-4b0TXcy8
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.247.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
dot.gif
s0.2mdn.net/ Frame ECE5
Redirect Chain
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEBnKXlAmUUrpSr0U2bNTfrQ&google_cver=1&google_push=AXcoOmT9am-cPVgmrF-_ZimAxno8Lc4Raa5nwbUTYareq1bLy6QjHYJgG1qKWFzcss9EINP8PhEuePK0s_fXf2Ku58Ot...
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEBnKXlAmUUrpSr0U2bNTfrQ&google_cver=1&google_push=AXcoOmT9am-cPVgmrF-_ZimAxno8Lc4Raa5nwbUTYareq1bLy6QjHYJgG1qKWFzcss9EINP8PhEuePK0s_fXf2Ku58Ot...
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NzJhNWZmOGZlNjVjNGNhNA&google_push=AXcoOmT9am-cPVgmrF-_ZimAxno8Lc4Raa5nwbUTYareq1bLy6QjHYJgG1qKWFzcss9EINP8PhEuePK0s_fXf2Ku58OtNJi...
  • https://sync.gonet-ads.com/match/google
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NzJhNWZmOGZlNjVjNGNhNA&google_push=
  • https://s0.2mdn.net/dot.gif?google_error=5
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 20:39:20 GMT
x-content-type-options
nosniff
age
37243
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Oct 2023 20:39:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame ECE5 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAseynVKuPLdRhD6v-UB0avht-yOEDVdPRWLOoPEy3x-S7l8BwypyUtKbUCU8efnrPv2PdUUM
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/ Frame 5C9B 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078216
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
56605862bcd66320a8520bd902e2b6f73472e9ffc19dc9a7e3b0829550767aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131748
x-xss-protection
0
server
cafe
etag
7352530951411076373
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 07:00:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame 66A1 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
52074
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 16:32:08 GMT
etag
2603938475786422795
expires
Sun, 15 Oct 2023 16:32:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39r0&_p=1194065067&cid=404882103.1696229999&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696230002&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&dt=MLB%EF%BC%8F%E8%8B%A5%E7%B0%BD%E4%B8%8B%E9%81%94%E6%AF%94%E4%BF%AE%E6%9C%89%E3%80%80%E9%81%8A%E9%A8%8E%E5%85%B5%E8%80%83%E6%85%AE%E4%B8%8D%E8%A3%9C%E8%8F%B2%E7%88%BE%E5%BE%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-ams21031-AMS
date
Mon, 02 Oct 2023 07:00:02 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
video.min.js
vjs.zencdn.net/7.11.4/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.11.4/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-ams21077-AMS
date
Mon, 02 Oct 2023 07:00:02 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 16:37:54 GMT
etag
"dca7de69f28da40d65353c2e9323442b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
148475
x-cache-hits
423
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=cc720391-f959-4335-b961-e491463fccdd-tuctc13efef&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 02 Oct 2023 07:00:02 GMT
cache-control
no-store
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 36C8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LN8JJP2C-I-DSRO
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LN8JJP2C-I-DSRO
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Mon, 02 Oct 2023 07:00:03 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
cookie.js
partner.googleadservices.com/gampad/ Frame 5C9B 		210 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
5636bce946d393ea64cf243be306459731c580d701764e240d3850b777b159cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2DF6 		94 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9356f733a4d1af19e8fb3dd78dcf8dc431f00c56cbc6ec1da353c4eeedf9615d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
34958
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:03 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 53F3 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNVHUch6M-qf2EwJHZwkXreh2e7lj3y6eP3tAz5gdKoSzelmDBpx6JnlU3SAs1PPwQOv2Pg0wqTItR9dv4p0kmtmIU4rtg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 53F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1&C=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNVHUch6M-qf2EwJHZwkXreh2e7lj3y6eP3tAz5gdKoSzelmDBpx6JnlU3SAs1PPwQOv2Pg0wqTItR9dv4p0kmtmIU4rtg
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KL6SYYtfpPFftgWuS3DAwCE%2B%2BJ2FYrBmWslIAsa2v1YCskxfBNvasi0xxCiDAtkpz54ipgjDKhKlUyP8Q0vnHD2sN3v3GbEplWlBvyhv4nGr05wtmwMFIVlOYBeFa8nA2dlWRWu25HPPnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fb10ecc97601e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cX5W7f3ObNeXxiK%2Fu8lRIFnizXB3edMGEHNsCKa2hjBKyslOlbuhPXfbPCq1ADFlcO1R87CKEH%2FnAVto%2Be9iu%2B6Y9lR7xR8dUylXSiMHV8tNgmDeVMxOK0LPYy83nkM4pUSK1XidoXKFpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1&C=1
cache-control
no-cache
cf-ray
80fb10ebfa0603c3-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 53F3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRpqciJIlSG43JjPQKHxEAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNVHUch6M-qf2EwJHZwkXreh2e7lj3y6eP3tAz5gdKoSzelmDBpx6JnlU3SAs1PPwQOv2Pg0wqTItR9dv4p0kmtmIU4rtg
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtI7mh%2BqsYZkOkiPjTUpqNpUSZCUETNOEfLPYBeXX%2BjULnrVsnDIcRjjFKIsewCLv%2B30a7Y%2FTea1dBIi6NjutbJYlmE4ai%2Bo13gPA%2FYM%2FgpyrHzKcvsKSLwhi0OlzoFIbrauXDd9ubBENQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fb10ef3e9e01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFA4RcIvHGel4qIfSsIPRAM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 36C8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 36C8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE44SkpQMkMtSS1EU1JP
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPlPrZdkZxDgVEPN5sW7ma8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE44SkpQMkMtSS1EU1JP&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE44SkpQMkMtSS1EU1JP&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE44SkpQMkMtSS1EU1JP&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 36C8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/I2SZ44WrpqRJ7tvemPiAJw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cOs52E1E2oIPSTWy.U4gQRbbji6ZtFit9NuMuA--~A
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cOs52E1E2oIPSTWy.U4gQRbbji6ZtFit9NuMuA--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 02 Oct 2023 07:00:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cOs52E1E2oIPSTWy.U4gQRbbji6ZtFit9NuMuA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 36C8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eBgklbmnQMaJwwK3ntzYMA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eBgklbmnQMaJwwK3ntzYMA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eBgklbmnQMaJwwK3ntzYMA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DFP89S5G8FWKMCGE5CKA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eBgklbmnQMaJwwK3ntzYMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 36C8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN8JJP2C-I-DSRO
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN8JJP2C-I-DSRO
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 85A75CCC5640427DBBE3CB864E9E4194 Ref B: GVA30EDGE0118 Ref C: 2023-10-02T07:00:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYGtlLOxHq2TRbORqbbUA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN8JJP2C-I-DSRO
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 36C8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzFjMWQ2ZWYxZGI4NDljYzQ1OGIzY2I0ZWI3ZGJmZTEzZDQ0N2IxMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzFjMWQ2ZWYxZGI4NDljYzQ1OGIzY2I0ZWI3ZGJmZTEzZDQ0N2IxMg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzFjMWQ2ZWYxZGI4NDljYzQ1OGIzY2I0ZWI3ZGJmZTEzZDQ0N2IxMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 36C8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1jxB1DiSTUOm-L9PniaYSA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1jxB1DiSTUOm-L9PniaYSA
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1jxB1DiSTUOm-L9PniaYSA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SXAVE3NE17KWG3SN8DSD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1jxB1DiSTUOm-L9PniaYSA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 36C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENurYu4GDqQiRpBRogr4sKU&google_cver=1
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENurYu4GDqQiRpBRogr4sKU&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENurYu4GDqQiRpBRogr4sKU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 36C8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHiKk7KNNUAABjogNULsQ&expires=30
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHiKk7KNNUAABjogNULsQ&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHiKk7KNNUAABjogNULsQ&expires=30
Date
Mon, 02 Oct 2023 07:00:02 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
liveCS.php
live.primis.tech/live/ Frame 36C8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN8JJP2C-I-DSRO
0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN8JJP2C-I-DSRO
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Server
13.32.99.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-61.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:02 GMT
content-encoding
gzip
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
vMZBL-qd6g-vhS1O9lNfjx8w1ldPNu9LKt8AnYMA4hYLgFZ5j9mRqg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN8JJP2C-I-DSRO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
cksync
hb.yahoo.net/ Frame 36C8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN8JJP2C-I-DSRO&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LN8JJP2C-I-DSRO&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1lZnZVTUNwRTJ1R1FKTXpCT2tGTWZHVE5KdW1CTmRJNX5B&ovsid=LN8JJP2C-I-DSRO&dpid=58160
53 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1lZnZVTUNwRTJ1R1FKTXpCT2tGTWZHVE5KdW1CTmRJNX5B&ovsid=LN8JJP2C-I-DSRO&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Server
23.48.23.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 02 Oct 2023 07:00:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 02 Oct 2023 07:00:03 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1lZnZVTUNwRTJ1R1FKTXpCT2tGTWZHVE5KdW1CTmRJNX5B&ovsid=LN8JJP2C-I-DSRO&dpid=58160
date
Mon, 02 Oct 2023 07:00:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 36C8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=78a92d03-eaeb-4451-b729-925419b6a25e&expires=30
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=78a92d03-eaeb-4451-b729-925419b6a25e&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=78a92d03-eaeb-4451-b729-925419b6a25e&expires=30
Date
Mon, 02 Oct 2023 07:00:03 GMT
Connection
keep-alive
X-CI-RTID
a8275c2a-84ac-4ae0-b24f-3b04f09f9082
Content-Length
144
Content-Type
text/html; charset=utf-8
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E0E5 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDH_sBWERsOelNDyDObyAgWh7phcWzQ45cLbDNYWHmQyhqNOVOOY1cBOYpr76bm4ddLfZgx6mOIIemrhJWWU_pUeHoCGenrMhmQdWvqpJc2ZbN0GcbP4kuczdKCTtzq2PfzXk6E3IysKXAoM-dPkDFQYueF9lVO1OLfVcoJNoQTjPxpi8&cry=1&dbm_d=AKAmf-A3HN2-SbSWJK_TCTYNQRAqDBjAL2Vg2DRucuXryCJm_RB4gshnyBcTXSwb-VLEPCtnvUNTM-ndxlOIbOx_fa9Qy4aWPqxc1VzUBwfxFQJHJmsHUzVwo0fgYK_N0LrU75vooRN-RqBdOtuWQBp_vMZifuMOgZlHZcNWTLTSoeG8SMykwGK357hnPi97cLHzZFOwgw0dJmpq6jgzFB2g-lujPfW7BJpJ3wHM0p9ufNqQdb9tZ3776j3zA4-VCdmGwtiUNtTf2dYH8r_k-HHfLnfObUFhZB75uZ9EHhsCkNBN-uuLQ0COknnKqhpYfEmx8fiY6s2_sxETobkovcIIY9YgZgSaCQaQu_KX0dV4mPitQUN8Ysvb4WWH0kisWd6f24BwubM51zXl3XFFoY4G_VSaDfxRZOHDi6i9Gqfk0mPLjzyHcQqYjONcUeBUQtc0OsGRNlwoGXRAwu8GO-Ur_fX-z-TDUFz4lwJO8_CDfSXrRY9e55yMO9MHAUYOuknk5RXDGFUOCNa1CfQuxH3NPd8-Dkwlmhmz9_ufTY749UnfxW2OrMV224FwGhGepNO8yPuPDReDZ_zPGM2nrPE7nsKophQkSMUHY1eZ-7e4yy6mjFJioBdjPaTEiEEVjjPM_5k-d3zCOSrk16vXATpTdIuErYBeBY-F1fDSTEOMoEt3dl9LGf1vHbODtOnEFFiAiE9DckonmZdh84tdv64UOCWgAwnYkG0E5xtnCIoEkMPvjA-UKX2_mY4nZ1EM3zoxEYTvxi2I-YR1xqCcsym1bqZd8q0toi4PvcmvdveMEhWbktwRo33pI63sdYhh_UEKmQ81XIc6AXMo8jnl2Q5RaG5BkpzAJQWKN5RNUDLmjdJp74CQoAHov2i6mAjQrHh-vapRiPop3GYnEGy6KY9wWlz88gY9_BOsEkP3sWLONKUs51OGNBCtmYhfQP4EYSsaf2nv31b5tEsmtXRdZkW-q81MWTtpO9L2HBs0eW5F34dOVGQEtQs1uc8broil2fAJvg-GfckRm0SfoLQv8C8_Z9XbKsRnilHxSnp_gl9-CxSCjV9GsRcGKAoDwu6jnD3KkfW1l9Dal_4gYnklLuJf2yhZt7FDhqFgsUKWzNFDbknosMNX-dUFCwrIuX2sJ8gjx914SvuK5GETLw8nHjk7JdwXfz_Qx1R1u6-kWWTLRUU9CqEFM2d-sbf0KvrfK0XUkKH78ZZ6w3cC7XVF_ELdmibBKuztFHS8PPTVlhKwOF2tXPARAEMSMbnb5EiziL9xotwShT1vOKf4IyLRKxR7oVdL2TWxbqR42kkxC1tHqdrca_9h3rlSCnVmRzFmjX8NBbVJqc93IngJ94RxUTnPRzTrFjCJBhJgvgujSDmjGvwIQD2SA39fFmLU4xEfl2lQvI1Lspq0-GIQEqvwitGMr0sZbmV-Jp-qohAvTEog3UJ_cIo4-xi2PEYFHXoHKHoeDJH8Ivmis3Upw4q6DlpiF0pBFgQ73ZuulvuJHcAQj0a7FOB2Tk-BaYiY4K7C_qi3aeYwJddPX3kCgY-b0Btki6czGXTv2WX0fS9_f9_ITyFxDZVIt_Jc2yPJNzcnzNmhWBxFKQz9kxve4cicwG_87DwzCz2E2080pWPdmcdUxVxL8ogG9i8Xnd36naX__nMCyjzOWnmyhq7AjT7UbHm-ry14jGnGuBY3aZTM6LnUSnxSM5JFb9OEqdyth5rxN00lduDF9UC2A5y6ddt9VduzYOffJVa-FTRJpTYAuyHq7qtMFN9XSe77rUege0RWNw9XbkQpSmjiG8tMDPsTA9w0q-0-I9KCUISf0faHIYZL-3nOr85ErKfQwZv6TByIASL-oYl_JQdnnKzUXidtlQPxQQxIfjLwFTNJ7Ino4OmJMXC5AA6gKWve3O2AatXmpx6LXc6fyXRWi-4FdU3fdpdYkmvVABs5A6mxIMeCt5uv9fawJFU7nzsB8cvGfebvz3hvIR1vapj_wS_oYfDKNwFja8KxPxboJdTIeGNYTfeoDYH3lVm22ReCh5Vor-SinfFYc0brKD7rz-GnYPQPM9wu4WOMRoRdNA81kNs104xIf4apkeQDovg0yfkIlqqyaiDeAHudkgoAwdMom5DwyXnppKJFhUrh5NuYK6kcWuLTmvAnPH3YPldE76ah03Npz1JFRcVuJBkQpCLFMjpqoDb6ucx_pPi5lM12BvLLKS_qL3Nrwg6oAXw58TgOCdERqThC95cEuZnOreAM_sz_ZK-koD2fUMkK9x05JykRPhDyXtRpHk1QhE0D4Wl1Es8EtJLtIWUoQ-9gKa3-skQrBhPtSjTW1x0Wfy71Fx48azhiO4_TW7Atm-bbb2FxiZyHd--2gjV6Myj97SSB262NzIyjbWAW9CSMvMzH8Dv4TMQ2hrUyL8bUe5vi85DIPyoz2N_836uuTTdZsLpYod-rzvEBuWevIaO-R2OZAgNj320yCki_-wBopvt6kYusK6DUyHjK_2lve4mYm0gGOBtViMS32PPppQnUUxRdvKB371UANzoWv0E3CFS9YdNYKw_tNCWk0DFb9kC3DwZ3JBnE4WEovOBlbNUsXqJvZhnSRTIC_ZC7UJRHZVaN8KsLLDSnTQ05RPKOSfX9pA3LAbvO6NXLuDkgbwrdGnZ0P4NaZRYEpIsFXe1CHXaeydkz06hx9-LNruMvLM2eGa3NCZ2K8qb1Mu6mVWl21tMVIljueubTesaoyLBs1BjrvpCpCxOTbexuJz3vV16P8_vez01SItqbGKrSyDJdI0x5EtzMcFkbxBzf1HTyLpb3qNJGLGbA08dgDkBZz8C9NeKD8LfReGNzXKfHOb0BZoMbqRjQmkHWr0AVNgATtbLlhcsAJJ0SYPmO-vF_rAHTxdJnaH-SU1kMQGtYNmaM7XOPJZfT-RhXRhO8V0GD3m25ZeRDsSNy10J1qreOcbN9siKnZCn-q1s9A5Z5ZHE8uDH_HW3Ll-tSVmsgsu5MkM8wwQZq6ucLRNvlVIgHBFIv1fKUdRyPS5qQj--x_yy8bWMy5B1yr5AKV_awtnmJMCJmaZpYQy81aK0fs7OO2b-hof44nxmbkZ3IqI_SHWNY92zpvXjrly8RRBlmfa5rrWZXefIUOE3zNGl_aRGJcdDsKnnANAuEbd-0fyvnieVz0Yr23xQ1SrXMPm76S4Lw7_iWnGlhBvqUEDgvnLwBWdtX9GslFysRthO3vc5gGrIiZeJRU0VhD_GrFPRDLLi-xWmoDFAC7As7R-WpV2pQrYiqvDjaNO4R6SQaHR2lgDhH46JmkdRwpIbMNcWTCUH0tcItbJU5PbM9vzxVG_EfJG2TZdyb0GJwummii-Fv6Yx7H2qUuhUxFgymjazxOV6VsbUSzVwHXYarUnMbshS6HPfFDBXYA-30-CMcJrOB7KfMOtTr1pjrAcT1WjDal_g3uin2IZa_y2aSaxmmCZ6dtB58Ot9JuSsmql2hSpsHgLIkklF2WujKN8RW5OFwjzf0KhzVff_Tgt7s8HCiQMvbUgRBkEVZf7aSLbP_O0iweEvpE2W5BGus2QFSF_qewswmC5fFhzmzBA4QWEOd3P8ZtAfXxfkh73opvM7XztMp29oeuJY5dsV7c_Ah-sPTL3jBMCUvsDKarvyjlXLTp1lbR-4S8dwhuN-IHnyVmZnIIOR3KDzYq6-qAJGZHk8-EEBihh_d7xXS2OwAJwFIfpgcFduW3BeQoaBuKb-nts7T8ylc2S_X9gxT0pLlgveo1dWAOhzUkAblESAM5EJoDWG8-y1QvAiZ4X4TnY6Ipj9wxhu_MMGW-hMhQWq6tI7jqZja63Xz60CqyeQnl2qjOilR0o3f2PTxLVciRbByNPIkZSt8FMPjksJ1atmB61kEfdttuxyX6AAGG4mcidqnLhm4akEGOMqKE3Xy8NzvXgr5FwofboHH6lPRIwRi8C59dIsEdsUCb9pJHKlk7yK-QtDr5c0q7-LBGHXaWGU-74YpHAKm-oYUBH5W6isNgq0uyfh9dlYssFJ5-BlNTpT713QG_FgCXuzVuAkrkXhpRElvopHxWQWok9r2Bjtz_yxuKz5wL0GY1nSJDXlLILFzkMKu11Y-tKGf3dVOgUp58QOpwsNE5mh4f6uDxHs5NXTZGTXlRnM&cid=CAQSPADICaaNgLDcwc617zZ-U_aeaePv7KJaadj_PKnnuP4kH1FS5cEdLeSDTRNJMS0NCBxO-UalBjh5N_yyjhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=6234372808269580000&adk=2857193498&idt=145&cac=0&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
259298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
truncated
/ Frame 9E77 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9c3fa50962370f1ae46bd5dad46d7aa7a738c6599035b456691e90aec819ac2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
so0m3m0ljrhx
hal9000.redintelligence.net/zone/ Frame E0E5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/so0m3m0ljrhx?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCprjYcWoaZevJBoTTgAek1JewB5HB0Jtp2--DktwP8C4QASC6hMAzYPWFgICIBMgBCakC5k5SORi9sT6oAwHIA5sEqgSWAk_QPn7ozUzHrrmm6rMEJNV5a-rKn5hx2rBAUrX_UXbBge4b9cvvCuIkCA_2Jrl4sMYlug3AHGBjmSkLRB_kJZYn8uCxbE7j_jvNlZel0R4IhbLRDi0ceZRI4aLz32KQfHrVv0cN3wsQjAH9e9hkVADH-RW40_0Ejxdd8h1xSrjaBQtLnkGLnbIlcwTpA7PaSb2VrPIBAjbxLHfFTawAuxZRKaWzjF-MMkpwRTPSiPAC33QukEkGr0pjRonatf3kr6tHYlEuPRw-UqzttlmdrX5z_2doaU7M5yanxXjvAzJPn9UJzjAA6A86s4Yjp-7qq8HKWL0_Zk5mUQ-4Y9a84XJipNN5mOpA-cjKXkDjP-MllhKXi3e4wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCMmksJXl1oEDFYQp4AodJOoFdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIq8axleXWgQMVhCngCh0k6gV2EAEYASAAEgJWo_D_BwE%26num%3D1%26cid%3DCAQSPADICaaNgLDcwc617zZ-U_aeaePv7KJaadj_PKnnuP4kH1FS5cEdLeSDTRNJMS0NCBxO-UalBjh5N_yyjhgB%26sig%3DAOD64_3Ri6E_DwUfyTFmDVzrK097VnHVAQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Bnvo2TuflDCGqZPCeh7RZMvpXW0mQwUWLjg1YiqwrbrvMDtl_k1sF5wTOuKw5a-c-Qt9WqUnsXZXSkSmWeSNjT1AC85pzmTWVEPsnBhf9aO6XIjv_rwR_-KAE6uTln9nEVHbAEtT4pKthZrgrHdKkMkN0CjNgWwH5_aI6W-yWTcGvW8hE%26cry%3D1%26dbm_d%3DAKAmf-Aq6OqrHHX3hhaPTVfbMbwBlVbh-S38yHD7CmkEOoG7WKOgowFnJW1rllsu6TdCQMUiY7SzfHWv3_delBvrQLvk9MyrMIEUW9A1Ep8jx3Oz5OXfX0db57wjxkSDeSkoOaSS23cVSPR1gLb6cieHZrMgAvJLecpDDEkBj2qdsPQkzkj18H4JqTZ-4_iesev6jdfwTVwV3-8j4AnfN7oUhlAIQ4Y524A-DEobvXde411Po4ffFrfviPClCTHmQEYRBvMhX3p8P4avH9xSjw-MQlxYZtmdDnkxTCC3PPEuS376uTy8tR9_0CTTBoYngxseq1bH7OdEKkbviqVzcSDnwJC-a0Xa9hxP2rVMNhfxbqN4RvTHbIXLzSbKXZfKEYaFf8_RIDIc72zS0Bzz3wgUacB0ycboVWX7lsFPwDxIyBfV6OoUJ0gnxhfaCw2u8G7Ck0CC7tpIyrZODYIYjTZc8-8iCdE3tSDHwMz0hGv4tx43cXDl7L3CZTfakrSWrlfhZU5FBrWzqA0KsGuggIH5JMd-sFQIHyoDLMigVqLjmMQCKbiH0XD3Ta9DHr4KwShcVeEeZ7rfwIqLhVx9iLpaMACZUShEsV4O04aUOjCjmLk24TcN3g6vgwTVc14mUzGPSUMVaYFI%26adurl%3D
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
522a648f5f313ee5ca9b75207869255565317fbc99e86eef86cc56ebb032ee64

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4328
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D385 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
8820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 04:33:02 GMT
expires
Tue, 01 Oct 2024 04:33:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CROtXcWoaZZmdBZHugAfVv7zYDLHB28tywuzBkuQQypPA_OsCEAEguoTAM2D1hYCAiASgAb_tkOYByAEJqQJ7AHMyalSyPuACAKgDAcgDywSqBIEDT9AZKITqCNZv0ml8xJQABZe4xA74NErPTCVbcn6DS9pk6UIGrR8NMoOMoXsBV5X_j5gt_4yYNZVejOrkKZi4tGj58nX6zdz1QgL733xluOzhYvwFLS0JKOJBeiKChrx1mVMmeL8Zz9GZ_3b0ybDtkKFiOd2YjmLI9k82J1fP8ZXxMFVV-ejDR-iFaBJTZz9lYxRe8vOpDa3E3KsQyZ4OiGZieR_xPUtm_trreIF-A6TMtGfyerZCNOt1fOlpkyx9nXMKLKdQUmU1Q0Qzd9IrSNIwZo4WbQJgNMSCaNbPD1k7_ib7zDI92u7IXSSNdvw1Dgpy82-uCSzXYPsv8JUZBHqlMGvMahTOW5ErHnwRuorScBSrxiMUm55dShekgVrByN2CLosT-AsA8CevnWaBoATdaj_sYJxCfwMN8PFwWwGsuNfkGUn__AJJ5SqHqpChQ1raPjk4PZDwSb0lUSq97YjEC7rLoILDiarsC17eUQASoq82ff-34yjTYEozyOq4U8AEhbGCh5cD4AQBiAXk1_r7KpIFBAgEGAGSBQQIBRgEoAYugAepku-ZAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIHyGNIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwmgkYaHR0cHM6Ly93d3cuaGFpcmxpZmUuY2gvgAoDyAsB2gwQCgoQkPHRq5GJmL9bEgIBA-INEwjs-a6V5daBAxURN-AKHdUfD8u4E4gE2BMK0BUBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=ZKdhDe0sNqo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNoQdxVmifqqslnbQR7Y5W10dx3Da_N04KOkkESyr2dFq-PPOAk9jMEIxLzA1Q17z6Lc2t16QBUxgB&template_id=520&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 02 Oct 2023 07:00:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 9E77
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CROtXcWoaZZmdBZHugAfVv7zYDLHB28tywuzBkuQQypPA_OsCEAEguoTAM2D1hYCAiASgAb_tkOYByAEJqQJ7AHMyalSyPuACAKgDAcgDywSqBIEDT9AZKITqCNZv0ml8xJQABZe4xA74...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcfb4945a74073d470000000000000000%22,%222%22:%220x77a416c6fabbd43a0000000000000000%22,%223%22:%220x4182af...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcfb4945a74073d470000000000000000%22,%222%22:%220x77a416c6fabbd43a0000000000000000%22,%223%22:%220x4182af7f12f6dd020000000000000000%22,%224%22:%220x131c709ed9cbe2590000000000000000%22,%225%22:%220x1e4a3282ac9862f40000000000000000%22},%22debug_key%22:%2216275437844221044747%22,%22debug_reporting%22:true,%22destination%22:%22https://hairlife.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22482621119%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211382195870648953233%22}&andc=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xcfb4945a74073d470000000000000000","2":"0x77a416c6fabbd43a0000000000000000","3":"0x4182af7f12f6dd020000000000000000","4":"0x131c709ed9cbe2590000000000000000","5":"0x1e4a3282ac9862f40000000000000000"},"debug_key":"16275437844221044747","debug_reporting":true,"destination":"https://hairlife.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["482621119"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"11382195870648953233"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 02 Oct 2023 07:00:04 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 02 Oct 2023 07:00:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xcfb4945a74073d470000000000000000","2":"0x77a416c6fabbd43a0000000000000000","3":"0x4182af7f12f6dd020000000000000000","4":"0x131c709ed9cbe2590000000000000000","5":"0x1e4a3282ac9862f40000000000000000"},"debug_key":"16275437844221044747","debug_reporting":true,"destination":"https://hairlife.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["482621119"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"11382195870648953233"}&andc=true
access-control-allow-origin
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
pagead2.googlesyndication.com/bg/ Frame 27FA 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
472938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14820
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:37:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 94C1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js?cb=31078264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 Oct 2023 07:00:02 GMT
VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
pagead2.googlesyndication.com/bg/ Frame D385 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
472938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14820
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:37:44 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 Oct 2023 07:00:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7710 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1707
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 06:31:35 GMT
expires
Tue, 01 Oct 2024 06:31:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3A3B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
GSE /
Resource Hash
bbc7374922de3a3683cb84cc9bef93561f0bc709f0b36d54df5ce7df85700c7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iMOrXSjDag2Oz7yA6hPdsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-iMOrXSjDag2Oz7yA6hPdsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:02 GMT
expires
Mon, 02 Oct 2023 07:00:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
request.php
hal90009.redintelligence.net/ Frame E0E5
Redirect Chain
  • https://hal90009.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=68f084efc9&subid=&uid=69eaddd144a7ed06&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90009.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=68f084efc9&subid=&uid=69eaddd144a7ed06&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=68f084efc9&subid=&uid=69eaddd144a7ed06&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCprjYcWoaZevJBoTTgAek1JewB5HB0Jtp2--DktwP8C4QASC6hMAzYPWFgICIBMgBCakC5k5SORi9sT6oAwHIA5sEqgSWAk_QPn7ozUzHrrmm6rMEJNV5a-rKn5hx2rBAUrX_UXbBge4b9cvvCuIkCA_2Jrl4sMYlug3AHGBjmSkLRB_kJZYn8uCxbE7j_jvNlZel0R4IhbLRDi0ceZRI4aLz32KQfHrVv0cN3wsQjAH9e9hkVADH-RW40_0Ejxdd8h1xSrjaBQtLnkGLnbIlcwTpA7PaSb2VrPIBAjbxLHfFTawAuxZRKaWzjF-MMkpwRTPSiPAC33QukEkGr0pjRonatf3kr6tHYlEuPRw-UqzttlmdrX5z_2doaU7M5yanxXjvAzJPn9UJzjAA6A86s4Yjp-7qq8HKWL0_Zk5mUQ-4Y9a84XJipNN5mOpA-cjKXkDjP-MllhKXi3e4wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCMmksJXl1oEDFYQp4AodJOoFdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIq8axleXWgQMVhCngCh0k6gV2EAEYASAAEgJWo_D_BwE%26num%3D1%26cid%3DCAQSPADICaaNgLDcwc617zZ-U_aeaePv7KJaadj_PKnnuP4kH1FS5cEdLeSDTRNJMS0NCBxO-UalBjh5N_yyjhgB%26sig%3DAOD64_3Ri6E_DwUfyTFmDVzrK097VnHVAQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Bnvo2TuflDCGqZPCeh7RZMvpXW0mQwUWLjg1YiqwrbrvMDtl_k1sF5wTOuKw5a-c-Qt9WqUnsXZXSkSmWeSNjT1AC85pzmTWVEPsnBhf9aO6XIjv_rwR_-KAE6uTln9nEVHbAEtT4pKthZrgrHdKkMkN0CjNgWwH5_aI6W-yWTcGvW8hE%26cry%3D1%26dbm_d%3DAKAmf-Aq6OqrHHX3hhaPTVfbMbwBlVbh-S38yHD7CmkEOoG7WKOgowFnJW1rllsu6TdCQMUiY7SzfHWv3_delBvrQLvk9MyrMIEUW9A1Ep8jx3Oz5OXfX0db57wjxkSDeSkoOaSS23cVSPR1gLb6cieHZrMgAvJLecpDDEkBj2qdsPQkzkj18H4JqTZ-4_iesev6jdfwTVwV3-8j4AnfN7oUhlAIQ4Y524A-DEobvXde411Po4ffFrfviPClCTHmQEYRBvMhX3p8P4avH9xSjw-MQlxYZtmdDnkxTCC3PPEuS376uTy8tR9_0CTTBoYngxseq1bH7OdEKkbviqVzcSDnwJC-a0Xa9hxP2rVMNhfxbqN4RvTHbIXLzSbKXZfKEYaFf8_RIDIc72zS0Bzz3wgUacB0ycboVWX7lsFPwDxIyBfV6OoUJ0gnxhfaCw2u8G7Ck0CC7tpIyrZODYIYjTZc8-8iCdE3tSDHwMz0hGv4tx43cXDl7L3CZTfakrSWrlfhZU5FBrWzqA0KsGuggIH5JMd-sFQIHyoDLMigVqLjmMQCKbiH0XD3Ta9DHr4KwShcVeEeZ7rfwIqLhVx9iLpaMACZUShEsV4O04aUOjCjmLk24TcN3g6vgwTVc14mUzGPSUMVaYFI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9008680055861&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e2ec29fd9115bba7ee0c26cfb4c1db740a70717d7f4154c34068a878952f9ff5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:03 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
80122400024887204438446012465009
Connection
close
Content-Length
726
Expires
Mon, 02 Oct 2023 08:00:03 +0200

Redirect headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:03 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=68f084efc9&subid=&uid=69eaddd144a7ed06&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCprjYcWoaZevJBoTTgAek1JewB5HB0Jtp2--DktwP8C4QASC6hMAzYPWFgICIBMgBCakC5k5SORi9sT6oAwHIA5sEqgSWAk_QPn7ozUzHrrmm6rMEJNV5a-rKn5hx2rBAUrX_UXbBge4b9cvvCuIkCA_2Jrl4sMYlug3AHGBjmSkLRB_kJZYn8uCxbE7j_jvNlZel0R4IhbLRDi0ceZRI4aLz32KQfHrVv0cN3wsQjAH9e9hkVADH-RW40_0Ejxdd8h1xSrjaBQtLnkGLnbIlcwTpA7PaSb2VrPIBAjbxLHfFTawAuxZRKaWzjF-MMkpwRTPSiPAC33QukEkGr0pjRonatf3kr6tHYlEuPRw-UqzttlmdrX5z_2doaU7M5yanxXjvAzJPn9UJzjAA6A86s4Yjp-7qq8HKWL0_Zk5mUQ-4Y9a84XJipNN5mOpA-cjKXkDjP-MllhKXi3e4wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCMmksJXl1oEDFYQp4AodJOoFdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIq8axleXWgQMVhCngCh0k6gV2EAEYASAAEgJWo_D_BwE%26num%3D1%26cid%3DCAQSPADICaaNgLDcwc617zZ-U_aeaePv7KJaadj_PKnnuP4kH1FS5cEdLeSDTRNJMS0NCBxO-UalBjh5N_yyjhgB%26sig%3DAOD64_3Ri6E_DwUfyTFmDVzrK097VnHVAQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Bnvo2TuflDCGqZPCeh7RZMvpXW0mQwUWLjg1YiqwrbrvMDtl_k1sF5wTOuKw5a-c-Qt9WqUnsXZXSkSmWeSNjT1AC85pzmTWVEPsnBhf9aO6XIjv_rwR_-KAE6uTln9nEVHbAEtT4pKthZrgrHdKkMkN0CjNgWwH5_aI6W-yWTcGvW8hE%26cry%3D1%26dbm_d%3DAKAmf-Aq6OqrHHX3hhaPTVfbMbwBlVbh-S38yHD7CmkEOoG7WKOgowFnJW1rllsu6TdCQMUiY7SzfHWv3_delBvrQLvk9MyrMIEUW9A1Ep8jx3Oz5OXfX0db57wjxkSDeSkoOaSS23cVSPR1gLb6cieHZrMgAvJLecpDDEkBj2qdsPQkzkj18H4JqTZ-4_iesev6jdfwTVwV3-8j4AnfN7oUhlAIQ4Y524A-DEobvXde411Po4ffFrfviPClCTHmQEYRBvMhX3p8P4avH9xSjw-MQlxYZtmdDnkxTCC3PPEuS376uTy8tR9_0CTTBoYngxseq1bH7OdEKkbviqVzcSDnwJC-a0Xa9hxP2rVMNhfxbqN4RvTHbIXLzSbKXZfKEYaFf8_RIDIc72zS0Bzz3wgUacB0ycboVWX7lsFPwDxIyBfV6OoUJ0gnxhfaCw2u8G7Ck0CC7tpIyrZODYIYjTZc8-8iCdE3tSDHwMz0hGv4tx43cXDl7L3CZTfakrSWrlfhZU5FBrWzqA0KsGuggIH5JMd-sFQIHyoDLMigVqLjmMQCKbiH0XD3Ta9DHr4KwShcVeEeZ7rfwIqLhVx9iLpaMACZUShEsV4O04aUOjCjmLk24TcN3g6vgwTVc14mUzGPSUMVaYFI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9008680055861&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Mon, 02 Oct 2023 08:00:03 +0200
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
09/22/2023 01:09:22
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
6f6665d8f8e83c491fd6c5939c0c51ce
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-167
cdn-cachedat
09/27/2023 15:06:24
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
0cc1244a99723d3e3e3dde6f5865c9ec
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-587
cdn-cachedat
09/10/2023 07:57:09
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
a699a77d92df730b52ffb21bf603602f
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-676
cdn-cachedat
09/22/2023 01:10:25
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
7804ab885c5f4e238c7c923f2037855a
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
b8b00895-2e6c-43db-8db1-84f2c1d86d53
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/b8b00895-2e6c-43db-8db1-84f2c1d86d53
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309260101&jk=123982773364500&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 7710 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 12:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
67927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Sep 2024 12:07:56 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
07cd50be7b89b6445dd9584ac2a8a8714dfe98af4f2a379d59407e5ce07d1808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92711
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 02 Oct 2023 07:00:03 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
85bfaf083e3a519724935ff5fe8f381b0e605890c8cab9121cd69fafe46edbca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92700
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 02 Oct 2023 07:00:03 GMT
e415ec43-80ee-44b3-8e9f-75ba7efe091a
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/e415ec43-80ee-44b3-8e9f-75ba7efe091a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
9e6d8ca4-a3f0-44fd-a53a-e1b181fe6567
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/9e6d8ca4-a3f0-44fd-a53a-e1b181fe6567
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
gen_204
pagead2.googlesyndication.com/pagead/ Frame D385 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYPwdcmoaZcP8CvqTjuwP1eWo-A0AAAAAOAHgBAI&bg=!jo2ljcLNAAZN1Q_XbdU7ADQBe5WfOMBbt9awICN28O2-8XuzLTYP3Te3yePAwcUdyGn0AMIpvrU4vvMaympPMqkJN8OmAgAAAM9SAAAADGgBB5kDCXCdiNKQMun8nGZWqqK0J0fyCpjRHIXy71HRoKWvku3p03TBAcc8FroKpd852Ml03KE7n-cMGXBv6YgTmDM6r8BJIL_f8BbWrcwkOai6mMEclRIxzXq5f762MQ-JPZ8fxjxVhvwrAgBqB_R1yBW-yOmtg1LuwLd__yZIgqheN7SMfYUhcOID-EZEA10sFBxa3Bb5aF6pVGkWhveuNIhPs_RDFnnJGAXx1gHTo2-h1jh82S_C8HUv5JmXblIASkxxq-4DeSxsWtBCHdGVLtsBtRYR214d3xuZhN52SJda3rbH2BZisHkVRlLjkE_vWNJC0NLsB-eEfBQdp_DfMKJ9hgydXtpjGvj8lKBkZuhNOCPjUfpI6yMhsm1GqYfnfUzFR7jdpmoZsA1TvlUmHD3oHqRXX9mmKfMmUAzlPtlZnyd-GD4ED7dpAnNlrSrhrOiF8gvk3AyXl0ZVyRV-WkE7wOAvqD-GHnESekkhgx4Pdh8K03ckxSkIuBvz71nB-f63kF1knyKpXHdGtBahnpdz1wRz3suP-yBj58kpv9eEFgYb1rE9SPXKzg07Co8FyLTDNLQrPxvcWB59G5PWsUY1Hcfltk-ZsildK9ChCHM47bTB8z77JWkWaE-Zle4i55G-B_RdnmLTIlJC5VgN5dEVd1FHYzDUBekq6kP-kESxhvppZfWk9uM6GEMQx_6rr-ASbD8WzD19zM35eLAcyqjqfu9YaEO1gx2A2vsVwVoS38uyWR9e_y7epIDyM69SwR4w3TVWYV80fgyefe4deczz5-cnvcdyrGBMTlv568K6PJtvLcJXvKCXvaVuAQ3-HrIwVgZz0jZrzZK9oNLiGiSxOjzpwTH3wppof3Sobm-Smasxc1K0UYqlgWfAXP0QRbkKPYCXZjhGFrNH7l4gvS_CIh0svfsVT6lBnMynYlDIjPBkjLyFnpmYi0egZi8r4P0LWAXrW-qyxNyWggzCSE14aW60AohSXblljkd5QEH82B9Ke0KvUvXfiYlzodmnRa0f7PQRHojKGcJVRg
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2DF6 		4 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 05:09:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Oct 2023 07:00:03 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 2DF6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 16:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
51066
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 16:48:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2DF6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
1708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 06:31:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2DF6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
51065
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame 2DF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQll7jwhZZtJ_1dcNfprXB_EBV2wHh4mksx4NvbntYk5jzTsdLcpPGcxGdtI0pBlp4KTVFxTOYI1416FWa32zJoIaZw7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2DF6 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Oct 2023 07:00:03 GMT
fda82c26911938d9c7ca79f9220f8b0c.js
www.gstatic.com/mysidia/ Frame 2DF6 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15328
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 10:18:01 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.9 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-9.bunnyinfra.net
Software
BunnyCDN-DE1-1049 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
DE-664
cdn-cachedat
09/06/2023 03:55:39
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
c263cb0c04cc38ba9364744da53943ff
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-11.bunnyinfra.net
Software
BunnyCDN-DE1-1054 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-51
cdn-cachedat
08/02/2023 18:29:37
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:52 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
135
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
54df0ef55712e4ab6c5b558e7b8d715b
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4548 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
84089
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 07:38:34 GMT
etag
48472445140208031
expires
Mon, 02 Oct 2023 07:38:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.593.1_en.html
imasdk.googleapis.com/js/core/ Frame FEDA 		723 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f10.1e100.net
Software
sffe /
Resource Hash
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
373689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237116
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 23:11:54 GMT
expires
Thu, 26 Sep 2024 23:11:54 GMT
last-modified
Wed, 27 Sep 2023 23:10:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Oct 2023 07:00:03 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 040B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 02 Oct 2023 07:12:40 GMT
playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 		171 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
NY-267
cdn-cachedat
04/11/2023 16:02:55
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
94ea991aae8a842e9beca450c1a68e0a
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
14763004658117789537
tpc.googlesyndication.com/simgad/2517865642469221594/ Frame 2DF6 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2517865642469221594/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
a2646c51b9cad8f4630d293fc275ce3ce4e8ad9628d0c7000b25d9b33bf53100
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 02:28:30 GMT
x-content-type-options
nosniff
age
189093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15361
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 12:38:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 29 Sep 2024 02:28:30 GMT
truncated
/ Frame 2DF6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
0f28504d-fbe1-491b-bc7c-da0ae6dec7e3
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/0f28504d-fbe1-491b-bc7c-da0ae6dec7e3
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
7899e539-5af4-466d-9510-0a0da839e6ce
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/7899e539-5af4-466d-9510-0a0da839e6ce
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
69343a93-7941-41f2-90a5-31c07d02f93a
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/69343a93-7941-41f2-90a5-31c07d02f93a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2DF6 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 02:35:09 GMT
x-content-type-options
nosniff
age
188694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 02:35:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2DF6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
269591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 04:06:52 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je39r0&_p=1194065067&cid=404882103.1696229999&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696230003&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&dt=MLB%EF%BC%8F%E8%8B%A5%E7%B0%BD%E4%B8%8B%E9%81%94%E6%AF%94%E4%BF%AE%E6%9C%89%E3%80%80%E9%81%8A%E9%A8%8E%E5%85%B5%E8%80%83%E6%85%AE%E4%B8%8D%E8%A3%9C%E8%8F%B2%E7%88%BE%E5%BE%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 7710 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qP7l0Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame 2DF6 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44900516ed99172cb5efe927181856c67bb9c8cc26cfd2ead6354a092226e117

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696230003637&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1557&pt=-1851375812&tz=120&viewable=true&ddast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ddbeab2687daccf77f6ca6803f852b1fe9f906a65289af736e49ae9e2a39f85

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1413
x-cache
MISS
x-served-by
cache-ams21063-AMS
pragma
no-cache
server
nginx
x-timer
S1696230004.719928,VS0,VE58
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9E77 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssnryCf-NnpknsfC9u-RFGAuUInvv2yOgOxByVl1JxmpQbjRgAanUGVBetHmJz3s-Ofdulbb0SWPVHPnp1JdOL-Xa78ArrmX1Gzi6-WETogDHJjAqvUSJxSxZCNn_KI_KYetOj80RYcQ&sai=AMfl-YRr5Zb-aYboM4qu69Z7gZYthhmDtHRiSczoh-vxkfcOgW8ivLzBkSkEZ9ihDWE8zccG85cDMSfkpHxnL8DuZAl88T0A7c8O5cKkNCXzgyGA8ioW46t8qCm76WAG&sig=Cg0ArKJSzP3qiJ5mdfLcEAE&cid=CAQSPADICaaNoQdxVmifqqslnbQR7Y5W10dx3Da_N04KOkkESyr2dFq-PPOAk9jMEIxLzA1Q17z6Lc2t16QBUxgB&id=lidar2&mcvt=1043&p=60,236,310,964&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696230001516&rpt=1070&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMsEUr8NQEGYytNVzz9f_R8&google_cver=1&google_push=AXcoOmSEkdjiXLNd1x4XsofMY4_vCEwqtvdwJQO2KG_YDYNbIMGs2jBaH104vNS-XZaaQCoDUlztnUnQ7GIuW64GqNvwnbl1m7QNt_...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F6539E88F114227908F3039A3DE673C&google_push=AXcoOmSEkdjiXLNd1x4XsofMY4_vCEwqtvdwJQO2KG_YDYNbIMGs2jBaH104vNS-XZaaQCoDUlztnUnQ7GIuW64...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F6539E88F114227908F3039A3DE673C&google_push=AXcoOmSEkdjiXLNd1x4XsofMY4_vCEwqtvdwJQO2KG_YDYNbIMGs2jBaH104vNS-XZaaQCoDUlztnUnQ7GIuW64GqNvwnbl1m7QNt_TWkadBUCjPLuY5PdSPYRF__I2mri1xayL88K4YvWT_PaJyUrCvNTqP
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 02 Oct 2023 07:00:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F6539E88F114227908F3039A3DE673C&google_push=AXcoOmSEkdjiXLNd1x4XsofMY4_vCEwqtvdwJQO2KG_YDYNbIMGs2jBaH104vNS-XZaaQCoDUlztnUnQ7GIuW64GqNvwnbl1m7QNt_TWkadBUCjPLuY5PdSPYRF__I2mri1xayL88K4YvWT_PaJyUrCvNTqP
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 01 Oct 2023 07:00:03 GMT
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEJinldPaMEe3vu26PJdAlc&google_cver=1&google_push=AXcoOmQzxZKId-vxQtPO8U3bQOhPTkSvVYvBFX9wCrFTnNrIo48-Uou_1FY4pwmC2KTeNERwbN2w3YIw...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEJinldPaMEe3vu26PJdAlc&google_cver=1&google_push=AXcoOmQzxZKId-vxQtPO8U3bQOhPTkSvVYvBFX9wCrFTnNrIo48-Uou_1FY4pwmC2KTeNERwbN2...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIyNDIyMDY2NTY5MzU1ODk4NA&google_push=AXcoOmQzxZKId-vxQtPO8U3bQOhPTkSvVYvBFX9wCrFTnNrIo48-Uou_1FY4pwmC2KTeNERwbN2w3Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIyNDIyMDY2NTY5MzU1ODk4NA&google_push=AXcoOmQzxZKId-vxQtPO8U3bQOhPTkSvVYvBFX9wCrFTnNrIo48-Uou_1FY4pwmC2KTeNERwbN2w3YIwjlz8LbbIJqbEyHvqLPz84MMXh5S9Ej6LDPtjpz5dzObK1stcMEIhK6dLojVKb_0clw27qOEjZAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIyNDIyMDY2NTY5MzU1ODk4NA&google_push=AXcoOmQzxZKId-vxQtPO8U3bQOhPTkSvVYvBFX9wCrFTnNrIo48-Uou_1FY4pwmC2KTeNERwbN2w3YIwjlz8LbbIJqbEyHvqLPz84MMXh5S9Ej6LDPtjpz5dzObK1stcMEIhK6dLojVKb_0clw27qOEjZAE
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOevsu4HZiFHOXBTgW_TP9Y&google_cver=1&google_push=AXcoOmTD3v_oYEJjRw3M9nKgyobwSzwYhzdnqEeuBl0kayFnUcbpUENVt4SOC5GwAUp3yGC86Ed_4gH1aNt5FUP5_QM_76F3KcOMi...
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEOevsu4HZiFHOXBTgW_TP9Y&google_push=AXcoOmTD3v_oYEJjRw3M9nKgyobwSzwYhzdnqEeuBl0kayFnUcbpUENVt4SOC5GwAUp3yGC86Ed_4gH1aNt5FUP5_QM_76F3KcOMi...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTD3v_oYEJjRw3M9nKgyobwSzwYhzdnqEeuBl0kayFnUcbpUENVt4SOC5GwAUp3yGC86Ed_4gH1aNt5FUP5_QM_76F3KcOMiD6kOpNYTdv12BioJbqQq-zhfmD1gsIFt-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTD3v_oYEJjRw3M9nKgyobwSzwYhzdnqEeuBl0kayFnUcbpUENVt4SOC5GwAUp3yGC86Ed_4gH1aNt5FUP5_QM_76F3KcOMiD6kOpNYTdv12BioJbqQq-zhfmD1gsIFt-7F-B5h9lTv5BLCm2vSFZNw&google_hm=NMcKUPpQwb8TiVgb8wuDiw==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:03 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTD3v_oYEJjRw3M9nKgyobwSzwYhzdnqEeuBl0kayFnUcbpUENVt4SOC5GwAUp3yGC86Ed_4gH1aNt5FUP5_QM_76F3KcOMiD6kOpNYTdv12BioJbqQq-zhfmD1gsIFt-7F-B5h9lTv5BLCm2vSFZNw&google_hm=NMcKUPpQwb8TiVgb8wuDiw==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEFNDJwtjpwoCHxZTv3F_6tk&google_cver=1&google_push=AXcoOmRuKEe-Nk8DrfFK0TWAzKtYtnnlWFeVkmt5RXLQr3C_agQg9aol3y3pSgLwpPcHrI46RHWihlz7YZbcnY7...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Twqw2BrIVCxjOdiqBQbarFTjfeQ&google_push=AXcoOmRuKEe-Nk8DrfFK0TWAzKtYtnnlWFeVkmt5RXLQr3C_agQg9aol3y3pSgLwpPcHrI46RHWihlz7YZbcnY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Twqw2BrIVCxjOdiqBQbarFTjfeQ&google_push=AXcoOmRuKEe-Nk8DrfFK0TWAzKtYtnnlWFeVkmt5RXLQr3C_agQg9aol3y3pSgLwpPcHrI46RHWihlz7YZbcnY7rY-_INprAuEux9T3b8obnZzS4Jh1TbORLRjRcuIX87n7JzrQN-KLL4Ne1BJEsSVMSMrw5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Twqw2BrIVCxjOdiqBQbarFTjfeQ&google_push=AXcoOmRuKEe-Nk8DrfFK0TWAzKtYtnnlWFeVkmt5RXLQr3C_agQg9aol3y3pSgLwpPcHrI46RHWihlz7YZbcnY7rY-_INprAuEux9T3b8obnZzS4Jh1TbORLRjRcuIX87n7JzrQN-KLL4Ne1BJEsSVMSMrw5
Date
Mon, 02 Oct 2023 07:00:04 GMT
Connection
keep-alive
Content-Length
298
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT-jyb35Unfx4zdEBa-tfhpJf2FxuNRnz11eJ9g5QHyq-Kb9eQks0J1eLqt3zuomwZBIBMKH9903F...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT-jyb35Unfx4zdEBa-tfhpJf2FxuNRnz11eJ9g5QHyq-Kb9eQks0J1eLqt3zuomwZBIBMKH9903FtLacA8epKNxtexAD4dd75q4ic-qQhkPfoYa25KMNp3jqsjJTZD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT-jyb35Unfx4zdEBa-tfhpJf2FxuNRnz11eJ9g5QHyq-Kb9eQks0J1eLqt3zuomwZBIBMKH9903FtLacA8epKNxtexAD4dd75q4ic-qQhkPfoYa25KMNp3jqsjJTZDhvb5xldVASNzydF3uSKJ3hXW&google_hm=fbd5152e-b767-47aa-a081-f4d6ab69df4c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-174
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT-jyb35Unfx4zdEBa-tfhpJf2FxuNRnz11eJ9g5QHyq-Kb9eQks0J1eLqt3zuomwZBIBMKH9903FtLacA8epKNxtexAD4dd75q4ic-qQhkPfoYa25KMNp3jqsjJTZDhvb5xldVASNzydF3uSKJ3hXW&google_hm=fbd5152e-b767-47aa-a081-f4d6ab69df4c
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMZbK4hYI6zFPMluBq_7eZA&google_cver=1&google_push=AXcoOmQyLEGYkT-7am4SLWYfCL7X6YXKt3Smt2JsI_qVKfMUHJgEiVrt7TIiqi9_k8hAGapE5XJ85Q5dGogDs0cVh...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMZbK4hYI6zFPMluBq_7eZA&google_cver=1&google_push=AXcoOmQyLEGYkT-7am4SLWYfCL7X6YXKt3Smt2JsI_qVKfMUHJgEiVrt7TIiqi9_k8hAGapE5XJ85Q5dGogDs0cVh...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQyLEGYkT-7am4SLWYfCL7X6YXKt3Smt2JsI_qVKfMUHJgEiVrt7TIiqi9_k8hAGapE5XJ85Q5dGogDs0cVhljN6EN8OXUkx_SPGaOdPcBCcislifHzjkn3KRpwX-xUY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQyLEGYkT-7am4SLWYfCL7X6YXKt3Smt2JsI_qVKfMUHJgEiVrt7TIiqi9_k8hAGapE5XJ85Q5dGogDs0cVhljN6EN8OXUkx_SPGaOdPcBCcislifHzjkn3KRpwX-xUYhXGrLT9euWw9kHpu6gEuKA&google_hm=HatkrGZH4suyw0QsRTOF9U3R
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 02 Oct 2023 07:00:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQyLEGYkT-7am4SLWYfCL7X6YXKt3Smt2JsI_qVKfMUHJgEiVrt7TIiqi9_k8hAGapE5XJ85Q5dGogDs0cVhljN6EN8OXUkx_SPGaOdPcBCcislifHzjkn3KRpwX-xUYhXGrLT9euWw9kHpu6gEuKA&google_hm=HatkrGZH4suyw0QsRTOF9U3R
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pub
cs.chocolateplatform.com/ Frame 4548 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGYFRlVZcrA1jlUisKtcd6o&google_cver=1&google_push=AXcoOmRp9mNpYpmn0dDeAiK8iOi6uMmVIXJWubYMVxqMjscIEKTeWWrNhTbuwLHpGorhRrENIUqXPHuISMIoIHSxfRoBgCpyPw6Nhd58v_CcfKORhAl7KH96zaVCVcK565QsOskNo2LCxtjICGlLMEWfKbc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 02 Oct 2023 07:00:03 GMT
server
CookieSync Server
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4548 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9X0J4O4Kkrni8fA65nlTupfay1TCK9vwOSoeh-Zst9Q8H_rClm04f9PCFcUvqrBBugdu6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5C9B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4d3f6d92bcd0c43860de7b286d7a4d2b87b73b52e9d51478084dbf603487ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12061
x-xss-protection
0
VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
pagead2.googlesyndication.com/bg/ Frame A24F 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696222802&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696230001560&bpp=387&bdt=1267&idt=777&shv=r20230927&mjsv=m202309260101&ptt=5&saldr=sd&cookie=ID%3Da66565a41076df35%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MZezUrNjG_Luw5JE61qmAbebOQ7mg&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=17730987787&frm=23&ife=1&pv=2&ga_vid=404882103.1696229999&ga_sid=1696230002&ga_hid=360535097&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2839&biw=1600&bih=1200&isw=336&ish=280&ifk=2684895464&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078199%2C44795922%2C31078216&oid=2&pvsid=2838286010688744&tmod=1573289168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u36v7w3mduw6&btvi=1&fsb=1&dtd=816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
472939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14820
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:37:44 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 Oct 2023 07:00:04 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcfb4945a74073d470000000000000000%22,%222%22:%220x77a416c6fabbd43a0000000000000000%22,%223%22:%220x4182af7f12f6dd020000000000000000%22,%224%22:%220x131c709ed9cbe2590000000000000000%22,%225%22:%220x1e4a3282ac9862f40000000000000000%22},%22debug_key%22:%2216275437844221044747%22,%22debug_reporting%22:true,%22destination%22:%22https://hairlife.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22482621119%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211382195870648953233%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 02 Oct 2023 07:00:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90009.redintelligence.net/ Frame A38D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=80122400024887204438446012465009&a=6b82cd57
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=68f084efc9&subid=&uid=69eaddd144a7ed06&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCprjYcWoaZevJBoTTgAek1JewB5HB0Jtp2--DktwP8C4QASC6hMAzYPWFgICIBMgBCakC5k5SORi9sT6oAwHIA5sEqgSWAk_QPn7ozUzHrrmm6rMEJNV5a-rKn5hx2rBAUrX_UXbBge4b9cvvCuIkCA_2Jrl4sMYlug3AHGBjmSkLRB_kJZYn8uCxbE7j_jvNlZel0R4IhbLRDi0ceZRI4aLz32KQfHrVv0cN3wsQjAH9e9hkVADH-RW40_0Ejxdd8h1xSrjaBQtLnkGLnbIlcwTpA7PaSb2VrPIBAjbxLHfFTawAuxZRKaWzjF-MMkpwRTPSiPAC33QukEkGr0pjRonatf3kr6tHYlEuPRw-UqzttlmdrX5z_2doaU7M5yanxXjvAzJPn9UJzjAA6A86s4Yjp-7qq8HKWL0_Zk5mUQ-4Y9a84XJipNN5mOpA-cjKXkDjP-MllhKXi3e4wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCMmksJXl1oEDFYQp4AodJOoFdrATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIq8axleXWgQMVhCngCh0k6gV2EAEYASAAEgJWo_D_BwE%26num%3D1%26cid%3DCAQSPADICaaNgLDcwc617zZ-U_aeaePv7KJaadj_PKnnuP4kH1FS5cEdLeSDTRNJMS0NCBxO-UalBjh5N_yyjhgB%26sig%3DAOD64_3Ri6E_DwUfyTFmDVzrK097VnHVAQ%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Bnvo2TuflDCGqZPCeh7RZMvpXW0mQwUWLjg1YiqwrbrvMDtl_k1sF5wTOuKw5a-c-Qt9WqUnsXZXSkSmWeSNjT1AC85pzmTWVEPsnBhf9aO6XIjv_rwR_-KAE6uTln9nEVHbAEtT4pKthZrgrHdKkMkN0CjNgWwH5_aI6W-yWTcGvW8hE%26cry%3D1%26dbm_d%3DAKAmf-Aq6OqrHHX3hhaPTVfbMbwBlVbh-S38yHD7CmkEOoG7WKOgowFnJW1rllsu6TdCQMUiY7SzfHWv3_delBvrQLvk9MyrMIEUW9A1Ep8jx3Oz5OXfX0db57wjxkSDeSkoOaSS23cVSPR1gLb6cieHZrMgAvJLecpDDEkBj2qdsPQkzkj18H4JqTZ-4_iesev6jdfwTVwV3-8j4AnfN7oUhlAIQ4Y524A-DEobvXde411Po4ffFrfviPClCTHmQEYRBvMhX3p8P4avH9xSjw-MQlxYZtmdDnkxTCC3PPEuS376uTy8tR9_0CTTBoYngxseq1bH7OdEKkbviqVzcSDnwJC-a0Xa9hxP2rVMNhfxbqN4RvTHbIXLzSbKXZfKEYaFf8_RIDIc72zS0Bzz3wgUacB0ycboVWX7lsFPwDxIyBfV6OoUJ0gnxhfaCw2u8G7Ck0CC7tpIyrZODYIYjTZc8-8iCdE3tSDHwMz0hGv4tx43cXDl7L3CZTfakrSWrlfhZU5FBrWzqA0KsGuggIH5JMd-sFQIHyoDLMigVqLjmMQCKbiH0XD3Ta9DHr4KwShcVeEeZ7rfwIqLhVx9iLpaMACZUShEsV4O04aUOjCjmLk24TcN3g6vgwTVc14mUzGPSUMVaYFI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9008680055861&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6e98c5e947bd00072d025c83203e2ef8aa28b281a4354a9ed6031c3cd8c8cafd

Request headers

Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1865
Content-Type
text/html; charset=utf-8
Date
Mon, 02 Oct 2023 07:00:04 GMT
Expires
Mon, 02 Oct 2023 08:00:04 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame E0E5 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=80122400024887204438446012465009&pv=1
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-218-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:04 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D912 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
84089
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 07:38:34 GMT
etag
48472445140208031
expires
Mon, 02 Oct 2023 07:38:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E0E5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a3940b4205c61e6cbb39293a9e106ee7a4c1e29c467c9a41830082aa7ee3259

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5C9B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 Oct 2023 07:00:04 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 02 Oct 2023 07:00:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
165351
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
261901
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
149f00b29a6d331b2204e75c2bc0f1f712cfdac4b4b49c39cb102390eda9751d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 01 Nov 2023 07:00:04 GMT
checksync.php
contextual.media.net/ Frame 9A01 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8491
content-type
text/html; charset=UTF-8
date
Mon, 02 Oct 2023 07:00:04 GMT
expires
Wed, 04 Oct 2023 07:00:04 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
isyn
prebid.a-mo.net/ Frame 9E02 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 02 Oct 2023 07:00:03 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync.html
public.servenobid.com/ Frame 7F7E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-112.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74318
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 02 Oct 2023 01:16:29 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-id
-Zzyo2wyvzCg_JhjTv6uS0Z90gMpYUDmI9GzHjqBBD3Df4wGmAHA1Q==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 2964 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1696230000473
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
2a54692097b11421cffe19b9c3d88cfd89bf9a791afc815f02840e00f7701773
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1407
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame 97A2 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80fb10f5b930d696-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 Oct 2023 07:00:04 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 015B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 02 Oct 2023 07:00:04 GMT
ETag
"623de86a-cf34"
Expires
Tue, 03 Oct 2023 07:00:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
usync.html
eus.rubiconproject.com/ Frame 62FD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Oct 2023 07:00:04 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame F9A1
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0cb32d39925a0b2076eb875a3441800e4ec21047ef34c7b05b8e702454e6ee8f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
417
content-type
text/html
date
Mon, 02 Oct 2023 07:00:04 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 02 Oct 2023 07:00:04 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame C637 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1112
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
80fb10f85fcb063a-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 Oct 2023 07:00:04 GMT
expires
Mon, 02 Oct 2023 11:00:04 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame EE8D 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 02 Oct 2023 07:00:04 GMT
pixel
cm.g.doubleclick.net/ Frame D912
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEB_ldi-_BcU7gy_1dq0U6QQ&google_cver=1&google_push=AXcoOmSpCKB8DRrvAq9QdksmL71YyEwHiv67xWmoBzIBANcrrg0KriS-GaIg2EOmXQKHOyDyEHeYd2aUmvBD9eIDnLEKmhTL9s2DVg
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F6539E88F114227908F3039A3DE673C&google_push=AXcoOmSpCKB8DRrvAq9QdksmL71YyEwHiv67xWmoBzIBANcrrg0KriS-GaIg2EOmXQKHOyDyEHeYd2aUmvBD9eI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F6539E88F114227908F3039A3DE673C&google_push=AXcoOmSpCKB8DRrvAq9QdksmL71YyEwHiv67xWmoBzIBANcrrg0KriS-GaIg2EOmXQKHOyDyEHeYd2aUmvBD9eIDnLEKmhTL9s2DVg
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F6539E88F114227908F3039A3DE673C&google_push=AXcoOmSpCKB8DRrvAq9QdksmL71YyEwHiv67xWmoBzIBANcrrg0KriS-GaIg2EOmXQKHOyDyEHeYd2aUmvBD9eIDnLEKmhTL9s2DVg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 01 Oct 2023 07:00:04 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D912 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPr-0-D8Vt_7S6Mcgix5Zoc&google_cver=1&google_push=AXcoOmSVWvh8J5hW63zDIeBvzt7i_XTmVmh-pjaDDAdlmx6MjuF_SSk_LVO0e7SfiNlZN6sqYsK2D8qd4NrMZldSARjSLKnYTHjq
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame D912
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMU-bInfzZH--WSru8V2mCs&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMU-bInfzZH--WSru8V2mCs&google_hm=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&google_nid=index&google_push=AXcoOmTgKwvxFx_yDYrhlDgMPk1b0zyEFic4R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMU-bInfzZH--WSru8V2mCs&google_hm=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&google_nid=index&google_push=AXcoOmTgKwvxFx_yDYrhlDgMPk1b0zyEFic4RzT1AaC0r5Z1pR144TxdtF9XyfZPOP_tQV7aPwzwnrmP09QxBMVNZAPL8E2EATcomA
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI4VYnwAoi0oGiYC2DH6Eqy%2Fm1KHgBp5hcXteBMAf5JmCLLDJAdyymqa82ogJscfXvs1BU1cx%2Bw0XYbaQM8ZCX4%2F4EDGEhfaUXwuLdTlBwwwjB3BCyNA1ZGEEmBylyJyT0EDhDbDGPO80A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMU-bInfzZH--WSru8V2mCs&google_hm=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&google_nid=index&google_push=AXcoOmTgKwvxFx_yDYrhlDgMPk1b0zyEFic4RzT1AaC0r5Z1pR144TxdtF9XyfZPOP_tQV7aPwzwnrmP09QxBMVNZAPL8E2EATcomA
cache-control
no-cache
cf-ray
80fb10f5dcff03c3-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
verve
match.prod.bidr.io/cookie-sync/ Frame D912
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMmJzLOiQYIK1t1Ry8xXKgQ&google_cver=1&google_push=AXcoOmR138pJARlEj9hKJQrB8ZgfT10_grySQyO3KGbgPqQMteEZJwAkyxP8swoL-2Q1AOud8-xCYhWg4EEWcjhY...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=0410253733&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/verve?gdpr=0&gdpr_consent=,
22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/verve?gdpr=0&gdpr_consent=,
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
HTTP/1.1
Server
52.213.189.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-189-61.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
208f2c68b4053a2b545dfe35b37a190fcb9db3a7280744a3559122a9600ba14c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
22
content-type
text/plain

Redirect headers

date
Mon, 02 Oct 2023 07:00:05 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://match.prod.bidr.io/cookie-sync/verve?gdpr=0&gdpr_consent=,
cache-control
max-age=300
content-length
0
x-amz-cf-id
1LPHjgfwjrErS0S2lz94nNqr8YYX3GX4hXF8QBymtB9EVFjTFMe2aw==
pixel
cm.g.doubleclick.net/ Frame D912
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEJ18ey7BIK9K303F5uIsr_4&google_cver=1&google_push=AXcoOmR3YqtJwx42YR8GXfcEY5n5MJZvr0GqBTlSp4FRc5vCNg5KI2nxS7ggPqpwnXE1IsK_RNSpO-Xr1NNKTrFHmWSH1dG...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZjJkZmNmY2Q4MzE3NDdkYWJhMjE5ZDZjM2FiYTBhZjI%3D&UIDF=CAESEJ18ey7BIK9K303F5uIsr_4&google_cver=1&google_push=AXcoOmR3YqtJwx42YR8GXfcEY5n5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZjJkZmNmY2Q4MzE3NDdkYWJhMjE5ZDZjM2FiYTBhZjI%3D&UIDF=CAESEJ18ey7BIK9K303F5uIsr_4&google_cver=1&google_push=AXcoOmR3YqtJwx42YR8GXfcEY5n5MJZvr0GqBTlSp4FRc5vCNg5KI2nxS7ggPqpwnXE1IsK_RNSpO-Xr1NNKTrFHmWSH1dGlvHZg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZjJkZmNmY2Q4MzE3NDdkYWJhMjE5ZDZjM2FiYTBhZjI%3D&UIDF=CAESEJ18ey7BIK9K303F5uIsr_4&google_cver=1&google_push=AXcoOmR3YqtJwx42YR8GXfcEY5n5MJZvr0GqBTlSp4FRc5vCNg5KI2nxS7ggPqpwnXE1IsK_RNSpO-Xr1NNKTrFHmWSH1dGlvHZg
date
Mon, 02 Oct 2023 07:00:05 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame D912
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENKTYR2XDHUvu57oJ_WdnEA&google_cver=1&google_push=AXcoOmTn-uHRGGuYMAan5aAijuM6IuIm77qFen14rU35mWJ0oLRzdhFKyqnoldJkitljzniZLRQr2yhr2wAWEQ8MMRiXRv6zV77-
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyNDMwODA3NTA4ODg2Mzc1NDAxNA%3D%3D&google_push=AXcoOmTn-uHRGGuYMAan5aAijuM6IuIm77qFen14rU35mWJ0oLRzdhFK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyNDMwODA3NTA4ODg2Mzc1NDAxNA%3D%3D&google_push=AXcoOmTn-uHRGGuYMAan5aAijuM6IuIm77qFen14rU35mWJ0oLRzdhFKyqnoldJkitljzniZLRQr2yhr2wAWEQ8MMRiXRv6zV77-
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyNDMwODA3NTA4ODg2Mzc1NDAxNA%3D%3D&google_push=AXcoOmTn-uHRGGuYMAan5aAijuM6IuIm77qFen14rU35mWJ0oLRzdhFKyqnoldJkitljzniZLRQr2yhr2wAWEQ8MMRiXRv6zV77-
date
Mon, 02 Oct 2023 07:00:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame D912
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEGkXgOK9latRojFRKQKPavE&google_cver=1&google_push=AXcoOmQbp_Q0RL7DDbeX-mt78BHROqSO0Nb-X1a_2O5pIWegkOtaVnD3LZCEjosMthA...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQbp_Q0RL7DDbeX-mt78BHROqSO0Nb-X1a_2O5pIWegkOtaVnD3LZCEjosMthA0bQJ5clvoqir2kS2y2FqUB7fmuHvgREA4vhw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQbp_Q0RL7DDbeX-mt78BHROqSO0Nb-X1a_2O5pIWegkOtaVnD3LZCEjosMthA0bQJ5clvoqir2kS2y2FqUB7fmuHvgREA4vhw
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
2dd926fe.12f64f3c
date
Mon, 02 Oct 2023 07:00:04 GMT
x-bytefaas-request-id
20231002070004BDC6A7678CC43615A5F7
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-239-17.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-parent-response-time
95,2.16.239.17
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231002070004BDC6A7678CC43615A5F7
x-cache-remote
TCP_MISS from a23-207-199-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQbp_Q0RL7DDbeX-mt78BHROqSO0Nb-X1a_2O5pIWegkOtaVnD3LZCEjosMthA0bQJ5clvoqir2kS2y2FqUB7fmuHvgREA4vhw
x-bytefaas-execution-duration
4.21
access-control-allow-origin
*
access-control-allow-credentials
true
x-origin-response-time
9,23.207.199.91
x-tt-trace-host
011a02959a05d458d3d4334bc25fb4d082e850fdf83ec1a27a35d626ebbd71dd0d77cb2c2616252da001b7d4b04c42846d427b9d08a694bef49a8e18b933bf3be4e4e757d0f502b48c24623420622a3af2d68af858164580207bb825ed6e97bd31f5481ce9a145f62e4e1d09c432373614
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Mon, 02 Oct 2023 07:00:04 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D912 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyonIDdPs8tq6sit22gyI9dMJfujbESw38OFCt4A-Ll9zpR8pmUBvrIBZA3dQa186JSlgvSQ
Requested by
Host: 38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
URL: https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 78AE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 06:31:35 GMT
expires
Tue, 01 Oct 2024 06:31:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3ABF 		829 B
789 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
GSE /
Resource Hash
838334c208d02c71f08bed18d8afac0c1f3b437942758186db661389af5e5ad9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZZTShm2etno03wmbbpAnDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZZTShm2etno03wmbbpAnDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:04 GMT
expires
Mon, 02 Oct 2023 07:00:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
img
sync.mathtag.com/sync/ Frame 2964 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:04 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 02 Oct 2023 07:00:03 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 2964 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 2964
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=313197623763080317
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=313197623763080317
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
an-x-request-uuid
58692433-cdd9-45a4-8ac3-3374cd8a0d70
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=313197623763080317
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 2964
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=b3be3605ed27995980c5224ba727b8&gdpr_consent=&gdpr=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=b3be3605ed27995980c5224ba727b8&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:04 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=b3be3605ed27995980c5224ba727b8&gdpr_consent=&gdpr=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696230004714064-547
Expires
Mon, 02 Oct 2023 07:00:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 2964 		42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=LMFPxgiJnPa4A6CUgsdldhAQ13XPmO4cL4RI_C15dIc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2964
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v1jszCPHGHsutiMegYN4VxJ_nf1wPkw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v1jszCPHGHsutiMegYN4VxJ_nf1wPkw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v1jszCPHGHsutiMegYN4VxJ_nf1wPkw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 2964 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.170 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 2964 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 2964
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0687AADQRVRQE5MMGM28
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 2964 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-length
0
/
onetag-sys.com/match/ Frame 2964
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 2964 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 2964 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 2964 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696230000473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
content-encoding
gzip
cdn-edgestorageid
864
cdn-storageserver
DE-679
cdn-cachedat
09/20/2023 03:54:27
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
301
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
fc14adf01a3076d15c93bb79f56c727a
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
usync.js
eus.rubiconproject.com/ Frame 62FD 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2a6874083f0e1ba2b7e1342b75200cadcaa71b754b1b844f00120eafad14b1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:04 GMT
Content-Encoding
gzip
Last-Modified
Sun, 01 Oct 2023 09:57:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10606
Connection
keep-alive
Content-Length
10474
Expires
Mon, 02 Oct 2023 09:56:50 GMT
css
fonts.googleapis.com/ Frame A38D 		5 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=80122400024887204438446012465009&a=6b82cd57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Oct 2023 07:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 06:48:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Oct 2023 07:00:04 GMT
/
hal9000.redintelligence.net/scale/ Frame A38D 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=80122400024887204438446012465009&a=6b82cd57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
477a7fae3a7e2bead63af7bdf527065d5ff15cdff691403c96d97c053ea8463f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12359
Vary
Accept-Encoding
Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 3ABF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=2838286010688744&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 78AE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 12:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
67928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Sep 2024 12:07:56 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 97A2 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
397854
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
80fb10f73b46d696-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 94C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309260101&jk=123982773364500&bg=!xMelx4jNAAYEJRtnJCU7ADQBe5WfOE31Vx36nz_Z8e1lmo0D3r78YeCtZ22ArQe8CWxaocYQ4Tcgt_OLCZfngkWwdyU8AgAAAltSAAAAB2gBBwoAAdOZAslMCljRuJujpz4tDNzLYQFLRAi7Xa17X8V3XvjDVm8I4nTlYMXAsY4s6Hi4cn0Jo4YJkNsI4JUJT3uS2PeCGTHKaJ7zRfIj6JzpAjxJA4ov02FG1bmfZQNgiAQYSrs_IXTBA1kda7qf8kk30UNXv62fgt2CZFwhduIbuIXBdEUgWBZvxCJGqAxnSQYkouThzp0LyOFo-x6mw0GCpDoTHBocROgZU6DU8ae_wwIOnaCrSHu1cdiVxpL9TBHz0G4ONKHRdulGCYbZEI1IOpOcfBp3rTrpu6FPIP5uIehWLyonM4Xvsnu9B7z4hFFcsTNvpyyPflGYBtJYie3bU-Ctw2A_AvtkmqSR5TUSG2qENNHZ6S8sxC8gFbIu2K-f67CG4TvodJxw5PF5Gmw-RHajor_WqXY-YC0Z8vG6QDstVnu26VGgT-Y_QARsFQr7Z_AvBHvVbkZ-KgWnx202YHxXgXKDnDftVWr8uCvxRsLNb3PwUokknLRFIiFI4dMHQxDmHOTawFM49PMeOC03ANDWlbcvWhkMFB8SCnrIbgwKyIS_g3RtgWgyo8Bbg4DWwF1oieRbBxQcoAmr4C7fhFE_CH_0Yblm386NmC3O891haxtVZ5E0KeqHMY2yP-tt9NKxx4fmS9R0KbjLs88Th1E4gwH06TYpAqe1FkybNo_6RmOnwdTs8u1F1CthATGhmT83fzzp-zgtTxYXxghEcqVtz2i6DJZ3BRC4evw4H9cnD9Jfv7mISNS4FG6CuE7I6Ej3xVEQhKC1zXGkGi9EHCUWLDkkAgFgcybebjaBKA9YVgsUVNuUipyqj_2EXSxhgxSjAzKHKYnADazCTNZL6pWFh1JxZ5xBJxZLQthF8T32V5YibhMqVimtnBrCX_8ZNGpmzzyt-zSwfI6mzrwmx2k_9jj92c9pMrFqZaPsJoJggz8vqahzUgQK_AiIgA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
09/12/2023 20:49:35
cdn-pullzone
829957
content-length
345356
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
a573daef0afa1bc959fb36ab2335f1e9
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
viewability
hal90009.redintelligence.net/ Frame A38D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=80122400024887204438446012465009&a=8c17c6a6&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=80122400024887204438446012465009&a=6b82cd57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=80122400024887204438446012465009&a=6b82cd57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame A38D 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 23:04:46 GMT
x-content-type-options
nosniff
age
201318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 23:04:46 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame A38D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 03:41:01 GMT
x-content-type-options
nosniff
age
271143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 03:41:01 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 425F 		0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80fb10f85d4dd696-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 Oct 2023 07:00:04 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 07A3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
9d6dd0fa2d83626c92186fd85edc876379a9374580242ab711a7cc7704412ee3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1450
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
13926
g2.gumgum.com/usync/ Frame E38C 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.185.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a3c95612cd6e56547cf213319964b01ed2ed4c547ad1bd6d252fe050ee76c2a4

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 02 Oct 2023 07:00:04 GMT
etag
W/"0b2e9ea09f6fdd824495eb86c62c8439c"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 5819 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
c1fe3e0470e4cee0f8b06212cf1a6a34bacefc2c94818a5cda8e7687cc4551ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1431
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 76A3 		1021 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.123 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b9b9dd0264c451af8fc584a77c4cb3a5aca73a623fd1ddcd93dba0d637636018

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
1021
content-type
text/html
date
Mon, 02 Oct 2023 07:00:04 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 539C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f80a04cdd4be5d8dd67aca4657b7d6b8c3159785172880d04920c53e3c31e98

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80fb10f8e90f01e3-ZRH
content-encoding
br
content-type
text/html
date
Mon, 02 Oct 2023 07:00:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gyH2lnXg%2Fg6%2BKZB8TXXAKEwCATRr5zovV5dNNKdZoH6hqP19mmMKWcRPEaPLD%2FBHM2DtHzeAH90xm5mP8Qmd%2BaDp5sZyORGg1XzNJevyNlK7mymgYX9aLSiJaZ3KCfrB2gAcwFg0ssOtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A8D1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Oct 2023 07:00:04 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 02 Oct 2023 07:00:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D3DA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96803
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 02 Oct 2023 07:00:05 GMT
expires
Tue, 03 Oct 2023 09:53:28 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 89B0 		0
0
user-sync
sync.adkernel.com/ Frame 18FC 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 02 Oct 2023 07:00:05 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame ED78 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.228.176.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-176-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
85b154e9ddc06673035cb5648793cf2dc5a8a5f075fada2fc997d044500dba81

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Mon, 02 Oct 2023 07:00:05 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
sync
ads.servenobid.com/ Frame 7F7E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=313197623763080317
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=313197623763080317
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
an-x-request-uuid
a6240681-cd91-4ef5-9b1d-64cbccf67011
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=313197623763080317
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 7F7E
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=HatkrGZH4suyw0QsRTOF9U3R
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HatkrGZH4suyw0QsRTOF9U3R
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HatkrGZH4suyw0QsRTOF9U3R
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 7F7E 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 02 Oct 2023 07:00:04 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
ad.turn.com/r/ Frame 7F7E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=5756531302
0
0
cm
p.rfihub.com/ Frame 7F7E 		0
0
sync
ads.servenobid.com/ Frame 7F7E
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=fbd5152e-b767-47aa-a081-f4d6ab69df4c
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=fbd5152e-b767-47aa-a081-f4d6ab69df4c
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-174
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=fbd5152e-b767-47aa-a081-f4d6ab69df4c
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 7F7E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Mon, 02 Oct 2023 07:00:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 7F7E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtset
bh.contextweb.com/bh/ Frame 7F7E
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hOGMxNzc2Zi04YTNkLTNmNjktOGY3Mi1hN...
0
0
sync
ads.servenobid.com/ Frame 7F7E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 7F7E 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.247.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
cksync.php
hbx.media.net/ Frame 7F7E 		0
0
sync
ads.servenobid.com/ Frame 7F7E
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
  • https://ads.servenobid.com/sync?pid=328&uid=bedd2c67-8c85-4902-9a50-e4442a496de1
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=bedd2c67-8c85-4902-9a50-e4442a496de1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=bedd2c67-8c85-4902-9a50-e4442a496de1
Date
Mon, 02 Oct 2023 07:00:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
ap.lijit.com/ Frame BB33 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 02 Oct 2023 07:00:04 GMT
X-Sovrn-Pod
ad_ap3ams1
async_usersync
ib.adnxs.com/ Frame 015B 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
an-x-request-uuid
51a359e0-3871-4706-b050-fa8d0c0e2325
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/ Frame 1DB9
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
0
0
cs
ad.turn.com/r/ Frame D1EF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=1746720314
0
0
pixel
cm.g.doubleclick.net/ Frame 5819
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v2D505CxYf4-LBrYjfFItWzzQeDX0ew
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v2D505CxYf4-LBrYjfFItWzzQeDX0ew
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v2D505CxYf4-LBrYjfFItWzzQeDX0ew
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 5819 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
img
sync.mathtag.com/sync/ Frame 5819 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:04 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 02 Oct 2023 07:00:03 GMT
/
onetag-sys.com/match/ Frame 5819
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LN8JJP2C-I-DSRO&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LN8JJP2C-I-DSRO&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LN8JJP2C-I-DSRO&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
/
onetag-sys.com/match/ Frame 5819
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=313197623763080317
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=313197623763080317
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
an-x-request-uuid
ef1d9776-2438-4305-8298-563bc5de642c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=313197623763080317
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-matching
ads.stickyadstv.com/ Frame 5819 		0
0
tap.php
pixel.rubiconproject.com/ Frame 5819 		42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5819
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=891261007834113212
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=891261007834113212
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=891261007834113212
date
Mon, 02 Oct 2023 07:00:04 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5819
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vsk8uOMCs3v9DG_g6GiCSa7JYjmgrT017YSDOzpGJ10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vsk8uOMCs3v9DG_g6GiCSa7JYjmgrT017YSDOzpGJ10
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TV8J1PNCAVJJ1Q8P0E8K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vsk8uOMCs3v9DG_g6GiCSa7JYjmgrT017YSDOzpGJ10
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Pug
image2.pubmatic.com/AdServer/ Frame 5819
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDE2NUE5NUMtNDVDNi00MEMxLTlCNUMtQ0NCMTA1RDg5MjNC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame 5819
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 5819
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 5819 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 5819
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&google_hm=M2IwMjJiNzktNjEyNS00ZWQzLWExYTMtZDJmMTg1YWQwMWQ1
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDk2L5ZEFqedhOwVWdbu6CY&google_cver=1&ssp=onetag&bsw_param=3b022b79-6125-4ed3-a1a3-d2f185ad01d5
  • https://onetag-sys.com/match/?int_id=30&uid=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 02 Oct 2023 07:00:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame 5819 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
onetag-sys.com/match/ Frame 07A3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=efca651a-6a75-4700-8fc8-c6318ced3a17&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=efca651a-6a75-4700-8fc8-c6318ced3a17&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 02 Oct 2023 07:00:05 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x9 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=efca651a-6a75-4700-8fc8-c6318ced3a17&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 02 Oct 2023 07:00:04 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 07A3 		0
0
/
onetag-sys.com/match/ Frame 07A3
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=a6d8a1bd2f60411b57be4633f730ac22&gdpr_consent=&gdpr=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=a6d8a1bd2f60411b57be4633f730ac22&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:05 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=a6d8a1bd2f60411b57be4633f730ac22&gdpr_consent=&gdpr=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696230004956060-574
Expires
Mon, 02 Oct 2023 07:00:05 GMT
tap.php
pixel.rubiconproject.com/ Frame 07A3 		42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 07A3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v2D4RnT07GsOFGwPpJh7lcexDurWUUg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v2D4RnT07GsOFGwPpJh7lcexDurWUUg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiu8v2D4RnT07GsOFGwPpJh7lcexDurWUUg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 07A3 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.170 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 07A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 07A3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vsk8uOMCs3v9DG_g6GiCSa7JYjmgrT017YSDOzpGJ10
0
0
/
onetag-sys.com/match/ Frame 07A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOKkahNfA06q0CGP8BFsIus&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 07A3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 07A3 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
/
onetag-sys.com/match/ Frame 07A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=313197623763080317
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=313197623763080317
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
an-x-request-uuid
6c6bcb3b-ba24-420e-8002-a0499123d276
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=313197623763080317
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 07A3 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:03 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 07A3 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 07A3 		0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
80fb10fa2fbed696-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
match
ads.betweendigital.com/ Frame A9D1 		0
0
sd
us-u.openx.net/w/1.0/ Frame F9A1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Vkmnm1YdoctNRaDLURm7y1ROo8NNRffKWE5xICGD
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Vkmnm1YdoctNRaDLURm7y1ROo8NNRffKWE5xICGD
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Vkmnm1YdoctNRaDLURm7y1ROo8NNRffKWE5xICGD
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F9A1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1224220665693558984
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1224220665693558984
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1224220665693558984
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame F9A1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=975742d2-2183-8692-9645-0fd730ae3994
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XWPARM3SR7V72TW6TY0V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame F9A1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=cf813eaf-3d29-3d68-564b-8d40589df274&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame F9A1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTNlZWVkNjUtZjQ1ZS02M2NjLTQzYWItZDdmOTkyN2YzYzE0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F9A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMZe5_JBTgHcuurVIT_cGpA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMZe5_JBTgHcuurVIT_cGpA&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMZe5_JBTgHcuurVIT_cGpA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6185 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3226efde9a0cef0c23b7df69f8c750e08bcc3791121debbc204072b7a607b00

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80fb10fabc4801e3-ZRH
content-encoding
br
content-type
text/html
date
Mon, 02 Oct 2023 07:00:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQQjz75N1ltvr9F7CbJi0u4UpawqJIuJtQFw8rqf%2Bh82%2FfM2m9adnIHWIwZ8qOfibqyF66IJvc5NmMofcoJDEPjYDyK1Zaub7N7a886Lp15hYPN%2FENbwaPNaHXOSayoq3PUEd%2F3CI851mg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
generate_204
tpc.googlesyndication.com/ Frame 78AE 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6B12CQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
smwt256.gif
us.ck-ie.com/ Frame 1107 		0
0
cookie
cm.adform.net/ Frame 1BAE 		0
0
user-matching
ads.stickyadstv.com/ Frame A657 		0
0
v1
match.sharethrough.com/universal/ Frame B2BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.247.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
casale
match.adsrvr.org/track/cmf/ Frame 539C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 539C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELhuLTqfGMCl5K-d4HauiEk&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELhuLTqfGMCl5K-d4HauiEk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41Mi6pmSiISP8%2FEjgi1xCvkNYbmJQAzy4Z6G3kmORJGhWBAubGynyYHpWNE8MQwY1mrjBy%2Fe%2BYC9jGsnViKSzK3AtqsToTYJnkOEh4FC%2FmV%2FXHUGbxdGNY5bciSA3O75L6iC5oM%2Fuyi%2BMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fb10fc0ee401e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELhuLTqfGMCl5K-d4HauiEk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 539C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T2B15HJQ92ZBG0RWTZ1W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 539C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=313197623763080317
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=313197623763080317
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvCi4oTFzFemf8a6UlqneHM2iy4%2BcjxxX40PXcxJ8vVZjRw7gjbYG9gAhoIzP2DiH1rTtVz1bB1uyNinf5blZ1gyTcSsynnsQ9SttFP8VMixWmClB1KlLsERL%2B0Kda9vCGQWrScGH2dNnA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fb10fc6fa301e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
an-x-request-uuid
6b8b797d-0762-4847-805a-33c38d0feb5c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=313197623763080317
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame 539C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=313197623763080317
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=313197623763080317
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DylMkJrE8rXkR54ozX8Dh6RhM9oag2BofZnYWxx0Khf8TZOWTPHlTqkYmyqyqLHZu2xroyL7Ht%2FhPyczkg%2B%2BGSr4qxH27iI4NjGMwlu7StKcf0pjJFfT5eNWZ14jrtlbbey7tsdJ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fb10fc7c3703c3-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
an-x-request-uuid
cc3f2ea0-1949-4a15-9c24-d1318ed32d3c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=313197623763080317
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 539C
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329528015049405
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329528015049405
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0b9YUWDAv6XpE4Rq%2Fv4QKnYXi4aGcy4iSCKzv1X06y0LaoOYYiGOnATNSmuklY%2B6MyF1%2BA%2FwBDwqmHpTYwZAbO7ckkAwLzDoEdmhZoVXHMZtFCVMbI6ExVHdrxt7n43QQs1hy9ib%2FoPNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fb10fcb83701e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329528015049405
Date
Mon, 02 Oct 2023 07:00:05 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bridge
cm.adgrx.com/ Frame 539C 		0
0
user-registering
ads.stickyadstv.com/ Frame 539C 		0
0
sync
ads.servenobid.com/ Frame 539C 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
smw888.gif
us.ck-ie.com/ Frame C525 		0
0
usync.js
eus.rubiconproject.com/ Frame A8D1 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2a6874083f0e1ba2b7e1342b75200cadcaa71b754b1b844f00120eafad14b1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:05 GMT
Content-Encoding
gzip
Last-Modified
Sun, 01 Oct 2023 09:57:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10605
Connection
keep-alive
Content-Length
10474
Expires
Mon, 02 Oct 2023 09:56:50 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E0E5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst27KNI4Z8San6PjXFaBT5KA01pSdQIblj8QlzeCXGs9aaFmowTew9uH9bc9P-nOUXpQgxvMQw1V3N5WPx0aQKZfmAxvzMW9Ykit9Fw3TCnlDkT981tfb_AozqQNTVE&sai=AMfl-YQ3YijZlEmOXIFDkJZ27Gw0lIRJ_MNeFhucGj3P1917rZQMfZBgYI9u1ojLhydMd_p-OitZXKrwhO2ay2z-qyBk7RwXsgT5z0z5UPlP5A75ZIBMrNtpxQ1X9LAz&sig=Cg0ArKJSzAj-9muc2uaKEAE&cid=CAQSPADICaaNgLDcwc617zZ-U_aeaePv7KJaadj_PKnnuP4kH1FS5cEdLeSDTRNJMS0NCBxO-UalBjh5N_yyjhgB&id=lidar2&mcvt=1043&p=1110,650,1185,950&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696230001406&rpt=2532&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		318 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-654
cdn-cachedat
07/19/2023 19:53:42
cdn-pullzone
829957
content-length
325240
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
649
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ea341b247b26c354e92f39e816714586
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
usersync
usersync.gumgum.com/ Frame E38C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=313197623763080317
0
0
getuid
ads.avct.cloud/ Frame E38C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_581f5f8d-e908-480e-a10c-2d8654f73be4&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
0
0
redirectObuid
sync.outbrain.com/ Frame E38C 		0
0
usersync
usersync.gumgum.com/ Frame E38C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=38bc9adf-153c-053e-3130-9dad90cdf332
0
0
usersync
usersync.gumgum.com/ Frame E38C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4f0ab0d8-1ac8-542c-6339-d8aa0506daac$ip$84.227.125.228
0
0
usersync
usersync.gumgum.com/ Frame E38C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-wEnQDtFE2pfE9OfT2vnk6FuYqiJ5BcdGSplk~A
0
0
usersync
usersync.gumgum.com/ Frame E38C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=78a92d03-eaeb-4451-b729-925419b6a25e
0
0
142
match.deepintent.com/usersync/ Frame E38C 		0
0
/
b1sync.zemanta.com/usersync/gumgum/ Frame E38C 		0
0
server_match
ad.360yield.com/ Frame E38C 		0
0
rtset
bh.contextweb.com/bh/ Frame E38C 		0
0
usersync
usersync.gumgum.com/ Frame E38C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=891261007834113212
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=891261007834113212
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=891261007834113212
date
Mon, 02 Oct 2023 07:00:04 GMT
content-length
0
sync
ads.servenobid.com/ Frame E38C 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_581f5f8d-e908-480e-a10c-2d8654f73be4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
ZRpqck875hq32KDU7nQuNwAAFAoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6185 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZRpqck875hq32KDU7nQuNwAAFAoAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.154.185 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-154-185.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
cs
ad.turn.com/r/ Frame 6185 		0
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 6185 		0
0
ZRpqck875hq32KDU7nQuNwAAFAoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6185
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZRpqck875hq32KDU7nQuNwAAFAoAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZRpqck875hq32KDU7nQuNwAAFAoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
54.247.154.185 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-154-185.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZRpqck875hq32KDU7nQuNwAAFAoAAAIB
date
Mon, 02 Oct 2023 07:00:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
odr.mookie1.com/t/v2/ Frame 6185
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&ssp=index&gdpr=&gdpr_consent=
0
0
ping_match.gif
pm.w55c.net/ Frame 6185 		0
0
rum
dsum-sec.casalemedia.com/ Frame 6185
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=La3I9y35zqc2oc-nKv3Upy-qzK82oZimI6oDkHBy
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=La3I9y35zqc2oc-nKv3Upy-qzK82oZimI6oDkHBy
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDtUPR2HkyTVG%2BsnzOiNro53BzI%2F9ltKmF2Ynvd6hxWigUSfNI9tafbm9G3P9UjafKP9EkEd8z4SL%2Fjnx%2BEBSCmbu3P%2F3TghyaX61nVNOLWTIu40U0ofZgWKI2dFEoT9aNkuI3gicZ9pTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fb10fcb84501e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=La3I9y35zqc2oc-nKv3Upy-qzK82oZimI6oDkHBy
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6185
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=313197623763080317
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=313197623763080317
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFY7IPaeRe4Ltz8VC0nxHMRwqHg7KYQegwUEzaFC45SMmCVV9I%2FEUacsJYLEOixAaXZkMTkilKaQAqN7JSDCOdSdhVIVKavsfoMTGrRmuURUWxGsCdzBQjDz3qayqPsVh534ZQUmKN%2FPSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fb10fd391f01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
an-x-request-uuid
0ba1eb3e-9d88-43f1-9db9-884eac6ebac6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=313197623763080317
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6185 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZRpqck875hq32KDU7nQuNwAA%265130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67143
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80fb10fc0b40063a-CDG
content-length
43
expires
Tue, 03 Oct 2023 07:00:05 GMT
usersync
rtb.gumgum.com/ Frame AE6A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=1224220665693558984&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=1224220665693558984&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.185.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 02 Oct 2023 07:00:05 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 02 Oct 2023 07:00:05 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=1224220665693558984&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 1DE2 		0
0
pixel
cm.g.doubleclick.net/ Frame AB07 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81ODFmNWY4ZC1lOTA4LTQ4MGUtYTEwYy0yZDg2NTRmNzNiZTQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 33C9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96803
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 02 Oct 2023 07:00:05 GMT
expires
Tue, 03 Oct 2023 09:53:28 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 3749 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 02 Oct 2023 07:00:05 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 573E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZRpqc8Co5r8AAFC5ubMAAAAA
0
0
gumgum
cs.admanmedia.com/sync/ Frame DB88 		0
0
cm-notify
creativecdn.com/ Frame 2599 		0
0
usync.html
eus.rubiconproject.com/ Frame 0C59
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Oct 2023 07:00:05 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 02 Oct 2023 07:00:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame D3DA 		0
0
sync
ads.servenobid.com/ Frame 76A3 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=991522290600240239&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 76A3
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=0410253733
0
0
/
rtb-csync.smartadserver.com/redir/ Frame 76A3 		0
0
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame 76A3 		0
0
/
csync.loopme.me/ Frame 76A3 		0
0
khaos.json
token.rubiconproject.com/ Frame A8D1 		7 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LN8JJP2C-I-DSRO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame A8D1 		0
0
usync.js
eus.rubiconproject.com/ Frame 0C59 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2a6874083f0e1ba2b7e1342b75200cadcaa71b754b1b844f00120eafad14b1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 07:00:05 GMT
Content-Encoding
gzip
Last-Modified
Sun, 01 Oct 2023 09:57:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10605
Connection
keep-alive
Content-Length
10474
Expires
Mon, 02 Oct 2023 09:56:50 GMT
v1
match.sharethrough.com/universal/ Frame ED78 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.247.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
cs
cs.yellowblue.io/ Frame ED78
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=a6d8a1bd2f60411b57be4633f730ac22&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=a6d8a1bd2f60411b57be4633f730ac22&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.208.171.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-171-144.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 02 Oct 2023 07:00:05 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=a6d8a1bd2f60411b57be4633f730ac22&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696230005422015-370
Expires
Mon, 02 Oct 2023 07:00:05 GMT
cs
cs-server-s2s.yellowblue.io/ Frame ED78
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=4165A95C-45C6-40C1-9B5C-CCB105D8923B
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.228.176.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-176-115.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=4165A95C-45C6-40C1-9B5C-CCB105D8923B
date
Mon, 02 Oct 2023 07:00:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame ED78 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=khC-g_0-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
viewability
hal90009.redintelligence.net/ Frame A38D 		0
0
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		391 KB
392 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
08/02/2023 03:56:22
cdn-pullzone
829957
content-length
400064
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
86
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ba9ce00be9db98bcbb1c1988cbebaad3
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame FEDA 		0
0
khaos.json
token.rubiconproject.com/ Frame 0C59 		7 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LN8JJP2C-I-DSRO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5C9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=2838286010688744&bg=!eXqlejXNAAYEJRtnJCU7ADQBe5WfOBCSQYSa2w_X4Zl7948Y20naz84ZGYpDWmoElxUUuFJvkjBU0agktK2lzoxgVfymAgAAAjZSAAAAHWgBBwoAavpB6ekgaWDeUqaxY9H2V3COzYzEghZq4984_k7k-IEO9osVw9VfffsRk-d8T7yVADp6Gt54nD_jd5upY4YRXZwDyEbznzsPi7eX29kXNm230u0dVIqc4LosGXMl1HGDwt7amrTOkYVDWK6ZAsTynRFMMb6MwGkvupP1-5RP8cprf2Fx5TIRB3LG0KisSof8Y4sgo6OfxemATyHCDa5e-3gFFvSmjgg7tuaUV1vSH0XO1wliVQUjqfkeQJ85ecoHsVrCpBxZy6_bNuW133HJfCwFrpJB2QfqDSD28KImZ6f1j4Ysm2ziqgg3fhA_JMDS_pBuCVpQwpFKEfVGTqt2D8BnUGuQiGyeG5y88cRN4ORBeX3DcH5SP3g5QHiCMkDnof3OmHi9ZkRdGRM8utvotrUj0c70SXqNk7LkyV3NgsFBrQPIwrWyGAyJjAuYsqiLuFp8L2VJD8-27xqrT-8vNoTOuplNPvQdXi2Li2MvgeXOfKBAqv7RRtqYXrYb94X8KKCOV8DijBXT8uVliB5-bWWHXfj3ldetdpqBybpwGaVQJNtwSEnQjgyxOPIG6e6qHjv3Y7GADl4jZ7eAFWC5A1keQ6GQbqU_cVinqrQ78liEwBxs0rQ9Qp4u1cGrF6rAJ4tPKiutwOoWwgSA3EjbVTBY-rPgl6Rb3Zw5RrVDTOA8gpK9s51ZHqNpEgdCSaCwhibfsK8-54EgVN9rZetDRms20rG4yJcyGKRKeBoE9HaIiPN2i6bf0lmaD6sOV_060YQysUuoH0pxErzkjX6fidP7B-oEYJ-9V98_v-inr5MCIbJsKEbmFmDWxgP5WF3OmZUCkNvK9wcoSM4eHq7DxWDDH-DKBVuEpbn7mrMHTuJCCj6chK670m_ipJ-GI1pRvcCnW51UcT5AAq4HpovtgwCixbDiRj-QKOxcIa93pA56XYFNmmj95EGJmGsZk5LG1i4wwyLg-Cm-4MUSzDJtBA2xnNuqKy_JqI8IqoqwhaJPEgQdFoyYBBYPGhMRZNiwvuwY0LJ_yLEDqQeWMB1Lt16VWWNNKpoSZyi8Y07wqSgotGSmKg5uozlK0DFOYDuacV0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usersync
usersync.gumgum.com/ Frame 0C59
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LN8JJP2C-I-DSRO
  • https://usersync.gumgum.com/usersync?b=mag&i=LN8JJP2C-I-DSRO
0
0
async_usersync
ib.adnxs.com/ Frame 015B 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:05 GMT
an-x-request-uuid
3417cd7e-aac7-41eb-a25d-a7587508c642
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
84.227.125.228; 84.227.125.228; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		320 KB
320 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-576
cdn-cachedat
07/16/2023 19:53:18
cdn-pullzone
829957
content-length
327308
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
276
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
c1b755b02be74fdd6233d28bb3fe3286
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		333 KB
334 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:05 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-197
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
341032
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
cb2c10e916f6b8c21f77f1d5cdfca26d
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0E5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4701300102774&version=m202309120101&ct=77&x=1&cor=6234372808269580000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame FEDA 		156 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=B978FB23-928E-478A-8F93-573AA38F2CFD&nel=0&eid=44736292%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&dlt=1696229998788&idt=5016&dt=1696230005422&cookie=ID%3Da66565a41076df35-22f3557524df00d5%3AT%3D1696230000%3ART%3D1696230002%3AS%3DALNI_MYlFfMsN7k858SmLT_bjXFiEq5O0g&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=1415490699167376&scor=446290030864026&ged=ve4_td6_tt1_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		349 KB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:06 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-169
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
357576
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
788d911b0f2e746b278315496d320397
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:06 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-659
cdn-cachedat
07/19/2023 19:53:43
cdn-pullzone
829957
content-length
374496
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
633
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
7c32675009423e12d23da7c2c54e4224
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696230006588&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1557&pt=-1851375812&tz=120&viewable=true&ddast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
8974c7de3825a8cd4f7a46cb779898056bf499a52259aeacd574995bb508a311

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:06 GMT
content-encoding
gzip
server
nginx
machineid
1404
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:06 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-680
cdn-cachedat
08/15/2023 14:35:15
cdn-pullzone
829957
content-length
382956
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
5c291cc9a03ec86ba34437aa7d3d3863
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
csi
csi.gstatic.com/ Frame FEDA 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ln8jjrbx&c=17730987787&slotId=8865493893.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video8.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		330 KB
331 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-662
cdn-cachedat
09/09/2023 02:40:34
cdn-pullzone
829957
content-length
338212
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
494
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ec977a7cb70d3ff3b17c0ce1c0840735
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi2=-2&tvi48=9598&tvi50=10882&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
69
date
Mon, 02 Oct 2023 07:00:08 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
66216
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-ams21063-AMS
pragma
no-cache
server
nginx
x-timer
S1696230008.453294,VS0,VE69
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39r0&_p=1194065067&cid=404882103.1696229999&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696230002&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&dt=MLB%EF%BC%8F%E8%8B%A5%E7%B0%BD%E4%B8%8B%E9%81%94%E6%AF%94%E4%BF%AE%E6%9C%89%E3%80%80%E9%81%8A%E9%A8%8E%E5%85%B5%E8%80%83%E6%85%AE%E4%B8%8D%E8%A3%9C%E8%8F%B2%E7%88%BE%E5%BE%B7%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame FEDA 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F11440465%2FThird_Party%2FTP_VAST_8&description_url=https%3A%2F%2Fzeenews.india.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3697767890061076&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=B978FB23-928E-478A-8F93-573AA38F2CFD&nel=0&eid=44736292%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&dlt=1696229998788&idt=5016&dt=1696230007615&cookie=ID%3Da66565a41076df35-22f3557524df00d5%3AT%3D1696230000%3ART%3D1696230002%3AS%3DALNI_MYlFfMsN7k858SmLT_bjXFiEq5O0g&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&scor=2005525437641585&ged=ve4_td9_tt4_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts3_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6ed21ad71fca37e2ec2d341154dc82c788cbcdae73eb3039e27360c6906b45a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
841
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 33C9 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34888642&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e6d10d04e79772837e390bd71c1604615c7de4e087a3a9d175d7c1f848d4a8e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 02 Oct 2023 07:00:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame D3DA 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49212521&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
75f2237ed2c2cfd5b21e4e898e75097480d53306136cd25c252da1ffe4376279

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 02 Oct 2023 07:00:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
video9.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		339 KB
340 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-199
cdn-cachedat
01/30/2023 07:35:59
cdn-pullzone
829957
content-length
347236
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
275
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
91f4e7a3b62dc8f4e4db5730bd06d080
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
70748edfe3255edd3bd0b4ccd6d6a5bc4d388985b4a50817f8501de37f6ed289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12330
x-xss-protection
0
syncframe
gum.criteo.com/ Frame AFC9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:08 GMT
server
Kestrel
server-processing-duration-in-ticks
288501
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usersync.aspx
dis.criteo.com/dis/ Frame D9A6 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9D1E 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4165A95C-45C6-40C1-9B5C-CCB105D8923B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 02 Oct 2023 07:00:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
48K9Q9FP7F1SKGWWDZ8E
Pug
simage2.pubmatic.com/AdServer/ Frame 7F5F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=313197623763080317&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 5B2D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=elC-qnoEuPphXLn6fQCi-nhXuvJhXO77dFdVSRls
0
0
usersync
usersync.gumgum.com/ Frame 9AC5 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 02 Oct 2023 07:00:08 GMT
Expires
0
Pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 33C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QWWpXEXGQMGbXMyxBdiSOw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=96800
accept-ranges
bytes
content-length
5606
expires
Tue, 03 Oct 2023 09:53:28 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 33C9 		0
0
cr
cr.frontend.weborama.fr/ Frame 33C9 		0
0
match
a.audrte.com/ Frame 33C9 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 33C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIN-7S-AQWIkMHZIe8Mp6SE&google_cver=1
0
0
pubmatic
um.simpli.fi/ Frame 33C9 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 01 Oct 2023 07:00:08 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 33C9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1224220665693558984
0
0
generic
match.adsrvr.org/track/cmf/ Frame 33C9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 33C9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5QIIPw9E2uXkIByA55Yv28Ns2rN9Fts-~A&gdpr=0
0
0
4165A95C-45C6-40C1-9B5C-CCB105D8923B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 33C9 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4165A95C-45C6-40C1-9B5C-CCB105D8923B?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.154.185 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-154-185.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D3DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QWWpXEXGQMGbXMyxBdiSOw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=96800
accept-ranges
bytes
content-length
5606
expires
Tue, 03 Oct 2023 09:53:28 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame D3DA
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent=&ct=y
Protocol
H2
Server
54.76.246.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-246-245.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.251
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.9.164
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame D3DA 		0
0
match
a.audrte.com/ Frame D3DA 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame D3DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIN-7S-AQWIkMHZIe8Mp6SE&google_cver=1
0
0
pubmatic
um.simpli.fi/ Frame D3DA 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 01 Oct 2023 07:00:08 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D3DA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1224220665693558984
0
0
generic
match.adsrvr.org/track/cmf/ Frame D3DA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
server
Kestrel
content-length
70
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 5671 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:08 GMT
expires
Mon, 02 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
212056
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8098 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C8F6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=313197623763080317&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame B67C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=elC-qnoEuPphXLn6fQCi-nhXuvJhXO77dFdVSRls
0
0
SPug
image4.pubmatic.com/AdServer/ Frame D3DA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5QIIPw9E2uXkIByA55Yv28Ns2rN9Fts-~A&gdpr=0
0
0
4165A95C-45C6-40C1-9B5C-CCB105D8923B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D3DA 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4165A95C-45C6-40C1-9B5C-CCB105D8923B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.154.185 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-154-185.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
/
dsp.adfarm1.adition.com/cookie/ Frame BA32 		0
0
sync
dsp.nrich.ai/bidswitch/ Frame 692E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame BCFC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Twqw2BrIVCxjOdiqBQbarFTjfeQ&gdpr=0&gdpr_consent=
0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 7765
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRpqeQARh6EfOQA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 02 Oct 2023 07:00:09 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21027-AMS
x-timer
S1696230009.173518,VS0,VE85

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 02 Oct 2023 07:00:09 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRpqeQARh6EfOQA4
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21027-AMS
x-timer
S1696230009.987853,VS0,VE90
/
csync.loopme.me/ Frame D77C 		0
0
redir
rtb-csync.smartadserver.com/ Frame 965E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIaUtrN0tOTlVBQUJqb2dOVUxzUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAHiKk7KNNUAABjogNULsQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAHiKk7KNNUAABjogNULsQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAHiKk7KNNUAABjogNULsQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
0
0
sync
t.adx.opera.com/pub/ Frame 1184 		0
0
bridge
cm.adgrx.com/ Frame ABDB 		0
0
cm
ipac.ctnsnet.com/int/ Frame B136 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 916E
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528015049405
0
0
pubmatic
d5p.de17a.com/getuid/ Frame 6DE0 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 8B8D 		0
0
cookiesync
core.iprom.net/ Frame BB39 		0
0
i.match
a.tribalfusion.com/ Frame 34A9 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame A138 		0
0
cm
green.erne.co/pubmatic/ Frame 617D 		0
0
sync
ads.servenobid.com/ Frame 4F0A 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 02 Oct 2023 07:00:08 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D3DA 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame D3DA 		0
0
cs
ad.turn.com/r/ Frame D3DA 		0
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame D3DA 		0
0
json
gum.criteo.com/sid/ Frame AFC9 		438 B
561 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6f11c17258ff953871d290ea0c0c220fac8a891256c84390df832a4a454cbe95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 07:00:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1678842
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 Oct 2023 07:00:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F41D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1713
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 06:31:35 GMT
expires
Tue, 01 Oct 2024 06:31:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1F0A 		829 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
GSE /
Resource Hash
67b4f076d8238e4b16e0b8fd55d835c9cfbe7926ac806890873373c4606b0d85
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--qXraMXxgm9fl8GUEPXJRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--qXraMXxgm9fl8GUEPXJRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:00:08 GMT
expires
Mon, 02 Oct 2023 07:00:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame F41D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 12:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
67933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Sep 2024 12:07:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309260101&jk=375766901515413&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
perf
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/perf?tvi2=-2&tvi48=9598&tvi50=10882&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231001-10-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 02 Oct 2023 07:00:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
generate_204
tpc.googlesyndication.com/ Frame F41D 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TAsouw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:00:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame FEDA 		0
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		0
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
video10.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame 33C9 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame D3DA 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ae737a695a8ddcae486ff98f885b377d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/05db76c17227aa9b78589de617a4ff70.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b02ba158580ca9e03b59f5163da513fa.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/33e4fd0e681f6f2b91aa39be646671a5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7321329be97bddad18ddf6f55cb70d15.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d09ad06cff765c7bf397d64cf1e7b9a6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/bd6977f810bb28c226292bf859d9d5df.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a9532c143a40dd434018802c75fba23f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7e3f9b3f829e70ee97a9bb508540ad6e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/227eeb40360775d6105e8d597ce19483.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b02ba158580ca9e03b59f5163da513fa.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/84f02ad7614223612341dede58e80155.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/34e97d2b8e749f4fdaa055e87920556b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f9d8635e6421878f5c0f084413073181.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/6a2dff9af8b0f383a92945cc8c85ab7c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/bb3d7b55a90924f5c4b245b6471623e6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/755a3c3dba7802239712d7075bb7aec3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a58b736b35a366470ebfab208aaa785a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9fbc2108695aa5c9ff2881c5f4e6f2f1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ec46f06c7f92d8668c176ca69a4c3b0e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b08f2412f9f1fa973b71a8055fa447f9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/aec9d5ec80a4ef1a00e1ad37bfb9a406.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4db8c3337876399452d52b354cf47f43.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5c99e3998934a33df6094170479da6ec.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4f2294375a8ee3c2bce727c900856c30.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/872a869190c93953ef758b630d4c0335.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e922119d549b5a6ae3ce548cd4f9b2f9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e669a00de6f7849cffe8117d1c28d7f1.jpg?w=150&h=100&q=100
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=45&rndcb=5756531302
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hOGMxNzc2Zi04YTNkLTNmNjktOGY3Mi1hNzMzNDhlNTAxYWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hOGMxNzc2Zi04YTNkLTNmNjktOGY3Mi1hNzMzNDhlNTAxYWEyAh0fOAE=%26gdpr%3D%26gdpr_consent%3D
Domain
hbx.media.net
URL
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
Domain
sync.smartadserver.com
URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=45&rndcb=1746720314
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vsk8uOMCs3v9DG_g6GiCSa7JYjmgrT017YSDOzpGJ10
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=313197623763080317
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=38bc9adf-153c-053e-3130-9dad90cdf332
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4f0ab0d8-1ac8-542c-6339-d8aa0506daac$ip$84.227.125.228
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=oth&i=y-wEnQDtFE2pfE9OfT2vnk6FuYqiJ5BcdGSplk~A
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=vnt&i=78a92d03-eaeb-4451-b729-925419b6a25e
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_581f5f8d-e908-480e-a10c-2d8654f73be4&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&ssp=index&gdpr=&gdpr_consent=
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sus&i=ZRpqc8Co5r8AAFC5ubMAAAAA
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=e_581f5f8d-e908-480e-a10c-2d8654f73be4&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6621940&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=0410253733
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LN8JJP2C-I-DSRO
Domain
hal90009.redintelligence.net
URL
https://hal90009.redintelligence.net/viewability?s=80122400024887204438446012465009&a=8c17c6a6&vb=v
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=B978FB23-928E-478A-8F93-573AA38F2CFD&nel=0&eid=44736292%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&dlt=1696229998788&idt=5016&dt=1696230005422&cookie=ID%3Da66565a41076df35-22f3557524df00d5%3AT%3D1696230000%3ART%3D1696230002%3AS%3DALNI_MYlFfMsN7k858SmLT_bjXFiEq5O0g&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=1415490699167376&scor=446290030864026&ged=ve4_td6_tt1_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mag&i=LN8JJP2C-I-DSRO
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=313197623763080317&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=elC-qnoEuPphXLn6fQCi-nhXuvJhXO77dFdVSRls
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent=
Domain
cr.frontend.weborama.fr
URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIN-7S-AQWIkMHZIe8Mp6SE&google_cver=1
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1224220665693558984
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5QIIPw9E2uXkIByA55Yv28Ns2rN9Fts-~A&gdpr=0
Domain
cr.frontend.weborama.fr
URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIN-7S-AQWIkMHZIe8Mp6SE&google_cver=1
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1224220665693558984
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4165A95C-45C6-40C1-9B5C-CCB105D8923B&redir=true&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=313197623763080317&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=elC-qnoEuPphXLn6fQCi-nhXuvJhXO77dFdVSRls
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5QIIPw9E2uXkIByA55Yv28Ns2rN9Fts-~A&gdpr=0
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Domain
dsp.nrich.ai
URL
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Twqw2BrIVCxjOdiqBQbarFTjfeQ&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAHiKk7KNNUAABjogNULsQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528015049405
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
green.erne.co
URL
https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=B978FB23-928E-478A-8F93-573AA38F2CFD&nel=0&eid=44736292%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&dlt=1696229998788&idt=5016&dt=1696230009281&cookie=ID%3Da66565a41076df35-22f3557524df00d5%3AT%3D1696230000%3ART%3D1696230002%3AS%3DALNI_MYlFfMsN7k858SmLT_bjXFiEq5O0g&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=2994962902525747&scor=294619816029751&ged=ve4_td10_tt5_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Domain
am-wf.taboola.com
URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696230009604&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1557&pt=-1851375812&tz=120&viewable=true&ddast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309260101&jk=375766901515413&bg=!Pj2lPXLNAAYEJRtnJCU7ADQBe5WfOJ2xPh1nYtxo_yMrDYxkVmwY9lg9rLP5mIOSmeHJNYqaRK1CwOqRIcmTQZSx8DbBAgAAAIZSAAAACGgBBwoAkc8N3GgRazOacx9K2epTouqnQHLiAhKIALtnVliKq6lKAzukZbBDec1KK7szIfUOG0CVmiUYP5uONoYIDDSTeCvm5aX8KGNAHxcLffYLtbkYBbe7lhIVErnBxpuHVEFGNQLAbwESeRJWHeQ8VIuDYyidVoqQ7AsPl0fpCYovLcgDneM4vXbI2Q-pkgOEH1i2qi6ZAqvTNtsbvSwGF-RnSiTfWpaVS2SZiSQWrp2Smue0DfCeykHOEBrDhUGay-uo9O940AoLz_ofWCotge0CYU0bvo0htXZJP_-LI7H7gzpGDyC8NOHOdbXq4N6Ss4w7qaARxp4enppgWb0b_ocovc726RxEIGE1oNw01uUmOOEbNAtqcG8HNr1CAtVNi0aJzfgMFY-g_R8A0uvR-ToHSjpqhFgDRk-lP_uJJ0Wlm0Kn80HB7Do6vWf4W6fwCreE1E0wZS7qDJBepJMGmBICtQWSI8BLO_XAnOqBV-SSR-i-zL7VEGVGdUM_XMR9Z5qtf7E-8hWH85uxs7YzGAhzfoITrNcHwbVNMP-AtLCOJ428PDWLPIUX9l9HwVyHn-2CYY7YthNk31XZfarNGSGrE10Lm5TJb0vmoOt09Bx230_YEGdnCpvTxu-LnDiVkQS6UM2fVMWW0489xf_R6zjeuygzK3GlteZjmmH9HV7_N-WuFiUS7z2BwF8MSL3BVMSTY-SzHnhkXu2GSQpryQmlZkGhhZvgoI_N6Sr-ZxKwvr4HqIEUFu0zGH8b8-5VcWfBZIwvv1gWBefhiDzMhu71TyNpLw34NsKlHPe5ncbOjDo88XcPTh0fUwJA_WKs177x71XdK4SBkozuXM189eU7SZIUisU18ShYCwVclEunHIQ8uSD0VpVLXd_Nj9LFcOkk4sSga-fJm6vjF1I-nMWMaUC6B-n33rQNob_xgOj2Ykf5HRrWLK7kOAg9eT9Ch_TC8wdm3hD1qp_m5t2Ld7FmO9uRldWNUw2p79MAM39KCKUVbIIRfgBj9fp9JUdU54x7o3vAtRHVKeK1m5VtySwy6WPMoJVTO72WHFBNVeWhPn30ig0oeG1p4_UqpqmQ-sim9G3YxBTGDO1IKNZO3hAQUw
Domain
stream.unibotscdn.com
URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video10.ts
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| unibots function| _statcounter object| TRC function| _typeof object| _tblConsole undefined| msg function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_tag_manager object| google_tag_data object| googletag object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| totm object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs object| adRecover undefined| google_measure_js_timing undefined| $ undefined| jQuery function| jqAlias string| nam object| placementData function| runAnimCheck string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| checkFrameandInitStartFun function| processData object| google_reactive_ads_global_state number| google_unique_id object| _qevents object| cmTag object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| ucf object| request string| paramsString object| _cm_wfCounters string| lastWfUrl function| quantserve function| __qc object| ezt object| _qoptions object| ubp_pbjsChunk object| ubp_pbjs object| _ubp_pbjsGlobals function| startCMTagMain function| io string| category function| shuffle object| entertainment object| arrToUse object| playlist boolean| noPreviewPage function| OvaMediaPlayer function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun function| clientJsFunction function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| google_ad_modifications object| google_prev_clients object| vttjs function| WebVTT function| videojs function| videojsIma object| $jscomp object| canAutoplay function| videojsPlaylist function| videojsContribAds function| isValidVideo string| myPlayerGabywa object| oldScript object| attr object| closure_lm_127160 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| closure_lm_345330 function| prepareAdRequest object| GoogleGcLKhOms number| measureInterval

115 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1696229999.3C6485CF8C424FC42C49C6EE01B49F8D.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1696229999.0
.statcounter.com/ Name: is_visitor_unique
Value: 1696229999377039769
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1696229999.1.0.1696229999.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.404882103.1696229999
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dcc720391-f959-4335-b961-e491463fccdd-tuctc13efef
www.bg3.co/ Name: __AP_SESSION__
Value: cb6ed9b8-6260-4dc5-b0aa-35ec79661162
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 81e48bc4-b180-48e4-a141-a483b4a85926
.bg3.co/ Name: __gpi
Value: UID=00000c8a3cca59b1:T=1696230000:RT=1696230000:S=ALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg
.omnitagjs.com/ Name: ayl_visitor
Value: 30798bf4c7256d5cf1d7e116f68890d2
.prebid.a-mo.net/ Name: __amc
Value: 2_1696230000_1696230000
.aralego.com/ Name: sspid
Value: 1059acac-63d3-35b0-8b32-570038f8add7
.teads.tv/ Name: tt_viewer
Value: 5879de1c-2bbf-4504-9c7f-95477f28ad01
.rubiconproject.com/ Name: khaos
Value: LN8JJP2C-I-DSRO
.doubleclick.net/ Name: IDE
Value: AHWqTUm3ghoNvOzgrmszaqVRL7k1hL7UoXLJbXNQ5fuUHgqyYPogxlXwNk8B7VYbyBY
.aralego.com/ Name: euconsent-v2
Value:
.quantserve.com/ Name: mc
Value: 651a6a71-9611e-14259-9a082
.bg3.co/ Name: __qca
Value: P0-896247855-1696230000903
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1696230002.1.0.1696230002.0.0.0
.yahoo.com/ Name: A3
Value: d=AQABBHFqGmUCEEryRuCY5ZMmG-naK_20yloFEgEBAQG7G2UkZQAAAAAA_eMAAA&S=AQAAAvkLfjVxjfkPD27fCXvq1Ng
.3lift.com/ Name: tluid
Value: 2924308075088863754014
sync.gonet-ads.com/ Name: chk
Value: 1
fksnk.com/ Name: AWSALBCORS
Value: nKo2N1qK45I7O7W8zLwQ3rmLREcEdymg4LQitfVeHnFWSWs6BPf++YaTrrFnrC/SlhfWmZ3ZTLoM0wCqXovElyR2FAXEl1VD7Qz9j8agRxjEjKN89q4GYwS1exOh
.fksnk.com/ Name: f_001
Value: 98BA03B5606538E9
.fksnk.com/ Name: g_001
Value: 1
.gonet-ads.com/ Name: pid
Value: NzJhNWZmOGZlNjVjNGNhNA
.casalemedia.com/ Name: CMPS
Value: 5130
.casalemedia.com/ Name: CMID
Value: ZRpqck875hq32KDU7nQuNwAA
.casalemedia.com/ Name: CMPRO
Value: 5130
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7d4ae2d3-1998-42b9-b449-d490f15c7427-003%22%7D
.bidr.io/ Name: bito
Value: AAHiKk7KNNUAABjogNULsQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.bg3.co/ Name: __gads
Value: ID=a66565a41076df35-22f3557524df00d5:T=1696230000:RT=1696230002:S=ALNI_MYlFfMsN7k858SmLT_bjXFiEq5O0g
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 4a852c342adf8cea
.socdm.com/ Name: SOC
Value: ZRpqc8Co5r8AAFC5ubMAAAAA
.primis.tech/ Name: csuuid
Value: 651a6a734fc8a
.linkedin.com/ Name: bcookie
Value: "v=2&49503ca8-94bf-4547-8b4f-7e2055d69664"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTYyMzAwMDM7MjswMjFJwqj6mZgId2YUfhk3F2P/KGmiGEDb/jegGwSe8wDrnA==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3009:u=1:x=1:i=1696230003:t=1696316403:v=2:sig=AQGff5qA-qouN0g8mZ1xvyr00vdhOmIi"
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1696230003.1.0.1696230003.0.0.0
.amazon-adsystem.com/ Name: ad-id
Value: A-6hFAmqR0xbgoKtn22FXBo
.hb.yahoo.net/ Name: data-mag
Value: LN8JJP2C-I-DSRO~~63
.ipredictive.com/ Name: cu
Value: 78a92d03-eaeb-4451-b729-925419b6a25e|1696230003765
.lijit.com/ Name: ljt_reader
Value: HatkrGZH4suyw0QsRTOF9U3R
.simpli.fi/ Name: suid
Value: 8F6539E88F114227908F3039A3DE673C
.adform.net/ Name: C
Value: 1
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-02T07%3A00%3A04%22%7D
.adform.net/ Name: uid
Value: 1224220665693558984
.awin1.com/ Name: awpv13872
Value: 414915|1696230004|501b3810-60f1-11ee-b5a9-2261897cac57
.awin1.com/ Name: AWSESS
Value: 429085:2528692
.adnxs.com/ Name: uuid2
Value: 313197623763080317
.googleadservices.com/ Name: ar_debug
Value: 1
.go.sonobi.com/ Name: __uis
Value: fbd5152e-b767-47aa-a081-f4d6ab69df4c
.go.sonobi.com/ Name: HAPLB8G
Value: s85174|ZRpqd
.openx.net/ Name: i
Value: 1c2d01f6-94ae-029f-0c9d-45a83cbac189|1696230004
.blismedia.com/ Name: b
Value: 651A6A74EA8DD7329A8963BEBLIS
.onetag-sys.com/ Name: OTP
Value: Vsk8uOMCs3v9DG_g6GiCSa7JYjmgrT017YSDOzpGJ10
.openx.net/ Name: pd
Value: v2|1696230004|gen0vNvQiygu
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7d4ae2d3-1998-42b9-b449-d490f15c7427-003%22%2C%22zdxidn%22%3A%222069.66%22%2C%22nxtrdr%22%3Afalse%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f0ab0d8-1ac8-542c-6339-d8aa0506daac.s6tIrmDhMGccgBISGE5a7E714u5nvrCNctbeJ1oISwU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f0ab0d8-1ac8-542c-6339-d8aa0506daac.s6tIrmDhMGccgBISGE5a7E714u5nvrCNctbeJ1oISwU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATwqw2BrIVCxjOdiqBQbarFTjfeQ.EhbFW4lfzfM7usToo2vvWsnedkEKr7JmNMrCgQTD5lM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATwqw2BrIVCxjOdiqBQbarFTjfeQ.EhbFW4lfzfM7usToo2vvWsnedkEKr7JmNMrCgQTD5lM
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIN0YiNHqPdCKlFzKLO-eJKfkRyYhOFb0iNr_Pv-QphhZEAEYAyD01OmoBjABOgTwi70wQgR_-g0p.AU5HxmAJy%2FjaR20kdfLr2VhgDhMZE6%2F41UIdLnr5O5E
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIN0YiNHqPdCKlFzKLO-eJKfkRyYhOFb0iNr_Pv-QphhZEAEYAyD01OmoBjABOgTwi70wQgR_-g0p.AU5HxmAJy%2FjaR20kdfLr2VhgDhMZE6%2F41UIdLnr5O5E
.bidswitch.net/ Name: tuuid
Value: 3b022b79-6125-4ed3-a1a3-d2f185ad01d5
.bidswitch.net/ Name: c
Value: 1696230004
.servenobid.com/ Name: pid_339
Value: y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
.servenobid.com/ Name: pid_318
Value: iUiPXnu1P9K0O1U0KyP0VBaMaQqby3WJArROgJ3s540
.servenobid.com/ Name: pid_337
Value: y-LSNoT.pE2uFi6c2rnjOSX..QBpk3znGhpuuMriQ-~A
.smilewanted.com/ Name: sw_user_params_infos
Value: %2Fh0IVOzC8bikvGw2YraQFCtftpIsYoJKm7%2BUaaJnsDBkalaZH32v0lRLK0U9uj9QLh%2FtX0fyBL1kcSMfEzBVOP%2Bqm53CBjcjQWCDTiZuFM%2B1OIykUoRHZevrI3dO%2Bfi%2FhuX1o6x0PpYGi1kHMjYIwa7QiZ43EXEZsQhAkA20jGcCVbsFCH9UtoNZQTldiohTnq2u3txl0rZS1947hYt7aCw6XYD4CVo5jBbBcRrn3AK0bO0Sd7fbzSqhmQZ58YMT
.smaato.net/ Name: SCM
Value: 0410253733
.smaato.net/ Name: SCMg
Value: 0410253733
.servenobid.com/ Name: pid_312
Value: 313197623763080317
.gumgum.com/ Name: vst
Value: e_581f5f8d-e908-480e-a10c-2d8654f73be4
.bidswitch.net/ Name: tuuid_lu
Value: 1696230005
.ads.stickyadstv.com/ Name: UID
Value: a6d8a1bd2f60411b57be4633f730ac22
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4165A95C-45C6-40C1-9B5C-CCB105D8923B
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.smartadserver.com/ Name: pid
Value: 991522290600240239
.mathtag.com/ Name: uuid
Value: efca651a-6a75-4700-8fc8-c6318ced3a17
.servenobid.com/ Name: pid_333
Value: ZRpqck875hq32KDU7nQuNwAAFAoAAAIB
.servenobid.com/ Name: pid_332
Value: fbd5152e-b767-47aa-a081-f4d6ab69df4c
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjAwNDUwsTQxMBXiM9Q1iowIcnQyLvQsisoCANh-xgUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjAwNDUwsTQxMBXiM9Q1iowIcnQyLvQsisoCANh-xgUlAAAA
.servenobid.com/ Name: pid_309
Value: e_581f5f8d-e908-480e-a10c-2d8654f73be4
.tremorhub.com/ Name: tvid
Value: f2dfcfcd831747daba219d6c3aba0af2
.tremorhub.com/ Name: tv_UIDF
Value: CAESEJ18ey7BIK9K303F5uIsr_4
.tremorhub.com/ Name: tvssa
Value: 1696230005106
.smaato.net/ Name: SCMsas
Value: 0410253733
.servenobid.com/ Name: pid_317
Value: 991522290600240239
.richaudience.com/ Name: pdid
Value: 63fb883a-651b-400b-af2e-1zz1696229991
.yellowblue.io/ Name: wrvUserID
Value: khC-g_0-kp_s
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-a8c1776f-8a3d-3f69-8f72-a73348e501aa
.admanmedia.com/ Name: admtr
Value: bedd2c67-8c85-4902-9a50-e4442a496de1
.servenobid.com/ Name: pid_352
Value: khC-g_0-kp_s
.servenobid.com/ Name: pid_328
Value: bedd2c67-8c85-4902-9a50-e4442a496de1
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qphzyAfS+4jbCe7wKMbYqCDCMq8R2imoRcPOdksngVsdStzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ek7+8UWvn5lu
.ads.pubmatic.com/ Name: KCCH
Value: YES
.servenobid.com/ Name: pid_310
Value: HatkrGZH4suyw0QsRTOF9U3R
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 162412:4
.pubmatic.com/ Name: DPSync3
Value: 1697414400%3A245_241_235_201
.pubmatic.com/ Name: SyncRTB3
Value: 1697068800%3A63%7C1697500800%3A35%7C1698796800%3A203%7C1696809600%3A2_223_15%7C1697414400%3A165_214_249_176_220_13_71_254_233_46_238_54_55_264_166_88_21_251_22_3_81_161_56_8_234
.quantserve.com/ Name: d
Value: ELgBGAGLKvijCJiTCuu4EA
.criteo.com/ Name: uid
Value: 9f41701b-8dce-4050-9df7-50a4a7580c68
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2e8u:19e0~2e8u:194o~2e8u:175w~2e8u:18z8~2e8u"
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlmZGxgYGBhYWr6C4lvamhkBACmwZCpIAAAAA
.servenobid.com/ Name: pid_316
Value: 4165A95C-45C6-40C1-9B5C-CCB105D8923B
.bg3.co/ Name: cto_bundle
Value: sAAsn19lQW1JSWU2SkZmSXE2NCUyRkxnamJqYlRtZFJuQWlPMFJuZUslMkZaUXl0aHFBRkdBbjBUeGxSN1hiT00lMkI2ekNMN1NpJTJGNWlOSXk3Y1BUeVpKUmU3VzJRT3F3ZUxHSGp6OTV2WDQlMkZ3N0xpTkdqZExHZHNVMEtHaE1sNktESFJJTjh2V0s1bE9iWVNRV0ZrTGpLa1JJTEJBbklBJTNEJTNE
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZRpqeQARh6EfOQA4
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 547a203c55840d1f2241e178587603fc

87 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/bd6977f810bb28c226292bf859d9d5df.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a9532c143a40dd434018802c75fba23f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7e3f9b3f829e70ee97a9bb508540ad6e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ae737a695a8ddcae486ff98f885b377d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/05db76c17227aa9b78589de617a4ff70.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7321329be97bddad18ddf6f55cb70d15.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d09ad06cff765c7bf397d64cf1e7b9a6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/33e4fd0e681f6f2b91aa39be646671a5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b02ba158580ca9e03b59f5163da513fa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/227eeb40360775d6105e8d597ce19483.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/84f02ad7614223612341dede58e80155.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f9d8635e6421878f5c0f084413073181.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/34e97d2b8e749f4fdaa055e87920556b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b02ba158580ca9e03b59f5163da513fa.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/755a3c3dba7802239712d7075bb7aec3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/6a2dff9af8b0f383a92945cc8c85ab7c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a58b736b35a366470ebfab208aaa785a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ec46f06c7f92d8668c176ca69a4c3b0e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/bb3d7b55a90924f5c4b245b6471623e6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b08f2412f9f1fa973b71a8055fa447f9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9fbc2108695aa5c9ff2881c5f4e6f2f1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5c99e3998934a33df6094170479da6ec.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4db8c3337876399452d52b354cf47f43.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/e922119d549b5a6ae3ce548cd4f9b2f9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/872a869190c93953ef758b630d4c0335.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/e669a00de6f7849cffe8117d1c28d7f1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/aec9d5ec80a4ef1a00e1ad37bfb9a406.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4f2294375a8ee3c2bce727c900856c30.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvbWxiLXJ1by1xaWFuLXhpYS1kYS1iaS14aXUteW91LXlvdS1xaS1iaW5nLWthby1sdS1idS1idS1mZWktZXItZGUuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 498)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Vsk8uOMCs3v9DG_g6GiCSa7JYjmgrT017YSDOzpGJ10
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://p.rfihub.com/cm?pub=44007&in=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZRpqck875hq32KDU7nQuNwAAFAoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_581f5f8d-e908-480e-a10c-2d8654f73be4&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6621940&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://usersync.gumgum.com/usersync?b=apn&i=313197623763080317
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://usersync.gumgum.com/usersync?b=oth&i=y-wEnQDtFE2pfE9OfT2vnk6FuYqiJ5BcdGSplk~A
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://usersync.gumgum.com/usersync?b=opx&i=38bc9adf-153c-053e-3130-9dad90cdf332
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3b022b79-6125-4ed3-a1a3-d2f185ad01d5&ssp=index&gdpr=&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=0410253733
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=vnt&i=78a92d03-eaeb-4451-b729-925419b6a25e
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://usersync.gumgum.com/usersync?b=sta&i=0-4f0ab0d8-1ac8-542c-6339-d8aa0506daac$ip$84.227.125.228
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LN8JJP2C-I-DSRO
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://match.prod.bidr.io/cookie-sync/verve?gdpr=0&gdpr_consent=,
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hOGMxNzc2Zi04YTNkLTNmNjktOGY3Mi1hNzMzNDhlNTAxYWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hOGMxNzc2Zi04YTNkLTNmNjktOGY3Mi1hNzMzNDhlNTAxYWEyAh0fOAE=%26gdpr%3D%26gdpr_consent%3D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://hal90009.redintelligence.net/viewability?s=80122400024887204438446012465009&a=8c17c6a6&vb=v
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.turn.com/r/cs?pid=45&rndcb=5756531302
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.turn.com/r/cs?pid=21
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=B978FB23-928E-478A-8F93-573AA38F2CFD&nel=0&eid=44736292%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html&dlt=1696229998788&idt=5016&dt=1696230005422&cookie=ID%3Da66565a41076df35-22f3557524df00d5%3AT%3D1696230000%3ART%3D1696230002%3AS%3DALNI_MYlFfMsN7k858SmLT_bjXFiEq5O0g&gpic=UID%3D00000c8a3cca59b1%3AT%3D1696230000%3ART%3D1696230000%3AS%3DALNI_MYUHAMBQE4ICCbsyIvil1Q7Wsgnvg&correlator=1415490699167376&scor=446290030864026&ged=ve4_td6_tt1_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4165A95C-45C6-40C1-9B5C-CCB105D8923B
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5QIIPw9E2uXkIByA55Yv28Ns2rN9Fts-~A&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5QIIPw9E2uXkIByA55Yv28Ns2rN9Fts-~A&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1224220665693558984
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIN-7S-AQWIkMHZIe8Mp6SE&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1224220665693558984
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIN-7S-AQWIkMHZIe8Mp6SE&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4165A95C-45C6-40C1-9B5C-CCB105D8923B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
javascript error URL: https://www.bg3.co/a/mlb-ruo-qian-xia-da-bi-xiu-you-you-qi-bing-kao-lu-bu-bu-fei-er-de.html
Message:
Access to XMLHttpRequest at 'https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696230009604&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1557&pt=-1851375812&tz=120&viewable=true&ddast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3' from origin 'https://www.bg3.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696230009604&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1557&pt=-1851375812&tz=120&viewable=true&ddast=V8FbUCLAYYSyaGoaQ5RhAwlkwMQ0lzjCgAAABgYID-AMnMdrvRzLJcayyL2Vq0cTnWwpXH49Y4RpvJaOMaeQy7ISCZ2W43mlmWa41lMVuLNi7HWrjyeNwax2gzGW1cI49hNwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZbaDodPte9Xvf73SU-z1zj9yv8arPFLXn93Yqnw-4WPh1ukcMtcbqFT9db-Xe9lX_XW_F0S5x2n1vr8LvFrrfE9Za43jKX062yvEUuu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cEMT1MVoeTrs_AAAAAIAAAAAAIAGAgH5YAiDGeO_E_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DEEO6r9sEEkz41IQXQRRgAAAACoxvvIj0zSCSoWVf7___utAFwBAAhQfH8Z_smiOyjxFgYAAEBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHq6UNEEFmZpqfgEBANb8AgIAsFE3AABvBOAEHYJWDAarExCzAwAAAHDn____Xw9I7ZYjj2Wzcm0sLttoOFguHLbBYOZwOWa-kXGz3J4T0SrgxD75nD4bwjL7fQcF5fT0mF0GGctlMogPGoblZBDMz4QtRqvJZLMczpaLyWA4Go5G-yOAywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw4_FNBpvlYi1zrpZr0WazWkucs8VaZVouRrPNzOMxmdyi18f0cWxWNpfNiwQDwvYieVqkE5XJOVyOhsOVYzabrWyTjWM5mS2WE4_L5VgsRsuJWKI5WaQT2WXf2i1HHstm5dpYXLbRcLBcOGyDwczhcsx8I-Nmue94fJPBZrlYy5yr5Vq02azWEudssVaZlovRbDPzeEwmt-j1MX0cm5XNZfM3ZsvZZLJcLpf7xmw5m0yWy-Vy36EzfFefs1FZVkk-KvNG-7ddb06DwmWweF_q03lYMBa8v8_RafMmlZ2d0e_3-_1-v9_v9_sNWs_BbFD4noe_cPpYnsvhbPQgNhgUsURwkU4ED7PbYXq5JT7Pxm8RS5Smi3SiV_jVZotb8vq7FU-H3S18Otwih1vidAufrrfy73or_6634umWOO0-t9bhd4tdb4nrLXG9ZS6nW2V5i1x2oelttoglgtNFOhG9jKeL-o8ccDSXTHZzxWQ1l0yGqwQAAAAAAAAAYAmmmW4CAAAA4GRQw81wsVqng5nMJoPdarkALoKydAGDAAAAAAAAFGvssQZ4mN0O08st8Xk2fisDkGDOY7bZZwSxVqtlDQAAQAAbAABAADfdeBNgVsX9____jwMAACAjhx4AAAD9PqAsAAAAAAAAfgUxGA4n-wegQqzVanW7sVarFbDANoPFcgL_____AQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vB!dfrc_vA!nonrv_vA!t45!tbt_lit_unit!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2949c0199b434f97f74158b7d78f440a.safeframe.googlesyndication.com
38e328628acc842d05ede1a013a1458a.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
analytics.pangle-ads.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.socket.io
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.chocolateplatform.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
google.partners.tremorhub.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal90009.redintelligence.net
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mts0.google.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pro.ip-api.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
socket.unibots.in
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.gonet-ads.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
um.simpli.fi
unibots.b-cdn.net
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
vjs.zencdn.net
wf.taboola.com
www.awin1.com
www.bg3.co
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.stickyadstv.com
am-wf.taboola.com
b1sync.zemanta.com
bh.contextweb.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
green.erne.co
hal90009.redintelligence.net
hbx.media.net
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.deepintent.com
odr.mookie1.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pm.w55c.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
simage2.pubmatic.com
simage4.pubmatic.com
static.bg3.co
stream.unibotscdn.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.outbrain.com
sync.smartadserver.com
t.adx.opera.com
us.ck-ie.com
usersync.gumgum.com
103.231.174.251
104.16.88.20
104.18.25.18
104.18.26.193
104.20.219.77
104.22.69.131
104.26.5.103
13.107.42.14
13.32.27.108
13.32.99.61
138.199.36.11
138.199.36.9
138.199.37.229
138.201.63.149
139.144.5.218
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.130
142.250.185.131
142.250.185.194
142.250.185.97
142.250.186.102
142.250.186.130
142.250.186.168
142.250.186.174
142.250.186.74
142.250.186.99
142.250.74.194
144.76.91.199
145.40.97.66
151.101.129.44
151.101.193.44
151.101.2.137
151.101.2.217
151.101.66.49
152.199.21.70
159.203.145.121
162.210.196.208
172.217.16.194
172.217.18.1
172.217.18.100
178.250.1.11
178.250.1.3
178.250.1.8
178.250.7.11
18.192.168.246
18.197.47.48
18.209.26.180
18.213.189.173
18.66.147.112
18.66.97.31
18.66.97.46
185.106.33.48
185.255.84.151
185.29.134.248
185.64.190.79
185.89.210.212
188.42.105.236
193.0.160.130
198.47.127.19
2.16.238.17
2.16.241.17
202.241.208.52
209.54.182.161
213.19.162.21
216.239.32.3
216.239.34.36
216.52.2.16
216.52.2.39
216.58.206.34
216.58.206.42
23.212.211.47
23.212.218.19
23.213.164.226
23.213.164.238
23.48.23.53
23.52.120.27
23.52.123.144
23.97.225.52
3.123.242.198
3.71.149.231
3.77.247.132
34.120.63.153
34.228.176.115
34.242.185.58
34.96.105.8
34.98.64.218
35.204.158.49
35.227.252.103
35.244.174.68
37.157.3.30
46.228.174.117
51.77.64.70
51.89.9.253
52.204.19.136
52.208.171.144
52.210.15.1
52.213.189.61
52.223.40.198
52.95.126.138
54.166.53.84
54.247.154.185
54.76.246.245
63.34.177.0
69.166.1.66
69.173.144.137
69.173.144.138
69.173.144.139
69.173.144.165
76.223.111.18
77.245.57.72
8.2.110.24
81.17.55.123
81.17.55.170
91.228.74.251
95.101.149.233
0184c504cb17eca263d2767e44a9c32662cb60821d2744411e70e6c26816a67a
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07cd50be7b89b6445dd9584ac2a8a8714dfe98af4f2a379d59407e5ce07d1808
07ef14e2f25d46ff983058007ab982a8ece931a3b1bd7f020602114e3e14d7bd
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
09798029e5b3cdff692b9688a6155c7d551402285b2446b2f0e53bde22782c97
09cb2b0b78096ad616660236523a32d752bb50011956d01bff365532dcad35a5
0a3940b4205c61e6cbb39293a9e106ee7a4c1e29c467c9a41830082aa7ee3259
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb32d39925a0b2076eb875a3441800e4ec21047ef34c7b05b8e702454e6ee8f
0e83bd31af7d90e35e92e338f69d5d35c77e12f4b70dabd0b15aad4778cf3dfb
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
125abd02e7e26bfbbb3638931f04b0afcd1d70a18dcc12bd10f7e8491258c90c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12f671dc70e03fd34ff707eee40017714886632aeae47cd8e581517e79caaf9b
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
149f00b29a6d331b2204e75c2bc0f1f712cfdac4b4b49c39cb102390eda9751d
16c1a8284ac22bac6889f84dcbc193f8ffd78f080d9e4378406b3a67b6b555b3
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
208f2c68b4053a2b545dfe35b37a190fcb9db3a7280744a3559122a9600ba14c
21ba3174442c248be25b8a8fccb1b161af2cf9db4afb3190e532e10aa0bf6e2b
223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961
24779492e09ab7074ac2838f765a56575f9d3146807f6a1d5ad97341ced884d1
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27eefc7344a7a0b111b1e17c53e133d4a28defa92c944d4354702c7869f38136
287e807a2ea1d888b922d4d04efb6c508c10f5c30486b90d7f66e9a158f196b9
2a54692097b11421cffe19b9c3d88cfd89bf9a791afc815f02840e00f7701773
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3165d39410ba0be38b324407b5857f0b0812fdb00796e09463e53a6400e5b6e1
3499ddebef3a529b7a535027816cdddb941c3258c932337f939ac73e71c0824c
3518aec29d9d15101a5c9a36164c0d18bf4cc9a38f870a5174ad9e3292201867
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3839fc6d5d6a4e38cebc1c2d4ae37f665555b79ab103c5b9afa0633319042176
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab8007c277130826b8a87e5b30bd689ee55a199d430c36e2032c9611a538dbe
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25
3c248cbbf83e1b946ebc62424d0dc95052b88f66c2ebf9f38cc1c896d97f47e3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f37d46b08205e8b1400156c75b371a30ed82a7c393d719971905edf39b7360e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4203ae4cefb9b6a01ff04701d989298d7ab1c318a7744d9850590d17b2e9ebc4
42cf5fdc1512fe2be4054470c3aee5f2b08cb6bfb6df193b9ca6575f4c03ed26
431a27b2608fd79ecd69bf7de0df672af9ef33fe27939987a0803b49a47d2f49
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44900516ed99172cb5efe927181856c67bb9c8cc26cfd2ead6354a092226e117
44c9e4d6cc84fe235db0800274090c3335ecc1fcb54bbbebc324c278bb50c197
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
477a7fae3a7e2bead63af7bdf527065d5ff15cdff691403c96d97c053ea8463f
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b613d8a2839d32b9849f927a4e49160703fda13951d435d0946b0027c83b860
4ddbeab2687daccf77f6ca6803f852b1fe9f906a65289af736e49ae9e2a39f85
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb
518ca4ff6d83fab8f9f854ffdd2f771a7b457fe56480c5badd00931abd8bd708
522a648f5f313ee5ca9b75207869255565317fbc99e86eef86cc56ebb032ee64
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5636bce946d393ea64cf243be306459731c580d701764e240d3850b777b159cd
56605862bcd66320a8520bd902e2b6f73472e9ffc19dc9a7e3b0829550767aaa
56b39bd015b4274cd9a208b5dbfc15becb34993d0f389a8faad14cd0f80329e4
59627d3e720fada9d462300835396b47228004be295364d3f31e6d5e533c2e3d
5d50a1bb19f114654736fdc27536a37bff99285b6e5661ea43b674b36e87426e
5f80a04cdd4be5d8dd67aca4657b7d6b8c3159785172880d04920c53e3c31e98
606813c27027f7d4b6f1ddca3ee78eaa96457ae792681c149224ea2fbae1d9ca
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
614c6d112827c5c814c7489413c183793f8e1fd50ead1954368363875bfef62c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63b5415842a0950a3783f45d83215e93dbe7ef1aacaf22628d69a3b9f3832279
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
67b4f076d8238e4b16e0b8fd55d835c9cfbe7926ac806890873373c4606b0d85
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6d9f588174bbbb03008b55f27b3aa0d2f5203d4a9f1726368a49ad53a02da0e8
6e98c5e947bd00072d025c83203e2ef8aa28b281a4354a9ed6031c3cd8c8cafd
6ed21ad71fca37e2ec2d341154dc82c788cbcdae73eb3039e27360c6906b45a0
6f11c17258ff953871d290ea0c0c220fac8a891256c84390df832a4a454cbe95
70748edfe3255edd3bd0b4ccd6d6a5bc4d388985b4a50817f8501de37f6ed289
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
75f2237ed2c2cfd5b21e4e898e75097480d53306136cd25c252da1ffe4376279
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bc0bfb1d50197a581f0f5905de6da3f1a8d82f7e31cf722ebbbbf77682535f9
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8136b6f5cdaae8268756bc5e0011679d1fe97372fda15032f799e7888e11fe48
81503164d8bba62006bb12b60243a74021f20dd5fdc2e22d54a22be13a6c5373
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
838334c208d02c71f08bed18d8afac0c1f3b437942758186db661389af5e5ad9
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85b154e9ddc06673035cb5648793cf2dc5a8a5f075fada2fc997d044500dba81
85bfaf083e3a519724935ff5fe8f381b0e605890c8cab9121cd69fafe46edbca
866a536f9b7b40e6e94f02cb5381f054c127c0329ebb41f20597a2b37ea22c64
8974c7de3825a8cd4f7a46cb779898056bf499a52259aeacd574995bb508a311
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be40bf99168e92df8fcce7ba6034cd810e348597170fc49c9507b3cf1ff8afa
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
91eea04a2b7be10820e7adf0c0cf6a1aa2cdc24f60c419fc6020f0369f048ce4
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
92b6509860512f6d249439e8a2b559c5334d94187d276ea02b245d528e3870d1
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1
9356f733a4d1af19e8fb3dd78dcf8dc431f00c56cbc6ec1da353c4eeedf9615d
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
97cf806466c39d7e2d4103dfcf5b1b3a4f32715b92737d0a7025d3967f693fba
985f747f87379767a742298e0f1935eeb304627f089b849367c62d99f7932279
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99f592812d5f7c7fc4bb3a6eaff505d0483788bc7273afd762c94b2d675be754
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d4fae62ee40c5de56576d84c19aed428f79f00d500849d0a338bae1f5b5bfa2
9d6dd0fa2d83626c92186fd85edc876379a9374580242ab711a7cc7704412ee3
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2646c51b9cad8f4630d293fc275ce3ce4e8ad9628d0c7000b25d9b33bf53100
a27ce63798bf6d6cfd220a5e4b425404dfe9aef4fdb2bd967e92ab3858064d52
a2a6874083f0e1ba2b7e1342b75200cadcaa71b754b1b844f00120eafad14b1e
a2d14dc972639b36011d605d4f34343c303857a72f5109c641ae38e20b06b503
a3b81ea77193cef7e60595347b4c11fd4528cec7133075aba100d37f5ce9c5cf
a3c95612cd6e56547cf213319964b01ed2ed4c547ad1bd6d252fe050ee76c2a4
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4d3f6d92bcd0c43860de7b286d7a4d2b87b73b52e9d51478084dbf603487ad2
a65d634fe39d34d1c8f4238d5752b8151f2ea7ad37b52ece8a4626242663cf63
a8a347e67412b43a5f7b1f5dd68e82101655949c78da94255ae1708e5ff38819
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aaf8ad94a21829eaa050674651c02e8a731a87a09e601cdf0ab4e4e3ce54812e
ac137304ab4d4930e110695e58ea679afcb6f8f2147ae817b115366c52aa441e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af1947433ae57ae0116de0945c479cec327b8316985e1f89520c84faa017e7c1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d1ad2510d04fa0fabf9cae76b05337e9e4c8b862fa42bd2ea924445b3b9a76
b2f1bacc6c1358d22e92d0d703b59f55c22e5c45da8229785626027ba3e4677e
b9809b000023d94394d540824cf3cfcc81ef258b8af7a15a676d9f51b29c1dc6
b9b9dd0264c451af8fc584a77c4cb3a5aca73a623fd1ddcd93dba0d637636018
b9ca88ff32a453c0d8a5bd64d52474826dd9225343b12bca882251daf5448682
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc7374922de3a3683cb84cc9bef93561f0bc709f0b36d54df5ce7df85700c7c
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c1fe3e0470e4cee0f8b06212cf1a6a34bacefc2c94818a5cda8e7687cc4551ea
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c5b0e49e3944dbfaed572cb581440050393e979e01dcec9120589bb31303bd62
ca121181499f1506eeeb39b53538311b023d12c99f6d9a183b6759520aec600d
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca8807fbc1da6011747cf687c91060ced3e90e0e6ff78da4813186f5fc09e54e
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7f8f0e6487904fc554d741c1711821911ea29ea9b75b6742d31b77bd5e536c8
dc006bfbbcbad80c8963e9c777aa692c334580f0c7107004e9d00529c642fd2d
dd1f1644e6d0573f3ff811e97a23f7c91c0ff43fe9c2082828fef214be36847f
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
dea582ef1baf5e03535a91a5b3dc94658a3622fe76b34aa07634a7f3078ca007
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e2ec29fd9115bba7ee0c26cfb4c1db740a70717d7f4154c34068a878952f9ff5
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6
e6d10d04e79772837e390bd71c1604615c7de4e087a3a9d175d7c1f848d4a8e5
e71f64f66cece1b2465804fdfdad53a401bb05aacb5db2a5000c5195d277be60
ea32992140c25154617ebfb474d5518028290220d50e0b9bf2355f4780c0ac12
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f22eb3448a443f950989ee02b815d7239a0cb487b56171f84e426db77dbbcffc
f3226efde9a0cef0c23b7df69f8c750e08bcc3791121debbc204072b7a607b00
f332e339d14fe0eb32f990021f88c89b8a9258c79feadc0b5b0f4f75e1500716
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f738a2651ab75ee70ab19f3d790a692b5d0985bdf73a4e34972630a5f0d9e095
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
f9c3fa50962370f1ae46bd5dad46d7aa7a738c6599035b456691e90aec819ac2
fb144eafbd85325b5dd4115335426c21d965cb34bf5b08917bdd4a76f3345dcc
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e